Press Center

Bratislava, 3 November 2019 – Today, we celebrate Antimalware Day, founded by ESET two years ago, to honor the visionary work of Fred Cohen, Ph.D. and his advisor, Professor Len Adleman PhD., which laid the cornerstone for future research into computer threats.

ESET is marking this year’s celebration by taking a look at some of the most pertinent malware discoveries of the year 2019, in order to emphasize the importance of taking proactive countermeasures against malware and of implementing cybersecurity best practices. 

1.    Machete

Machete is malware that has been used in cyberespionage operations primarily in Venezuela, but also in Ecuador, Colombia, and Nicaragua. The operators use Machete as a tool for spearphishing, predominantly targeting government organizations, such as the military, education, police, and foreign affairs. Once the malware is unleashed via email, it can take screenshots, log keystrokes, access the clipboard, retrieve and encrypt files, and collect the victim’s geolocation.

2.    Android/Filecoder.C

Discovered after a two-year decline in instances of Android ransomware, Android/Filecoder.C encrypts the files on a mobile device before demanding a payment in Bitcoin for their decryption. Distributed via online forums, these malware files have the capacity to not only encrypt files, but to also send text messages to the victim’s contact list.

3.    Android/FakeApp.KP

This malware is used to phish for login credentials to BtcTurk, a Turkish cryptocurrency exchange. It was the first malware discovered that is able to circumvent restrictions brought in by Google in March 2019, which aimed to strengthen SMS-based two-factor authentication (2FA). Instead of intercepting SMS messages, which became harder for attackers thanks to Google’s new restrictions, this malware reads the notifications that appear on a device’s display in order to obtain the one-time password.

4.    Varenyky

In July, Varenyky launched a sextortion campaign in France, distributed through spam email attachments disguised as bill documents. Once the victim enables macros on the attached document, the computer becomes compromised, and the attacker is able to record the user’s screen. The apparent aim of this malware is to obtain evidence of the victim watching pornographic content, which can then be used for extortion.

5.    KRACK for Echo and Kindle

In January 2019, after more than a year of extensive additional research, ESET reported that many Wi-Fi enabled devices, including Amazon Echo and at least one generation of Amazon Kindle, were still vulnerable to Key Reinstallation Attacks, or KRACK(s), two years after the initial discovery. The vulnerabilities allowed attackers to execute Denial of Service attacks, disrupt network communications, and intercept sensitive information such as passwords.

To find out more about how ESET can help protect you against malware, visit https://eset.version-2.sg/.

Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET

For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.