(eset):research;

Research has been at the core of ESET and its technology since the company's inception. The journey began in 1987, when ESET co-founders Miroslav Trnka and Peter Paško uncovered one of the world's first computer viruses, which they named "Vienna" and wrote a program to detect it. Many other discoveries quickly followed.

More than 30 years later, ESET remains at the forefront of cybersecurity research, operating 13 R&D centers across the world that analyze, monitor and anticipate new threats. In recent years alone, ESET researchers have made a number of significant discoveries that shed light on various malicious campaigns orchestrated by the world’s most advanced threat actors. They have also identified multiple high-impact vulnerabilities in third-party products and services.

Over the years, ESET’s experts have assisted law enforcement with disruptions of several notorious cybercrime operations. They also frequently present at leading industry conferences and are among the most referenced contributors to the MITRE ATT&CK® knowledge base of adversary tactics and techniques.

@ESETresearch | ESET GitHub | ESET Coordinated Vulnerability Disclosure Policy


2256 articles

Sednit update: Analysis of Zebrocy

Sednit update: Analysis of Zebrocy

Sednit update: Analysis of Zebrocy

Zebrocy heavily used by the Sednit group over last two years

ESET Research24 Apr 2018


Beware ad slingers thinly disguised as security apps

Beware ad slingers thinly disguised as security apps

Beware ad slingers thinly disguised as security apps

ESET researchers have analyzed a newly discovered set of apps on Google Play, Google's official Android app store, that pose as security applications. Instead of security, all they provide is unwanted ads and ineffective pseudo-security.

Lukas Stefanko05 Apr 2018


Lazarus KillDisks Central American casino

Lazarus KillDisks Central American casino

Lazarus KillDisks Central American casino

The Lazarus Group gained notoriety especially after cyber-sabotage against Sony Pictures Entertainment in 2014. Fast forward to late 2017 and the group continues to deploy its malicious tools, including disk-wiping malware known as KillDisk, to attack a number of targets.

Peter Kálnai and Anton Cherepanov03 Apr 2018


Pingu Cleans Up: Subscription scam on Google Play

Pingu Cleans Up: Subscription scam on Google Play

Pingu Cleans Up: Subscription scam on Google Play

The game was uploaded to Google Play and attempted to trick users into unwittingly signing up for a weekly paid subscription

Lukas Stefanko29 Mar 2018


The Last Windows XP Security White Paper

The Last Windows XP Security White Paper

The Last Windows XP Security White Paper

Using the strategies and procedures we present in our paper could help prevent an attacker from taking control of your computer

Aryeh Goretsky27 Mar 2018


Glupteba is no longer part of Windigo

Glupteba is no longer part of Windigo

Glupteba is no longer part of Windigo

Latest ESET research strongly suggests that Glupteba is no longer tied to the infamous Operation Windigo.

Frédéric Vachon22 Mar 2018


Dangerous malware stealing bitcoin hosted on Download.com for years

Dangerous malware stealing bitcoin hosted on Download.com for years

Dangerous malware stealing bitcoin hosted on Download.com for years

ESET researchers dicovered that Trojanized applications used to steal bitcoin were hosted inadvertently by the popular website download.cnet.com.

Michal Poslušný and Peter Kálnai14 Mar 2018


OceanLotus ships new backdoor using old tricks

OceanLotus ships new backdoor using old tricks

OceanLotus ships new backdoor using old tricks

To smuggle the backdoor onto a targeted machine, the group uses a two-stage attack whereby a dropper package first gains a foothold on the system and sets the stage for the backdoor itself. This process involves some trickery commonly associated with targeted operations of this kind.

Tomáš Foltýn13 Mar 2018


New traces of Hacking Team in the wild

New traces of Hacking Team in the wild

New traces of Hacking Team in the wild

Since being founded in 2003, the Italian spyware vendor Hacking Team gained notoriety for selling surveillance tools to governments and their agencies across the world. The capabilities of its flagship product, the Remote Control System (RCS), include extracting files from a targeted device, intercepting emails and instant messaging, as well as remotely activating a device’s webcam and microphone.

Filip Kafka09 Mar 2018