ESET Uncovers Operation Potao Express

Robert Lipovsky and Anton Cherepanov, Malware Researchers at ESET, have uncovered extensive cyberespionage operation snooping on high-value targets in Ukraine and a number of other CIS countries, including Russia, Georgia and Belarus.
ESET malware researchers have presented initial findings based on research into the Win32/Potao malware family in June, in our CCCC 2015 presentation in Copenhagen. The Potao family is a typical cyberespionage trojan that steals passwords and sensitive information in order to offer them to the attackers’ remote server.

“Our investigation of Potao uncovered a very interesting connection to a Russian version of the now-discontinued popular open-source encryption software, TrueCrypt,” says Robert Lipovsky, Senior Malware Researcher at ESET.


Read more about Operation Potao Express: Analysis of a cyber-espionage toolkit on WeLiveSecurity.com or download the whole white paper here.Raphael Labaca Castro
Editor in Chief, WeLiveSecurity.com