Threat Reports
ESET Threat Report H1 2024
ESET Threat Report H1 2024
In the H1 2024 Threat Report, the ESET research team reviews the main trends and developments shaping the threatscape from December 2023 to May 2024. Infostealers, for example, increasingly impersonated generative AI tools while cracked video games and cheating tools were often laden with RedLine Stealer and Lumma Stealer. The period under review also painted a dynamic landscape of Android financial threats and saw a number of interesting developments on the ransomware scene and in other corners of the threat landscape.
ESET APT Activity Report Q4 2023–Q1 2024
ESET APT Activity Report Q4 2023–Q1 2024
This report looks at notable operations of selected APT groups from October 2023 to March 2024, which are representative of the broader trends and developments on the threat landscape as investigated by ESET researchers in Q4 2023 and Q1 2024. This period saw a significant increase in activity from Iran-aligned threat groups while several China-aligned bad actors exploited vulnerabilities in public-facing appliances and Russia-aligned groups focused on espionage within the European Union and attacks on Ukraine.
ESET Threat Report H2 2023
ESET Threat Report H2 2023
This issue of ESET's Threat Report provides an overview of the top threats and trends as observed by our experts from June to November 2023. Among other things, it highlights a number of notable developments on the threat landscape, including campaigns that target users of tools like ChatGPT, a significant increase in Android spyware cases, and new strategies on the ransomware scene.
ESET APT Activity Report Q2 2023–Q3 2023
ESET APT Activity Report Q2 2023–Q3 2023
This issue of the report summarizes the activities of selected advanced persistent threat (APT) groups that were observed, investigated, and analyzed by ESET researchers from April 2023 until the end of September 2023. In the monitored timespan, we observed a notable strategy of APT groups utilizing the exploitation of known vulnerabilities, including in WinRAR, Microsoft Exchange servers and IIS servers, to exfiltrate data from governmental entities or related organizations.
ESET Threat Report H1 2023
ESET Threat Report H1 2023
The H1 2023 issue of ESET Threat Report reviews the key trends and developments that shaped the threat landscape between December 2022 and May 2023. Among other findings, it shows that cybercriminals have remarkable adaptability and relentlessly pursue new avenues to achieve their nefarious goals – be it through exploiting vulnerabilities, gaining unauthorized access, compromising sensitive information, or defrauding individuals. Importantly, this issue also includes design improvements and features a new approach to data presentation.
ESET APT Activity Report Q4 2022–Q1 2023
ESET APT Activity Report Q4 2022–Q1 2023
What were some of the world's most notorious APT groups up to from October 2022 to March 2023? As this report shows, several China-aligned threat actors such as Ke3chang and Mustang Panda focused on European organizations, targeting them with new malicious wares. Meanwhile, Iran-aligned group OilRig deployed a new custom backdoor in Israel. North Korea-aligned groups continued to focus on South Korean and South Korea-related entities. Russia-aligned APT groups were especially active in Ukraine and EU countries, with Sandworm deploying wipers.
ESET Threat Report T3 2022
ESET Threat Report T3 2022
This issue of ESET's Threat Report reviews the key developments that defined the threat landscape in the final four months of 2022. Russia's war on Ukraine continued to impact everything from global economy to cyberspace, where the ransomware scene in particular went through major shifts, all while RDP attacks took a nosedive. This, of course, barely scratches the surface of what the report reveals. Additionally, the report highlights some of the key findings by ESET researchers in late 2022.
ESET APT Activity Report T3 2022
ESET APT Activity Report T3 2022
This issue of the ESET APT Activity Report reviews the activities of selected APT groups as observed, investigated, and analyzed by ESET researchers from September to December 2022. Russia-aligned APT groups continued to be particularly involved in operations targeting Ukraine, deploying destructive wipers and ransomware. For example, we detected the infamous Sandworm group using a previously unknown wiper against an energy sector company in Ukraine.
ESET APT Activity Report T2 2022
ESET APT Activity Report T2 2022
The first instalment of the ESET APT Activity Report – which looks at advanced persistent threat (APT) activity in May to August 2022 and accompanies the ESET Threat Report covering the same period – features insights of ESET Research into the activity of Russia-, China-, Iran-, and North Korea-aligned threat actors. Among many other things, the report shows that even more than eight months after the Russian invasion, Ukraine continues to be a prime target of Russia-aligned APT groups.