Tag: APT group
eXotic Visit campaign: Tracing the footprints of Virtual Invaders
ESET researchers have discovered an active espionage campaign targeting Android users with apps primarily posing as messaging services. While these apps offer functional services...
Breaking News
VajraSpy: A Patchwork of espionage apps
ESET researchers have identified twelve Android espionage apps that share the same malicious code: six were available on Google Play, and six were found...
Blackwood hijacks software updates to deploy NSPX30 – Week in security with Tony Anscombe
Video The previously unknown threat actor used the implant to target Chinese and Japanese companies, as well as individuals in China, Japan, and...
NSPX30: A sophisticated AitM-enabled implant evolving since 2005
ESET researchers provide an analysis of an attack carried out by a previously undisclosed China-aligned threat actor we have named Blackwood, and that we...
Microsoft: Iran’s Mint Sandstorm APT Blasts Educators, Researchers
The Iran-linked Mint Sandstorm group is targeting Middle Eastern affairs specialists at universities and research organizations with convincing social engineering efforts, which conclude by...
Exploit for Critical Windows Defender Bypass Goes Public
A proof-of-concept exploit (PoC) has become available for a critical zero-day vulnerability in the Windows SmartScreen technology.Microsoft issued a patch for the issue in...
Proof of Concept Exploit Publicly Available for Critical Windows SmartScreen Flaw
A proof of concept exploit has become available for a critical zero-day vulnerability in Windows SmartScreen technology for which Microsoft issued a patch in...
Arid Viper Camouflages Malware in Knockoff Dating App
APT group Arid Viper targets Arabic-speaking Android users with a spoof version of a dating app to collect sensitive user information.According to research by...
Roundcube zero-day exploited in attacks on European governments – Week in security with Tony Anscombe
Video The zero-day exploit deployed by the Winter Vivern APT group only requires that the target views a specially crafted message in a...
Microsoft: China’s Behind Atlassian Confluence Attacks; PoCs Available
A China-sponsored advanced persistent threat (APT) tracked as Storm-0062 is responsible for the in-the-wild exploitation of the recently disclosed critical bug in Atlassian Confluence...
Operation Jacana: Foundling hobbits in Guyana
In February 2023, ESET researchers detected a spearphishing campaign targeting a governmental entity in Guyana. While we haven’t been able to link the campaign,...
How Lazarus impersonated Meta to attack a target in Spain – Week in security with Tony Anscombe
Video During the attack, the group deployed several tools, most notably a newly-discovered sophisticated backdoor that ESET named LightlessCan 29 Sep...
ESET’s cutting-edge threat research at LABScon – Week in security with Tony Anscombe
Video Two ESET malware researchers took to the LABScon stage this year to deconstruct sophisticated attacks conducted by two well-known APT groups ...