(eset):research;

Research has been at the core of ESET and its technology since the company's inception. The journey began in 1987, when ESET co-founders Miroslav Trnka and Peter Paško uncovered one of the world's first computer viruses, which they named "Vienna" and wrote a program to detect it. Many other discoveries quickly followed.

More than 30 years later, ESET remains at the forefront of cybersecurity research, operating 13 R&D centers across the world that analyze, monitor and anticipate new threats. In recent years alone, ESET researchers have made a number of significant discoveries that shed light on various malicious campaigns orchestrated by the world’s most advanced threat actors. They have also identified multiple high-impact vulnerabilities in third-party products and services.

Over the years, ESET’s experts have assisted law enforcement with disruptions of several notorious cybercrime operations. They also frequently present at leading industry conferences and are among the most referenced contributors to the MITRE ATT&CK® knowledge base of adversary tactics and techniques.

@ESETresearch | ESET GitHub | ESET Coordinated Vulnerability Disclosure Policy


2215 articles

ESET Research

ESET research: Appearances are deceiving with Turla’s backdoor-laced Flash Player installer

ESET research: Appearances are deceiving with Turla’s backdoor-laced Flash Player installer

ESET Research

ESET research: Appearances are deceiving with Turla’s backdoor-laced Flash Player installer

ESET research spots Turla using a fresh weapon in campaigns targeting embassies and consulates in the post-Soviet states

Tomáš Foltýn09 Jan 2018


Sednit update: How Fancy Bear Spent the Year

Sednit update: How Fancy Bear Spent the Year

Sednit update: How Fancy Bear Spent the Year

Over the past few years the Sednit group has used various techniques to deploy their various components on targets computers. The attack usually starts with an email containing either a malicious link or malicious attachment.

ESET Research21 Dec 2017


Digital Security

Memes: the explanation of nearly everything - including computer viruses

Memes: the explanation of nearly everything - including computer viruses

Digital Security

Memes: the explanation of nearly everything - including computer viruses

We still don’t have a solid scientific theory of memes; nonetheless, they already allow us to understand why certain things happen the way they do. Memes are “alive”; they reproduce, mutate, and evolve according to Darwinian laws.

Guest Author13 Dec 2017


ESET Research

Banking malware on Google Play targets Polish banks

Banking malware on Google Play targets Polish banks

ESET Research

Banking malware on Google Play targets Polish banks

Besides delivering the promised functionalities, the malicious apps can display fake notifications and login forms seemingly coming from legitimate banking applications, harvest credentials entered into the fake forms, as well as intercept text messages to bypass SMS-based 2-factor authentication.

Lukas Stefanko11 Dec 2017


ESET Research

StrongPity2 spyware replaces FinFisher in MitM campaign – ISP involved?

StrongPity2 spyware replaces FinFisher in MitM campaign – ISP involved?

ESET Research

StrongPity2 spyware replaces FinFisher in MitM campaign – ISP involved?

As we reported in September, in campaigns we detected in two different countries, man-in-the-middle attacks had been used to spread FinFisher, with the “man” in both cases most likely operating at the ISP level.

Filip Kafka08 Dec 2017


ESET Research

ESET takes part in global operation to disrupt Gamarue

ESET takes part in global operation to disrupt Gamarue

ESET Research

ESET takes part in global operation to disrupt Gamarue

Wauchos is an extensible bot that allows its owner to create and use custom plugins. However, there are some plugins that are widely available and that are used by many different botnets.

Jean-Ian Boutin04 Dec 2017


ESET Research, Mobile Security

New campaigns spread banking malware through Google Play

New campaigns spread banking malware through Google Play

ESET Research, Mobile Security

New campaigns spread banking malware through Google Play

For a user, it can be difficult to figure out whether an app is malicious. First off it is always good only to install applications from the Google Play store, since most malware is still mainly spread through alternative stores.

Lukas Stefanko21 Nov 2017


ESET Research, Mobile Security

Multi-stage malware sneaks into Google Play

Multi-stage malware sneaks into Google Play

ESET Research, Mobile Security

Multi-stage malware sneaks into Google Play

In all the cases we investigated, the final payload was a mobile banking trojan. Once installed, it behaves like a typical malicious app of this kind: it may present the user with fake login forms to steal credentials or credit card details.

Lukas Stefanko15 Nov 2017


ESET Research

Transparency of machine-learning algorithms is a double-edged sword

Transparency of machine-learning algorithms is a double-edged sword

ESET Research

Transparency of machine-learning algorithms is a double-edged sword

Unless companies processing citizens’ personal data fully understand the reasoning behind the decisions made based on their machine-learning models, they will find themselves between a rock and a hard place.

Juraj Jánošík13 Nov 2017