A watering hole attack compromises websites that are likely to be visited by targets of interest, allowing website visitor’s machines to be infected. Specific visitors to these websites were most likely targeted in this campaign.

ESET Research has discovered FontOnLake, a targeted malware attacking Linux in Southeast Asia. The researchers identified a previously undiscovered malware family that targets Linux-based operating systems using unique and well-designed components.

ESPecter was discovered on a compromised machine along with a user-mode client component with keylogging and document-stealing functionalities, which is why ESET Research believes ESPecter is mainly used for espionage.

You can reset your PIN after a data breach, you can reset your password after a data breach, you can reset your security questions after a data breach – but can you reset your face? Sure, there’s surgery, but clearly that’s asymmetry of the amount of effort you’ll need to expend in response to a vendor’s careless handling of biometric data. Subsequent resets could get even weirder. This elevates identify theft to a whole new level.

This new malware, named CDRThief by ESET, is designed to target a very specific VoIP platform used by two China-made softswitches (software switches): Linknat VOS2009 and VOS3000.