Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-04-20ESET ResearchPeter Kálnai, Marc-Etienne M.Léveillé
@online{klnai:20230420:linux:fd293b6, author = {Peter Kálnai and Marc-Etienne M.Léveillé}, title = {{Linux malware strengthens links between Lazarus and the 3CX supply‑chain attack}}, date = {2023-04-20}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2023/04/20/linux-malware-strengthens-links-lazarus-3cx-supply-chain-attack}, language = {English}, urldate = {2023-04-25} } Linux malware strengthens links between Lazarus and the 3CX supply‑chain attack
BADCALL 3CX Backdoor BADCALL IconicStealer
2022-07-19ESET ResearchMarc-Etienne M.Léveillé
@online{mlveill:20220719:i:d9dc1d5, author = {Marc-Etienne M.Léveillé}, title = {{I see what you did there: A look at the CloudMensis macOS spyware}}, date = {2022-07-19}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/07/19/i-see-what-you-did-there-look-cloudmensis-macos-spyware/}, language = {English}, urldate = {2022-07-20} } I see what you did there: A look at the CloudMensis macOS spyware
CloudMensis
2022-01-25ESET ResearchMarc-Etienne M.Léveillé, Anton Cherepanov
@online{mlveill:20220125:watering:e1afb71, author = {Marc-Etienne M.Léveillé and Anton Cherepanov}, title = {{Watering hole deploys new macOS malware, DazzleSpy, in Asia}}, date = {2022-01-25}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/01/25/watering-hole-deploys-new-macos-malware-dazzlespy-asia/}, language = {English}, urldate = {2022-01-25} } Watering hole deploys new macOS malware, DazzleSpy, in Asia
2021-02-02ESET ResearchMarc-Etienne M.Léveillé, Ignacio Sanmillan
@online{mlveill:20210202:kobalos:5bb5548, author = {Marc-Etienne M.Léveillé and Ignacio Sanmillan}, title = {{Kobalos – A complex Linux threat to high performance computing infrastructure}}, date = {2021-02-02}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/02/02/kobalos-complex-linux-threat-high-performance-computing-infrastructure/}, language = {English}, urldate = {2021-02-02} } Kobalos – A complex Linux threat to high performance computing infrastructure
Kobalos
2020-07-16ESET ResearchMarc-Etienne M.Léveillé
@online{mlveill:20200716:mac:405cc1d, author = {Marc-Etienne M.Léveillé}, title = {{Mac cryptocurrency trading application rebranded, bundled with malware}}, date = {2020-07-16}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/07/16/mac-cryptocurrency-trading-application-rebranded-bundled-malware/}, language = {English}, urldate = {2020-07-16} } Mac cryptocurrency trading application rebranded, bundled with malware
Gmera
2020-02-02ESET ResearchMarc-Etienne M.Léveillé, Ignacio Sanmillan
@techreport{mlveill:20200202:tlp:39ce93c, author = {Marc-Etienne M.Léveillé and Ignacio Sanmillan}, title = {{TLP: WHITE A WILD KOBALOS APPEARSTricksy Linux malware goes after HPCs}}, date = {2020-02-02}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2021/01/ESET_Kobalos.pdf}, language = {English}, urldate = {2021-02-04} } TLP: WHITE A WILD KOBALOS APPEARSTricksy Linux malware goes after HPCs
Kobalos
2019-10-07ESET ResearchMarc-Etienne M.Léveillé, Mathieu Tartare
@techreport{mlveill:20191007:connecting:e59d4c8, author = {Marc-Etienne M.Léveillé and Mathieu Tartare}, title = {{CONNECTING THE DOTS: Exposing the arsenal and methods of the Winnti Group}}, date = {2019-10-07}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2019/10/ESET_Winnti.pdf}, language = {English}, urldate = {2020-01-10} } CONNECTING THE DOTS: Exposing the arsenal and methods of the Winnti Group
LOWKEY shadowhammer ShadowPad
2019-03-11ESET ResearchMarc-Etienne M.Léveillé
@online{mlveill:20190311:gaming:8449e78, author = {Marc-Etienne M.Léveillé}, title = {{Gaming industry still in the scope of attackers in Asia}}, date = {2019-03-11}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2019/03/11/gaming-industry-scope-attackers-asia/}, language = {English}, urldate = {2020-01-13} } Gaming industry still in the scope of attackers in Asia
APT41
2018-12-05ESET ResearchMarc-Etienne M.Léveillé
@online{mlveill:20181205:dark:ac089e8, author = {Marc-Etienne M.Léveillé}, title = {{The Dark Side of the ForSSHe}}, date = {2018-12-05}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2018/12/05/dark-side-of-the-forsshe/}, language = {English}, urldate = {2019-11-14} } The Dark Side of the ForSSHe
Ebury
2018-12-01ESET ResearchRomain Dumont, Marc-Etienne M.Léveillé, Hugo Porcher
@techreport{dumont:20181201:dark:20efc15, author = {Romain Dumont and Marc-Etienne M.Léveillé and Hugo Porcher}, title = {{THE DARK SIDE OF THE FORSSHE: A landscape of OpenSSH backdoors}}, date = {2018-12-01}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2018/12/ESET-The_Dark_Side_of_the_ForSSHe.pdf}, language = {English}, urldate = {2020-01-09} } THE DARK SIDE OF THE FORSSHE: A landscape of OpenSSH backdoors
Ebury
2017-10-24ESET ResearchMarc-Etienne M.Léveillé
@online{mlveill:20171024:bad:5653a57, author = {Marc-Etienne M.Léveillé}, title = {{Bad Rabbit: Not‑Petya is back with improved ransomware}}, date = {2017-10-24}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2017/10/24/bad-rabbit-not-petya-back/}, language = {English}, urldate = {2019-07-11} } Bad Rabbit: Not‑Petya is back with improved ransomware
EternalPetya
2017-08-24ESET ResearchMarc-Etienne M.Léveillé
@online{mlveill:20170824:bad:78b7a5e, author = {Marc-Etienne M.Léveillé}, title = {{Bad Rabbit: Not‑Petya is back with improved ransomware}}, date = {2017-08-24}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2017/10/24/bad-rabbit-not-petya-back}, language = {English}, urldate = {2022-08-25} } Bad Rabbit: Not‑Petya is back with improved ransomware
EternalPetya Sandworm
2017-02-22ESET ResearchMarc-Etienne M.Léveillé
@online{mlveill:20170222:new:effd5eb, author = {Marc-Etienne M.Léveillé}, title = {{New crypto‑ransomware hits macOS}}, date = {2017-02-22}, organization = {ESET Research}, url = {http://www.welivesecurity.com/2017/02/22/new-crypto-ransomware-hits-macos/}, language = {English}, urldate = {2019-12-20} } New crypto‑ransomware hits macOS
Patcher
2016-07-06ESET ResearchMarc-Etienne M.Léveillé
@online{mlveill:20160706:new:f0cfc2c, author = {Marc-Etienne M.Léveillé}, title = {{New OSX/Keydnap malware is hungry for credentials}}, date = {2016-07-06}, organization = {ESET Research}, url = {http://www.welivesecurity.com/2016/07/06/new-osxkeydnap-malware-hungry-credentials/}, language = {English}, urldate = {2019-12-20} } New OSX/Keydnap malware is hungry for credentials
Keydnap
2015-04-28ESET ResearchMarc-Etienne M.Léveillé
@techreport{mlveill:20150428:unboxing:647ba0d, author = {Marc-Etienne M.Léveillé}, title = {{Unboxing Linux/Mumblehard: Muttering spam from your servers}}, date = {2015-04-28}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2015/04/mumblehard.pdf}, language = {English}, urldate = {2022-05-11} } Unboxing Linux/Mumblehard: Muttering spam from your servers
Mumblehard
2015-03-09ESET ResearchMarc-Etienne M.Léveillé
@online{mlveill:20150309:cryptofortress:8ff6323, author = {Marc-Etienne M.Léveillé}, title = {{CryptoFortress mimics TorrentLocker but is a different ransomware}}, date = {2015-03-09}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2015/03/09/cryptofortress-mimics-torrentlocker-different-ransomware/}, language = {English}, urldate = {2019-11-14} } CryptoFortress mimics TorrentLocker but is a different ransomware
CryptoFortress
2014-03ESET ResearchOlivier Bilodeau, Pierre-Marc Bureau, Joan Calvet, Alexis Dorais-Joncas, Marc-Etienne M.Léveillé, Benjamin Vanheuverzwijn
@techreport{bilodeau:201403:operation:40b7f42, author = {Olivier Bilodeau and Pierre-Marc Bureau and Joan Calvet and Alexis Dorais-Joncas and Marc-Etienne M.Léveillé and Benjamin Vanheuverzwijn}, title = {{OPERATION WINDIGO}}, date = {2014-03}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2014/03/operation_windigo.pdf}, language = {English}, urldate = {2020-01-08} } OPERATION WINDIGO
Ebury
2014-02-21ESET ResearchMarc-Etienne M.Léveillé
@online{mlveill:20140221:indepth:3ee584f, author = {Marc-Etienne M.Léveillé}, title = {{An In‑depth Analysis of Linux/Ebury}}, date = {2014-02-21}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2014/02/21/an-in-depth-analysis-of-linuxebury/}, language = {English}, urldate = {2019-11-14} } An In‑depth Analysis of Linux/Ebury
Ebury