-
ESET Research uncovers latest BladeHawk campaign: Android espionage against Kurds
ESET researchers have investigated a targeted mobile espionage campaign against the Kurdish ethnic group. This campaign has been active since at least March 2020, distributing (via dedicated Facebook profiles) two Android backdoors known as 888 RAT and SpyNote, disguised as legitimate apps. These profiles appeared to be providing Android news in Kurdish, and news for…
-
ESET Research: India and Vietnam rank among top 5 countries globally hit by Android/FakeAdBlocker malware
ESET Research has analyzed an aggressive advertising-based threat — Android/FakeAdBlocker — which downloads malicious payloads provided by its operator’s command and control server. Android/FakeAdBlocker usually hides its launcher icon after initial launch, delivers unwanted scareware or adult content advertisements, and creates spam events for upcoming months in iOS and Android calendars. These ads often cost…
-
ESET Research finds latest version of Gelsemium: Cyberespionage against government and other targets in Asia
Since mid-2020, ESET Research has been analyzing multiple campaigns, later attributed to the Gelsemium cyberespionage group, and has tracked down the earliest version of their main malware, Gelsevirine, to 2014. During the investigation, ESET researchers found a new version of Gelsevirine, a backdoor that is both complex and modular. Victims of its campaigns are located…