Tag: eset
-
Ebury and Mayhem server malware families still active
Whether it is to send spam or to redirect web traffic to malicious payloads, compromised ( Linux ) web servers are the glue in many a malware campaign. Two such networks of compromised servers – about which VB has published papers in the past – have recently received updates. The paper ‘Operation Windigo’ ( pdf ) was…
-
Ebury and Mayhem server malware families still active
Whether it is to send spam or to redirect web traffic to malicious payloads, compromised ( Linux ) web servers are the glue in many a malware campaign. Two such networks of compromised servers – about which VB has published papers in the past – have recently received updates. The paper ‘Operation Windigo’ ( pdf ) was…
-
Despite the profitability of ransomware there is a good reason why mining malware is thriving
When, a few years ago, a friend and I were analysing a rather large botnet and we saw some network traffic indicating that it was engaged in Bitcoin mining, we felt rather disappointed: using malware to mine for cryptocurrencies is about as basic as it gets. It is the digital equivalent of breaking into someone’s house,…
-
Despite the profitability of ransomware there is a good reason why mining malware is thriving
When, a few years ago, a friend and I were analysing a rather large botnet and we saw some network traffic indicating that it was engaged in Bitcoin mining, we felt rather disappointed: using malware to mine for cryptocurrencies is about as basic as it gets. It is the digital equivalent of breaking into someone’s house,…
-
VB2016 paper: BlackEnergy – what we really know about the notorious cyber attacks
In a blog post published on Friday, ESET researcher Anton Cherepanov provides evidence linking last week’s (Not)Petya attacks to the BlackEnergy group; Kaspersky researchers also believe there is some evidence the two are linked, though they say there are only low confidence indicators. Going back at least a decade, and likely cybercriminal in origin, the…
-
VB2016 paper: BlackEnergy – what we really know about the notorious cyber attacks
In a blog post published on Friday, ESET researcher Anton Cherepanov provides evidence linking last week’s (Not)Petya attacks to the BlackEnergy group; Kaspersky researchers also believe there is some evidence the two are linked, though they say there are only low confidence indicators. Going back at least a decade, and likely cybercriminal in origin, the…
-
First sponsors of VB2017 announced
We are proud of the fact that the Virus Bulletin Conference is one of the industry’s most international security conferences, with speakers and attendees coming together from all over the world to discuss the latest security threats, as well as what can be done to mitigate them. The international element also generally holds true for…
-
First sponsors of VB2017 announced
We are proud of the fact that the Virus Bulletin Conference is one of the industry’s most international security conferences, with speakers and attendees coming together from all over the world to discuss the latest security threats, as well as what can be done to mitigate them. The international element also generally holds true for…
-
VB2016 paper: Modern attacks on Russian financial institutions
Today, we publish the VB2016 paper “Modern attacks on Russian financial institutions” ( here in HTML format and here in PDF format) by ESET researchers Jean-Ian Boutin and Anton Cherepanov. In it, they look at a number of groups that have performed sophisticated attacks against a number of Russian financial institutions. The work of these…
-
VB2016 paper: Modern attacks on Russian financial institutions
Today, we publish the VB2016 paper “Modern attacks on Russian financial institutions” ( here in HTML format and here in PDF format) by ESET researchers Jean-Ian Boutin and Anton Cherepanov. In it, they look at a number of groups that have performed sophisticated attacks against a number of Russian financial institutions. The work of these…