Michal Malík
@michalmalik
Followers
2K
Following
3K
Media
440
Statuses
3K
Senior Detection Engineer at @ESETResearch
Bratislava
Joined October 2010
We analyzed a new miner for macOS and Windows that uses QEMU and VirtualBox to mine inside a virtual machine and comes bundled with pirated copies of VST software
welivesecurity.com
The story of a Linux miner bundled with pirated copies of VST (Virtual Studio Technology) software for Windows and macOS
2
26
49
RT @welivesecurity: #Breaking: ESET researchers discover a #0day exploit for #Telegram that targets a vulnerability they named #EvilVideo a….
0
14
0
RT @virusbtn: ESET researchers discovered two previously unknown backdoors, LunarWeb and LunarMail, compromising a European ministry of for….
0
35
0
RT @ESETresearch: We can also confirm hosting the Linux kernel source code repository, was a victim of Ebury betwe….
0
14
0
RT @ESETresearch: #ESETresearch has discovered the Lunar toolset, two previously unknown backdoors (which we named #LunarWeb and #LunarMail….
welivesecurity.com
ESET researchers provide technical analysis of the Lunar toolset, likely used by the Turla APT group, that infiltrated a European ministry of foreign affairs
0
59
0
RT @ESETresearch: #Breaking #ESETresearch releases a paper about Ebury, among the most advanced server-side Linux malware, which was deploy….
welivesecurity.com
One of the most advanced server-side malware campaigns is still growing, with hundreds of thousands of compromised servers, and it has diversified to include credit card and cryptocurrency theft.
0
84
0
RT @alexnpress: ok wow I have wanted a reporter to write about this for YEARS
theverge.com
How one crew risked radiation, storms, and currents to save Japan from digital isolation.
0
793
0
17 yrs of KASLR bypasses was a total waste of time 🫤.
0
2
4
RT @disruptnhandlr: I'm embarrassed to say it, but I didn't have a robust intuition about stack frames, unwinding and exception handling st….
0
27
0
RT @gynvael: Some notes from analyzing the bash part obfuscation of the xz/liblzma part – link leads to the part I found most interesting –….
0
109
0
RT @gynvael: Boosting signal for folks analyzing liblzma/xz:.q3k: "I have managed to extract a list of encoded strings within the liblzma/x….
social.hackerspace.pl
I have managed to extract a list of encoded strings within the liblzma/xz backdoor payload (5.6.1): https://gist.github.com/q3k/af3d93b6a1f399de28fe194add452d01 The code has a dictionary of strings...
0
51
0
Impressive.
Backdoor in upstream xz/liblzma leading to ssh server compromise
0
0
2
RT @ESETresearch: #ESETresearch discovered a #backdoor we have named Sponsor, used in a #BallisticBobcat (aka Charming Kitten, #TA453, #APT….
welivesecurity.com
ESET Research uncovers the Sponsoring Access campaign, which utilizes an undocumented Ballistic Bobcat backdoor we have named Sponsor.
0
43
0
RT @ESETresearch: #ESETresearch will present at Black Hat USA 2023. On August 10th, @matthieu_faou will talk about #MoustachedBouncer: AitM….
0
19
0
RT @ESETresearch: #ESETResearch warns about a CPIO archive named “Jump Crypto Investment uploaded to VirusTotal fr….
0
42
0
RT @ESETresearch: #ESETResearch warns about an ongoing campaign distributing password and cryptocurrency stealing malware via @PyPI. #Pytho….
0
57
0
RT @ESETresearch: #ESETResearch discovered a campaign by the Evasive Panda APT group targeting an international NGO in China🇨🇳. The attacke….
welivesecurity.com
ESET Research uncovers a campaign by the APT group known as Evasive Panda targeting an international NGO in China with malware delivered through updates of popular Chinese software
0
46
0
RT @marc_etienne_: Yet another Lazarus-related finding this week. Seems like this group doesn't mind being loud. Social engineering targets….
0
2
0