Research is at the heart of ESET and its technology and has been from the very beginning. It all started with a discovery when, in 1987, ESET co-founders Miroslav Trnka and Peter Paško discovered one of the first viruses in the world, named Vienna.
Through the years, ESET and its researchers have been credited with many discoveries and have scored accolades for many of their research works. From recent years, in 2018, ESET discovered LoJax –
the first UEFI rootkit found in the wild, deployed by the infamous Sednit APT group.
Our researchers regularly present at industry conferences such as RSA, Black Hat, Virus Bulletin and CARO just to name a few. They also devote their time to educate future researchers and security experts at universities.
Most notable ESET Threat Research
December 2021
Jumping the air-gap
ESET researchers analyzed all malicious frameworks used to attack air-gapped networks known to date. Air-gapping is used protect the most sensitive networks.
August 2019- December 2021
Latin American banking trojans
ESET Research published a series of blogposts dedicated to demystifying Latin American banking trojans, an evolving threat mainly targeting Brazil, Spain and Mexico.
November 2021
Candiru spyware
Discovery of strategic web compromise attacks against high-profile websites in the Middle East with a strong focus on Yemen. The attacks were linked to spyware-producing company Candiru.
October 2021
UEFI bootkit ESPecter
Discovery of a real-world UEFI bootkit that persists on the EFI System Partition (ESP). The bootkit can bypass Windows Driver Signature Enforcement to load its own unsigned driver for espionage.
August 2021
IIS threat research
ESET Research discovered 10 previously undocumented malware families, implemented as malicious extensions for Internet Information Services (IIS) web server software.
May 2021
Android stalkerware
ESET Research conducted an in-depth analysis of stalkerware and discovered 158 serious security and privacy issues across 58 different applications.
March 2021
ProxyLogon
ESET Research discovered that at least ten different APT groups were exploiting Microsoft Exchange vulnerabilities ProxyLogon to compromise email servers before and shortly after the vulnerability chain was patched.
February 2021
Kobalos
Discovery of Kobalos, complex Linux malware targeting supercomputers. ESET worked with CERN in mitigating these attacks.
June 2020
InvisiMole
Investigating a new campaign by the InvisiMole group, ESET researchers uncovered the group’s updated toolset as well as previously unknown details about its stealthy mode of operation.
February 2020
The KrØØk vulnerability
ESET researchers uncovered a previously unknown security flaw allowing an adversary to decrypt some wireless network packets transmitted by vulnerable devices.
June 2020
Operation In(ter)ception
ESET researchers uncovered targeted attacks against high-profile aerospace and military companies in Europe and the Middle East.
October 2020
TrickBot disruption
ESET has collaborated in a Microsoft-led effort to disrupt the TrickBot botnet, providing technical analysis, statistical information, and known command and control server domain names and IPs.
October 2018
GreyEnergy
Following long-term tracking of the infamous BlackEnergy group targeting critical infrastructure, ESET research discovered its successor: the GreyEnergy group.
October 2019
Operation Ghost
ESET researchers uncovered new activity of the infamous espionage group, the Dukes, including three new malware families.
October 2019
Winnti Group arsenal
As part of their extensive tracking of the Winnti Group, ESET researchers revealed updates to the group’s malware arsenal and campaigns.
October 2019
Attor espionage platform
ESET researchers discovered a previously unreported cyberespionage platform used in targeted attacks against diplomatic missions and governmental institutions, and privacy-concerned users.
November 2018
3ve disruption
ESET Research contributed to international law enforcement operation against 3ve, a major online ad fraud operation.
ESET Threat Report
ESET APT Activity Report
Software vulnerabilities
While ESET Research primarily focuses on malware, some investigations lead to discovering software vulnerabilities.
While respecting legitimate business interests of vendors of hardware, software, and services, our aim is to protect the broad community of users of internet/IT-related products and/or services.
If we believe we have discovered a vulnerability in a third-party product or service, we adhere to principles of responsible disclosure. Along with that, we do our best to reach out to the vendor to inform them about our findings. However, we reserve the option of disclosing the discovery to a trusted third party, such as a national CSIRT.
Research & development centers
- Bratislava, Košice and Žilina, Slovakia
- Prague, Brno and Jablonec nad Nisou, Czech Republic
- Krakow, Poland
- Montreal, Canada
- San Diego, United States
- Singapore
- Iasi, Romania
- Taunton, United Kingdom