ESET Reference Materials Papers White Papers
White Papers
security solutions
Origin of the Specious: the Evolution of Misinformation
By David Harley, February 2013
Welcome to the Web 2.0 incarnation of the Misinformation Superhighway. Did you really think that hoaxing had died out?
‘PokerAgent’
By Robert Lipovsky, January 2013
The ‘PokerAgent’ botnet, which we have tracked in 2012, was designed to harvest Facebook log-on credentials, also collecting information on credit card details linked to the Facebook account and Zynga Poker player stats, presumably with the intention to mug the victims. The threat was mostly active in Israel.
Trends for 2013 - Astounding growth of mobile malware
By ESET Latin America’s Lab, December 2012
ESET Latin America's Malware Analysis Lab reviews the year and compiles threat trends for the upcoming season. So how will the 2013 threatscape look like according to the IT security company ESET? It will definitely see major growth of mobile malware and its variants, increased malware propagation via websites, continuing rise of botnets and attacks on the cloud resulting in information leaks.
Boxer SMS Trojan
ByAndré Goujon and Pablo Ramos, November 2012
Analysis of an SMS Trojan found on Android smartphones that is capable of executing SMS premium rate scams in a wide range of countries. ESET researchers in Latin America combine code inspection with investigation of consumer forums to reveal the first threat of the kind targeting Latin American countries, but with implications that are global.
Online Shopping and a Phishing Pheeding Phrenzy
By David Harley and Urban Schrott, October 2012
Phishing scams old and new, and some ways to recognize the baited hook before you bite off more than you can chew.
Windows 8: FUD for thought
By Aryeh Goretsky, October 2012
An analysis of the newest and most interesting security features in Windows 8, Microsoft's newest desktop operating system, as well as how it may be attacked in the future.
OSX/Flashback
By Marc-Etienne Leveille , September 2012
The first malware to infect hundreds of thousands of Apple Mac
ACAD/Medre.A
By Robert Lipovsky and Righard Zwienenberg, June 2012
10000‘s of AutoCAD Designs Leaked in Suspected Industrial Espionage.
Trends for 2012: Malware Goes Mobile
By ESET Latin America, January 2012
ESET Latin America's Malware Analysis Lab looks at the implications of changes in the threat landscape, focusing in particular on anticipated developments in mobile threats.
Ten Ways to Dodge CyberBullets: Reloaded
By David Harley, December 2011
An updated version of the paper "Ten Ways to Dodge CyberBullets", addressing the question "what are the top 10 things that people can do to protect themselves against malicious activity?"
Problematic, Unloved and Argumentative: What is a potentially unwanted application (PUA)?
By Aryeh Goretsky, November 2011
What is a potentially unwanted application (PUA)? This paper gives some examples of "potentially unwanted" and "potentially unsafe" applications, explaining how they differ from out-and-out malware.
Win32/Carberp: When You're in a Black Hole, Stop Digging
By Aleksandr Matrosov, Eugene Rodionov, Dmitry Volkov and David Harley, December 2011
This paper consolidates information published By ESET and Group-IB researchers on Russian malware that attacks Russian RBS (Remote Banking Systems) transactions: now updated to version 1.1 to include additional material.
Options for backing up your computer
By Aryeh Goretsky, August 2011
If you know you need to back up your data but you're not sure how to do it, here's a practical guide on how to get started.
Hodprot: Hot to Bot
By Eugene Rodionov, Aleksandr Matrosov, and Dmitry Volkov, August 2011
A comprehensive analysis of Win32/Hodprot, one of the families of malware most used in banking fraud in Russia and its neighbours.
The Evolution of TDL: Conquering x64 (revision 1.1)
By Eugene Rodionov and Aleksandr Matrosov, June 2011
A comprehensive analysis of the TDSS/Olmarik/Alureon family, which has learned some radical new tricks. Updated to include information on a new plugin making radical changes to Olmarik's botnet.
Hanging on the Telephone
By David Harley, Urban Schrott and Jan Zeleznak, February 2011
As if fake anti-virus products weren’t bad enough, nowadays we have unsolicited phone-calls from fake AV helpdesks. ESET researchers tell you pdf about support scams.
Stuxnet Under the Microscope
By Alexandr Matrosov, Eugene Rodionov, David Harley and Juraj Malcho, January 2011
Version 1.31 of a comprehensive analysis of the Stuxnet phenomenon, updated to add pointers to additional resources. This is probably the last update of the document, but further relevant resources will be added to a list here.
Trends for 2011 - Botnets and Dynamic Malware
By ESET Latin America, November 2010
Researchers from ESET's Laboratories in Latin America summarize the main trends anticipated for 2011 in malicious programs and antivirus security.
Twenty Years Before the Mouse
By Aryeh Goretsky, June 2010
Written in the form of a personal retrospective, this paper compares the earliest days of PC computer viruses with today’s threats, as well as provides a glimpse into the origins of the computer anti-virus industry.
A Tried and True Weapon: Social Engineering
By Cristian Borghello, translated By Chris Mandarano, added April 2010
A discussion of some of the ways in which attackers use psychological manipulation to trick their victims.
Choosing Your Password
By David Harley, added April 2010
Some ways of avoiding easily guessable passwords.
Ten Ways to Dodge CyberBullets
By David Harley, February 2010
Around New Year it seems that everyone wants a top 10: the top 10 most stupid remarks made By celebrities, the 10 worstdressed French poodles, the 10 most embarrassing political speeches and so on. We revisited some of the ideas that our Research team at ESET North America came up with at the end of 2008 for a "top 10 things that people can do to protect themselves against malicious activity."
Conficker By the numbers
By Sebastián Bortnik, February 2010
This is a translation for ESET LLC of a document previously available in Spanish By ESET Latin America Click here.
The Internet Book of the Dead
By David Harley, January 2010
This paper is a bit different from other papers you'll find on the ESET white papers page. Following is a mock interview between Dan Damon, of BBC radio and David Harley discussing the complications of a digital world when someone passes away.
2010: Cybercrime Coming of Age
January 2010
The Research teams in ESET Latin America and ESET North America put their heads together in December 2009 to discuss the likely shape of things to come in the next 12 months in security and cybercrime.
Staying Safe on the Internet
By David Harley, September 2009
On the Information Superhighway, the traffic signals are always at amber. Here are some suggestions for reducing the risk from collisions and carjacks. Part One of a series of short papers.
Keeping Secrets: Good Password Practice
By David Harley and Randy Abrams, August 2009
Everyone knows that passwords are important, but what is a good password and how do you keep it safe?
Social Security Numbers: Identification is Not Authentication
By David Harley, August 2009
Americans are often expected to share their SSNs inappropriately: what are the security implications, and how serious are they?
Playing Dirty
By Cristian Borghello, August 2009
Describes in detail how criminals make money out of stealing online gaming credentials and assets.
Cybersecurity Review: Background, threatscape, best-practices and resources
By Jeff Debrosse
Cybersecurity is about protecting information and its related resources. This paper examines the different threats we face from cybercrime (the threatscape), real-world statistics to explain the scope and reach of cybercrime, and consumer and business best-practices — to protect both critical and non-critical information.
Free but Fake: Rogue Anti-malware
By Cristian Borghello, March 2009
Understanding and avoiding fake anti-malware programs that offer "protection" from malware that doesn't really exist.
Common Hoaxes and Chain Letters
By David Harley, May 2008
An ongoing series of papers that describe some of the commonly-found lies and half-truths that continue to circulate on the Internet, and discuss some ways of identifying them.
Net of the Living Dead: Bots, Botnets and Zombies
By David Harley and Andrew Lee, February 2008
Describes the botnet phenomenon in detail: its origins and history, current trends, and what you need to do about it.
The Spam-ish Inquisition
By David Harley and Andrew Lee, November 2007
A detailed overview of spam, scams and related nuisances, and some of the ways of dealing with them.
ESET Smart Security 4
By ESET Research Department, February 2009
A detailed overview of ESET's flagship security package by the team that brings you the ESET series of product-independent threat analyses.
A Pretty Kettle of Phish
By David Harley and Andrew Lee, July 2007
Understand and avoid the attentions of phishers and other Internet scammers.
Heuristic Analysis - Detecting Unknown Viruses
By David Harley and Andrew Lee, March 2007
A detailed analysis of the differences between traditional threat-specific detection and proactive detection by generic detection and behavior analysis.
The root of all evil? - Rootkits revealed
By David Harley and Andrew Lee, September 2006
This paper describes and de-mythologizes the rootkit problem, a serious but manageable threat.
The Passing Storm
By Pierre-Marc Bureau, David Harley, Andrew Lee, and Cristian Borghello, February 2009
The Storm botnet may have blown itself out, but its legacy remains. This paper places Storm in the context of botnets in general, examining its technical, social, and security implications.
Customer Value Enhancement of Endpoint Security Products
By Frost & Sullivan Global, 2011
Endpoint Security: Proactive Solutions for Networkwide Platforms
By Andrew J. Hanson, Brian E. Burke and Gerry Pintal
IDC # 216642
Beyond Signature-Based Antivirus: New Threat Vectors Drive Need for Proactive Antimalware Protection
By Brian E. Burke
Adapted from Worldwide Antivirus 2006-2010 Forecast Update and 2005 Vendor Analysis. IDC #204715
Malware Detection Techniques
By Frost & Sullivan
*Copyright is held by Virus Bulletin Ltd, but is made available on this site for personal use free of charge by permission of Virus Bulletin.
Quick Links: Store | Renew | Activate | Free Trial | Online Virus Scanner | ESET vs. Competition | Press Center | ESET Blog | Threat Center | Support | Careers
© 2008-2013 ESET North America. All rights reserved. Trademarks used herein are trademarks or registered trademarks of ESET spol. s r.o. or ESET North America. All other names and brands are registered trademarks of their respective companies.
ESET – globálna centrála, Aupark Tower, Einsteinova 24, 851 01 Bratislava, Slovenská republika, Spojovateľka: +421 (2) 322 44 111
Obchodné oddelenie: +421 (2) 322 44 250 (obchod@eset.sk), Fax: +421 (2) 322 44 109
Technická podpora: +421 (2) 322 44 444