White Papers

87 reports

Cryptocurrency scams on Android

Cryptocurrency scams on Android

In 2017, cryptocurrencies became a booming industry, attracting the attention of not only new users, but also cybercriminals. As the fraudsters came rushing to the newly crowded cryptocurrency space, users, businesses, and exchanges have found themselves the target of various fraud schemes – from phishing scams, through hacks, to surreptitious crypto-mining on compromised devices and, as of late 2017, via browsers. Cybercrime targeting cryptocurrency has recently become so rampant that regulators have issued multiple warnings on cryptocurrency scams; Facebook banned all cryptocurrency ads on its platform; and insurers have started to offer protection against cryptocurrency theft.


Diplomats in Eastern Europe bitten by a Turla mosquito

Diplomats in Eastern Europe bitten by a Turla mosquito

Turla is one of the longest-known state-sponsored cyberespionage groups, with well-known victims such as the US Department of Defense in 2008. The group owns a large toolset that is generally divided into several categories: the most advanced malware is only deployed on machines that are the most interesting to the attackers. Their espionage platform is mainly used against Windows machines, but also against macOS and Linux machines with various backdoors and a rootkit.


ESET’s Guide to deobfuscating and devirtualizing FinFisher

ESET’s Guide to deobfuscating and devirtualizing FinFisher

Thanks to its strong anti-analysis measures, the FinFisher spyware has gone largely unexplored. Despite being a prominent surveillance tool, only partial analyses have been published on its more recent samples. Things were put in motion in the summer of 2017 with ESET’s analysis of FinFisher surveillance campaigns that ESET had discovered in several countries.


Is Machine Learning Cybersecurity's silver bullet?

Is Machine Learning Cybersecurity's silver bullet?

The world is changing in front of our eyes. Where facts, truth and honesty were once our most valuable assets, nowadays, alternative-facts, post-truths and outright lies reign. Unfortunately, the cybersecurity industry is no exception to this trend.


Gazing at Gazer: Turla’s new second stage backdoor

Gazing at Gazer: Turla’s new second stage backdoor

Turla is a notorious group that has been targeting governments, government officials and diplomats for years. Although this backdoor has been actively deployed since at least 2016, it has not been documented anywhere. Based on strings found in the samples we analyzed, we have named this backdoor “Gazer”.


Stantinko: Teddy Bear Surfing Out of Sight

Stantinko: Teddy Bear Surfing Out of Sight

To get a global view of the Stantinko ecosystem, you need a lot of the pieces of the puzzle. The more we dug and tracked Stantinko, the more we could collect those pieces and put them together.


Win32/Industroyer: A new threat for industrial control systems

Win32/Industroyer: A new threat for industrial control systems

Win32/Industroyer is a sophisticated piece of malware designed to disrupt the working processes of industrial control systems (ICS).


IS GDPR good or bad news for business?

IS GDPR good or bad news for business?

Based on “A concise guide to the key provisions of the General Data Protection Regulation (GDPR)” by Kemp Jones Solicitors LLP.


Trends in Android ransomware

Trends in Android ransomware

Among other things, this paper delivers a definition of ransomware is provided; ESET’s detection telemetry is used to see the current trends for this cyberthreat; and detail on the most noteworthy Android ransomware examples since 2014 is provided.