Just spotted a little "hello" from the #Crocodilus Android banker devs — they left a message in the logs right after the malware launches. Analysis of Crocodilus: https://t.co/frr3w5O2wm New developments: https://t.co/KJEcnaj7J8

Found Related #spyware #campaign Sample / Domain using @Huntio 9d3ac92937c8986ce55b308c60ae8f9a https://signal-encryption-service[.]ct[.]ws/signsdhfg6aug/signsdhfg6aug/Signal_Encryption_Plugin_V4.7.3.apk @500mk500 @LukasStefanko Ref: https://t.co/sdm2wKRAXO

Uptober on Kraken is here. Deposit crypto or cash during the month of October. Get matched up to 2%

We identified two campaigns targeting #Android users with previously undocumented spyware impersonating #Signal and #ToTok via deceptive websites https://t.co/qH1jTyiMEf #ESET #ESETresearch

#ESETResearch has identified two campaigns targeting Android users in the🇦🇪. The campaigns, which are still ongoing, distribute previously undocumented spyware impersonating #Signal and #ToTok via deceptive websites. https://t.co/8Rt9I1GV40 1/6

#ESETResearch has discovered the first known AI-powered ransomware, which we named #PromptLock. The PromptLock malware uses the gpt-oss:20b model from OpenAI locally via the Ollama API to generate malicious Lua scripts on the fly, which it then executes 1/6

Don't miss this week's episode of Restoration Spotlight with @BraedenSorbo streaming on all platforms!

🔍 True or False? #AndroidMalware myths – busted! Cybersecurity expert @LukasStefanko tackles rapid-fire questions to separate fact from fiction. Think you’re malware-savvy? Find out. Watch #Unlocked403 on YouTube, and listen on Spotify & Apple Podcasts. @ESETresearch

@LukasStefanko explains why smartphones are the perfect target for digital spies. 🎙️ Listen to Unlocked 403 Podcast now on Spotify, or Apple Podcasts, and stay one step ahead of digital threats. @ESETresearch #Unlocked403

In H1 2025, #ESETResearch telemetry recorded a 160% surge in #Android adware & clicker detections. Leading this spike is a colorfully branded threat #Kaleidoscope, responsible for 28% of all Android #adware detections in H1. 1/6

ESET Threat Report H1 2025: #ClickFix attacks surge 500%, SnakeStealer tops infostealer charts, and NFC fraud jumps 35x. Plus, chaos in the ransomware underworld and a new Android adware menace—Kaleidoscope. Dive into the full report: https://t.co/bZjtTEdlzf #ESETresearch

Team from @CSIRT_KNF was kind enough to blur my name from their analysis :D

Malware #Crocodilus impersonates a fake “IKO Lokata” app — its icon closely resembles that of a major Polish bank 🏦. 📣 Delivered via fake ads on @Facebook. 🔗 Campaign domains: • iko-power-app[.sbs • iko-lokata[.icu 🧠 IoC: rentvillcr[.homes VT: https://t.co/Sa3wx7DEQZ

#BREAKING #ESETresearch NFC Android malware impersonates banking app in 🇵🇱 Poland. #NGate malware impersonates a banking verification application to steal NFC data and PIN from victims’ physical payment card. @LukasStefanko 1/3

In the latest version of G-700 Android RAT was allegedly added exploitation of the #EvilVideo Telegram vulnerability (CVE-2024-7014) The exploit allows sending malicious APK files disguised as video EvilVideo: https://t.co/fb9FmhGhMt G-700 RAT: https://t.co/c6zDJUnvms

Cybercriminals Use NFC Relay to Turn Stolen Credit Cards into Cash without a PIN : https://t.co/fH2K50CZgm credits @LukasStefanko

It was great meeting some really cool folks like @LukasStefanko , @Joseliyo_Jstnk @JaromirHorejsi and many others at @avar_asia and presenting my research on "Rise & Fall of Golang Malware" !

Yesterday, I could share my and Jakub research about NFC relay malware #NGate at @avar_asia conference in #India 🇮🇳 In the picture is a screen from a demo where I show how to withdraw cash from an ATM without a physical payment card using smartphone, as was done by NGate TA #ESET

Unusual Android malware distribution vector - physical analog letter ✉️ Fake letters were sent to people at their home addresses to download "Severe Weather Warning App" via the attached QR code. #Coper AKA #Octo2 banking malware is downloaded instead https://t.co/kRpPGA9sLu

BSides Bratislava is back! Save the Date: March 15th, 2025 #BSidesBA 📢 CFP is open until December, 31st 23:59 UTC. More info: https://t.co/mmsUnleQ6z