Topic: eset research
-
PlushDaemon Hackers Hijack Software Updates in Supply Chain Attacks
The China-linked hacking group PlushDaemon hijacks legitimate software update channels to deploy custom malware in global cyberespionage campaigns, targeting entities across multiple countries and sectors. Their attack involves compromising routers to install the EdgeStepper implant, which redire...
Read More » -
Russian Hackers Unleash Destructive Wiper Attacks on Ukraine
Russian state-linked hackers, Sandworm, have launched wiper malware attacks on Ukrainian sectors including government, energy, logistics, and the grain industry, as part of a broader digital offensive alongside military actions. The targeting of Ukraine's grain sector is particularly strategic, a...
Read More » -
Beware: Spyware Poses as Signal and ToTok Messaging Apps
Cybersecurity experts discovered two spyware operations, ProSpy and ToSpy, which impersonate updates for Signal and ToTok to target Android users, particularly in the UAE, through fake websites. These malicious apps steal sensitive data like contacts, messages, and files by tricking users into gr...
Read More » -
HybridPetya Ransomware Bypasses UEFI Secure Boot
HybridPetya is a new ransomware that combines bootkit capabilities with encryption, exploiting a UEFI Secure Boot vulnerability to compromise systems. Unlike NotPetya, it uses a key generation method that allows decryption, making it functionally viable as conventional ransomware. Currently, ther...
Read More » -
North Korean Lazarus Hackers Target European Defense Firms
North Korea's Lazarus hacking group targeted European UAV defense firms through a deceptive recruitment campaign called Operation DreamJob, aiming to steal military drone technology. The attackers used trojanized applications and DLL sideloading to deploy the ScoringMathTea RAT, granting extensiv...
Read More »