ESET Research podcast ESET Research

In 2023, ESET detected over 675,000 attempts to access malicious domains abusing the popularity of ChatGPT; some offer bring-your-own-key web apps that can steal OpenAI API keys. Apart from AI, in H2 the Cl0p ransomware gang exploited MOVEit software, causing a staggering $14 billion in damages. The IoT landscape faced the new Pandora botnet, compromising Android devices via malicious firmware updates or pirated content apps.

In this episode, ESET researchers Radek Jizba and Jakub Souček talk the dynamics within and between various Neanderthal groups, techniques these hordes use to find and select the best Mammoths and especially about how Neanderthals teach each other how to use a cybercriminal toolkit called Telekopye to scam unsuspecting users on online marketplaces.

In H1 2023, intrusion vectors were closing left and right, forcing cybercriminals to revisit old routes such as brute-forcing MS SQL servers or distributing (AI-generated?) sextortion and text-based email messages and led a few to kickstart several usury Android apps. But there’s also good news as Emotet botnet went quiet after a month of ineffective campaigning, and Redline stealer has been disrupted by ESET researchers and their friends at Flare systems.

What do Disco, NightClub, backdoors, espionage, and internet service providers in Belarus all have in common? They all are tied to the same MoustachedBouncer. While it sounds like a bad joke, these are some of the key findings of ESET’s latest research focusing on a recently discovered APT group described in this episode by ESET’s Director of Threat Research Jean-Ian Boutin.

Towards the end of 2022, an unknown threat actor posted an ad for a new and powerful UEFI bootkit called BlackLotus. Its most distinctive feature? This malware could bypass UEFI Secure Boot, a feature preventing modern computers from running unauthorized software. What sounded like a myth turned into reality a few months later, when ESET Malware Researcher Martin Smolár found a sample that perfectly matched the description.

What do you need to break into a corporate network? ESET’s latest research suggests that interest in secondhand computer hardware, a bit of time, and $100 is more than enough. In this episode, ESET Specialized Security Researcher Cameron Camp explains to host Aryeh Goretsky what secrets he found on secondhand routers bought online, what types of companies he would be able to penetrate with that information, and how to securely wipe devices before selling them