ESET Threat Report T1 2021 highlights rapid abuse of trending vulnerabilities and configuration flaws by cybercrooks

The exclusive updates include new findings about the Lazarus and Turla APT groups and an analysis of a malicious iOS tweak that steals files from jailbroken iOS devices


DUBAI - UAE – ESET, a global leader in cybersecurity, has released its T1 2021 Threat Report, summarizing key statistics from ESET detection systems and highlighting notable examples of ESET’s cybersecurity research, including exclusive, previously unpublished updates on current threats. The featured story recounts ESET Research’s discovery of multiple advanced persistent threat (APT) groups exploiting a vulnerability chain affecting Microsoft Exchange Server. The exclusive updates include new findings about the Lazarus and Turla APT groups and an analysis of a malicious iOS tweak that steals files from jailbroken iOS devices.

Starting with this issue of the ESET Threat Report, ESET Research aims to have a triannual publication, meaning that each report will cover a four-month period. For easier orientation, the T1 abbreviation will be used to describe the period from January to April, T2 from May to August, and T3 from September to December.

During the first four months of this year, the COVID-19 pandemic was still the number one news topic globally; however, it became notably less prominent in the threat landscape. “One could say ‘fortunately,’ yet as you’ll see in our report, we are continuing to see worrying examples of cybercrooks rapidly abusing trending vulnerabilities and configuration flaws with a focus on achieving high returns on investment,” comments Roman Kováč, Chief Research Officer at ESET. These abuses include continued abuse of the remote desktop protocol (RDP), which remains the number one target of brute-force attacks, increased numbers of cryptocurrency threats, and a steep increase of Android banking malware detections.

The featured story of the report recounts ESET Research’s analysis of a vulnerability chain that allows an attacker to take over any reachable Exchange server. The attack has become a global crisis and ESET researchers identified more than 10 different threat actors or groups that likely leveraged this vulnerability chain. 

The exclusive research presented in the T1 2021 Threat Report brings several updates and new findings about the APT groups Turla and Lazarus. It also includes information about a malicious iOS tweak, which is an application that leverages runtime patching in order to change program behavior, to execute shell commands on jailbroken and compromised iOS devices.

The ESET T1 2021 Threat Report also reviews the most important findings and achievements by ESET researchers. Among many other findings, including an ongoing series investigating Latin American banking trojans, ESET researchers uncovered the Kobalos malware, which attacks high performance computer clusters and other high-profile targets; Operation Spalax, which targets Colombian government organizations and private entities; a highly targeted supply‑chain attack that focused on online gaming in Asia; and a new Lazarus backdoor that was used to attack a freight logistics company in South Africa.

Besides these findings, the report also recapitulates the many virtual talks held by ESET research specialists in T1, introduces talks planned for the upcoming months, and provides an overview of ESET’s participation in the MITRE ATT&CK® Evaluations that emulated the Carbanak and FIN7 adversary groups.

For more information, check out our ESET Threat Report T1 2021 on WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research.

Send us your press releases to

© Press Release 2021

Disclaimer: The contents of this press release was provided from an external third party provider. This website is not responsible for, and does not control, such external content. This content is provided on an “as is” and “as available” basis and has not been edited in any way. Neither this website nor our affiliates guarantee the accuracy of or endorse the views or opinions expressed in this press release.

The press release is provided for informational purposes only. The content does not provide tax, legal or investment advice or opinion regarding the suitability, value or profitability of any particular security, portfolio or investment strategy. Neither this website nor our affiliates shall be liable for any errors or inaccuracies in the content, or for any actions taken by you in reliance thereon. You expressly agree that your use of the information within this article is at your sole risk.

To the fullest extent permitted by applicable law, this website, its parent company, its subsidiaries, its affiliates and the respective shareholders, directors, officers, employees, agents, advertisers, content providers and licensors will not be liable (jointly or severally) to you for any direct, indirect, consequential, special, incidental, punitive or exemplary damages, including without limitation, lost profits, lost savings and lost revenues, whether in negligence, tort, contract or any other theory of liability, even if the parties have been advised of the possibility or could have foreseen any such damages.

More From Press Releases