Zuzana Hromcová

Zuzana Hromcová

Malware Researcher


Education: Master’s Degree in Computer Science from Comenius University in Bratislava.

Position and history at ESET? Joined in 2016 as a Junior Malware Analyst, after being introduced to the art of reverse engineering at a course taught by ESET at my university.

Highlights of your career: Joining ESET! More to come

What malware do you hate the most? Destructive and causing irreversible damage (whether on purpose or due to a lack of the authors' skills).

Favorite activities: Reading books, following political discussions, cooking and eating.

Golden rule for cyberspace? You can never be too paranoid.

When did you get your first computer and what kind was it? As a child, so around 2000. With Windows 95 and very slow - nothing more specific.

Favorite computer game / activity: Reverse engineering, of course!


12 articles by Zuzana Hromcová

ESET research

OilRig’s persistent attacks using cloud service-powered downloaders

OilRig’s persistent attacks using cloud service-powered downloaders

ESET research

OilRig’s persistent attacks using cloud service-powered downloaders

ESET researchers document a series of new OilRig downloaders, all relying on legitimate cloud service providers for C&C communications

Zuzana Hromcová and Adam Burgher14 Dec 202322 min. read


ESET research

OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes

OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes

ESET research

OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes

ESET researchers document OilRig’s Outer Space and Juicy Mix campaigns, targeting Israeli organizations in 2021 and 2022

Zuzana Hromcová and Adam Burgher21 Sep 202316 min. read


ESET research

IISerpent: Malware-driven SEO fraud as a service

IISerpent: Malware-driven SEO fraud as a service

ESET research

IISerpent: Malware-driven SEO fraud as a service

The last in our series on IIS threats introduces a malicious IIS extension used to manipulate page rankings for third-party websites

Zuzana Hromcová11 Aug 20218 min. read


ESET research

IISpy: A complex server-side backdoor with anti-forensic features

IISpy: A complex server-side backdoor with anti-forensic features

ESET research

IISpy: A complex server-side backdoor with anti-forensic features

The second in our series on IIS threats dissects a malicious IIS extension that employs nifty tricks in an attempt to secure long-term espionage on the compromised servers

Zuzana Hromcová09 Aug 20217 min. read


ESET research

IIStealer: A server-side threat to e-commerce transactions

IIStealer: A server-side threat to e-commerce transactions

ESET research

IIStealer: A server-side threat to e-commerce transactions

The first in our series on IIS threats looks at a malicious IIS extension that intercepts server transactions to steal credit card information

Zuzana Hromcová06 Aug 20217 min. read


ESET research

Anatomy of native IIS malware

Anatomy of native IIS malware

ESET research

Anatomy of native IIS malware

ESET researchers publish a white paper putting IIS web server threats under the microscope

Zuzana Hromcová and Anton Cherepanov06 Aug 20218 min. read


ESET research

Digging up InvisiMole’s hidden arsenal

Digging up InvisiMole’s hidden arsenal

ESET research

Digging up InvisiMole’s hidden arsenal

ESET researchers reveal the modus operandi of the elusive InvisiMole group, including newly discovered ties with the Gamaredon group

Zuzana Hromcová and Anton Cherepanov18 Jun 20207 min. read


ESET research

ESET discovers Attor, a spy platform with curious GSM fingerprinting

ESET discovers Attor, a spy platform with curious GSM fingerprinting

ESET research

ESET discovers Attor, a spy platform with curious GSM fingerprinting

ESET researchers discover a previously unreported cyberespionage platform used in targeted attacks against diplomatic missions and governmental institutions, and privacy-concerned users

Zuzana Hromcová10 Oct 201910 min. read


ESET research

In the Balkans, businesses are under fire from a double-barreled weapon

In the Balkans, businesses are under fire from a double-barreled weapon

ESET research

In the Balkans, businesses are under fire from a double-barreled weapon

ESET researchers discovered a campaign that uses two malicious tools with similar capabilities to ensure both resilience and broader potential for the attackers

Zuzana Hromcová14 Aug 201918 min. read