Award-winning news, views, and insight from the ESET security community
ESET Research
ESET Research Podcast: Finding the mythical BlackLotus bootkit
Here's a story of how an analysis of a supposed game cheat turned into the discovery of a powerful UEFI threat
ESET Research • 12 Jul 2023
Threat Reports
ESET Threat Report H1 2023
A view of the H1 2023 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts
Roman Kováč • 11 Jul 2023
What’s up with Emotet?
A brief summary of what happened with Emotet since its comeback in November 2021
Jakub Kaloč • 06 Jul 2023
Android GravityRAT goes after WhatsApp backups
ESET researchers analyzed an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can receive commands to delete files
Lukas Stefanko • 15 Jun 2023
Asylum Ambuscade: crimeware or cyberespionage?
A curious case of a threat actor at the border between crimeware and cyberespionage
Matthieu Faou • 08 Jun 2023
Shedding light on AceCryptor and its operation
ESET researchers reveal details about a prevalent cryptor, operating as a cryptor-as-a-service used by tens of malware families
Jakub Kaloč • 25 May 2023
Android app breaking bad: From legitimate screen recording to file exfiltration within a year
ESET researchers discover AhRat – a new Android RAT based on AhMyth – that exfiltrates files and records audio
Lukas Stefanko • 23 May 2023
Evasive Panda APT group delivers malware via updates for popular Chinese software
ESET Research uncovers a campaign by the APT group known as Evasive Panda targeting an international NGO in China with malware delivered through updates of popular Chinese software
Facundo Muñoz • 26 Apr 2023
Linux malware strengthens links between Lazarus and the 3CX supply-chain attack
Similarities with newly discovered Linux malware used in Operation DreamJob corroborate the theory that the infamous North Korea-aligned group is behind the 3CX supply-chain attack
Peter Kálnai and Marc-Etienne M.Léveillé • 20 Apr 2023