LinkedIn and WhatsApp used to attack aerospace and defense contractors

According to ESET telemetry, Lazarus targeted companies in Europe (France, Italy, Germany, the Netherlands, Poland, and Ukraine) and Latin America in the relevant 2021-2022 attacks (Brazil).

Lazarus attacks freight company in South Africa with a new backdoor

The backdoor includes several cyber-espionage capabilities, such as file exfiltration and gathering information about the targeted computer and its drives. It communicates with its Command & Control (C&C) server via the Tor anonymity network.

ModPipe backdoor targets POS software used in hospitality sector

What makes the backdoor distinctive are its downloadable modules and their capabilities, as it contains a custom algorithm designed to gather RES 3700 POS database passwords by decrypting them from Windows registry values. This shows that the backdoor’s authors have deep knowledge of the targeted software and opted for this sophisticated method.

ESET discovers close cooperation among LATAM banking trojan families

ESET researchers have discovered a surprising number of indicators of close cooperation among Latin American banking trojan authors. Despite the term “Latin American,” some of the trojans have been targeting Spain and Portugal since late last year.

ESET will highlight new cyber espionage discoveries at VB2020

ESET will highlight its top research for 2020 during the VB2020 localhost conference. This year, the Virus Bulletin international conference will go entirely online, thus the name change.