Robert Lipovsky

Robert Lipovsky

Principal Threat Intelligence Researcher


Education? Master’s Degree in Computer Science from the Slovak University of Technology in Bratislava

Highlights of your career? Giving presentations at several security conferences, including EICAR, CARO, and Virus Bulletin.

Position and history at ESET? Malware Researcher since 2007, currently holds the position Security Intelligence Team Lead.

What malware do you hate the most? Grayware/PUAs – when malware authors complain about detection and try to convince you they’re not malware.

Favorite activities? Snowboarding, listening to music, playing guitar…

What is your golden rule for cyberspace? Be reasonably paranoid..

When did you get your first computer and what kind was it? During primary school. It was an Intel 8088 palmtop, used it for programming in GW-BASIC 

Favorite computer game/activity? Project I.G.I.


49 articles by Robert Lipovsky

Malware

Krysanec trojan: Android backdoor lurking inside legitimate apps

Krysanec trojan: Android backdoor lurking inside legitimate apps

Malware

Krysanec trojan: Android backdoor lurking inside legitimate apps

One of the most important pieces of advice we give Android users is to refrain from downloading applications from dubious sources and to stick to the official Google Play store, where malware does show up from time to time but is much better controlled, thanks to the Google Bouncer, than on alternative app stores.

Robert Lipovsky12 Aug 20143 min. read


ESET Research

Android/Simplocker using FBI child-abuse warnings to scare victims into paying $300

Android/Simplocker using FBI child-abuse warnings to scare victims into paying $300

ESET Research

Android/Simplocker using FBI child-abuse warnings to scare victims into paying $300

Last time we wrote about Android/Simplocker – the first ransomware for Android that actually encrypts user files – we discussed different variants of the malware and various distribution vectors that we’ve observed. Android/Simplocker has proven to be an actual threat in-the-wild in spite of its weaknesses…

Robert Lipovsky22 Jul 20142 min. read


ESET Research

UPDATED: Simplocker ransomware: New variants spread by Android downloader apps

UPDATED: Simplocker ransomware: New variants spread by Android downloader apps

ESET Research

UPDATED: Simplocker ransomware: New variants spread by Android downloader apps

ESET LiveGrid® telemetry has indicated several new infection vectors used by Android/Simplocker. The “typical” ones revolve around internet porn, or popular games like Grand Theft Auto: San Andreas.

Robert Lipovsky25 Jun 20143 min. read


ESET research

ESET Analyzes Simplocker - First Android File-Encrypting, TOR-enabled Ransomware

ESET Analyzes Simplocker - First Android File-Encrypting, TOR-enabled Ransomware

ESET research

ESET Analyzes Simplocker - First Android File-Encrypting, TOR-enabled Ransomware

Last weekend saw the (somewhat anticipated) discovery of an interesting mobile trojan – the first spotting of a file-encrypting ransomware for Android by our detection engineers.

Robert Lipovsky04 Jun 20144 min. read


Malware

Android malware worm catches unwary users

Android malware worm catches unwary users

Malware

Android malware worm catches unwary users

An interesting new piece of Android malware has been spotted this week. The threat, detected by ESET security products as Android/Samsapo.A, uses a technique typical of computer worms to spread itself.

Robert Lipovsky30 Apr 20142 min. read


ESET Research

Corkow: Analysis of a business-oriented banking Trojan

Corkow: Analysis of a business-oriented banking Trojan

ESET Research

Corkow: Analysis of a business-oriented banking Trojan

Win32/Corkow is banking malware with a focus on corporate banking users. We can confirm that several thousand users, mostly in Russia and Ukraine, were victims of the Trojan in 2013. In this post, we expand on its unique functionality.

Robert Lipovsky and Anton Cherepanov27 Feb 20149 min. read


ESET research

Corkow: analysis of a business-oriented banking Trojan

Corkow: analysis of a business-oriented banking Trojan

ESET research

Corkow: analysis of a business-oriented banking Trojan

In his blog post last week, Graham Cluley introduced the Win32/Corkow banking trojan. The malware has demonstrated continuous activity in the past year, infecting thousands of users - various indicators point to the fact the malware authors are continually developing the trojan.

Robert Lipovsky and Anton Cherepanov21 Feb 201410 min. read


Less Technical

Cryptolocker 2.0 – new version, or copycat?

Cryptolocker 2.0 – new version, or copycat?

Less Technical

Cryptolocker 2.0 – new version, or copycat?

Last month we discovered filecoder malware which called itself “Cryptolocker 2.0”. Naturally, we wondered if this is a newer version of the widespread ransomware from the creators of the first. We look at the details that hint that it might have been created by some other, unknown, cybercrime gang.

Robert Lipovsky19 Dec 20134 min. read


ESET research

New Hesperbot targets: Germany and Australia

New Hesperbot targets: Germany and Australia

ESET research

New Hesperbot targets: Germany and Australia

In September we informed about a new banking trojan called Hesperbot (detected as Win32/Spy.Hesperbot). The perpetrators responsible for the threat are still active – November has been particularly eventful. In this post, we’ll give an update on the situation and malware developments.

Robert Lipovsky10 Dec 20134 min. read