BRATISLAVA – ESET has named its partner in transforming the premises of the former Military Hospital at Patrónka into the Center for Innovation and Creativity – ESET Campus – the world-renowned architectural studio Bjarke Ingels Group (BIG). Architects from one of today’s most sought-after studios have won the international architectural competition that was announced by ESET last September. As ESET Campus is an exceptional project in terms of scope but especially the combination and interconnectedness of functions, the most important selection criteria were previous experience with a focus on master planning, campuses and innovation centers, but also sufficient studio size and capacity.

“We also see ESET Campus as an extremely complex project for our company, which is why we paid a lot of attention and time to the choice of the conceptual architect. The international competition and workshops with the addressed studios, as well as discussions with Slovak experts who helped us with the selection, significantly moved us not only in thinking about the future design of the project, but also on current topics such as sustainability, ecology and flexibility of the working environment. In addition, we are preparing this exceptional project at a time that posed completely new challenges for us, so I am very happy that we will develop it with exceptional architects from the BIG studio,” said Pavel Luka, ESET’s chief operating officer, about the results of the competition.

“We are honoured to work with ESET, which has set out an extraordinary level of ambition for their new headquarters. With the global events of 2020 and the rise of remote working in mind, this has become an opportunity to explore the future of both physical and virtual work space, and to rethink the campus as an integrated part of the city. The vision is to demonstrate a true carbon neutral approach to construction, and to create a campus blended closely with the natural environment at the foot of the Small Carpathians,” said Andreas Klok Pedersen, partner, BIG London.

As the intention of the competition was the presentation of conceptual proposals and the selection of a long-term partner for cooperation, the result of the selection is not yet the final design of the project. It should be created in the coming months in cooperation with the BIG studio, ESET and also with the involvement of a local architectural studio, the selection of which is currently being prepared.

Based on the cooperation of ESET with the Faculty of Architecture and Design of the Slovak Technical University (FAD STU) in Bratislava, the architects from the BIG studio also became the guarantors of the newly opened 25th vertical studio at FAD STU. In the next school year, under their leadership, students will solve assignments related to the topic of innovation centers, science parks, and sustainability, but also design solutions in the post-COVID-19 era.

ABOUT THE ESET CAMPUS PROJECT
ESET acquired the plot of land at the Bratislava Patrónka site in 2017. It plans to create an ESET Campus on the site of the former Military Hospital — a living place that will turn this part of the city into an epicenter of innovation and creativity in Bratislava. In addition to the new headquarters and global research center of ESET, the campus will create a unique and stimulating environment for IT and technology companies and startups, and connect them with technically oriented universities.

In addition to a high-quality environment for innovation and research, the campus will provide a wide range of other useful services and facilities, unique public spaces and, in part, a residential function intended mainly for company employees. The campus is also envisioned to create modern forms of accommodation for students, which can deepen the integration of universities within this innovative ecosystem. An important part of the campus will be its sports infrastructure and auditorium; many of these spaces will also be available to the general public.

The campus will be built on the principles of functionality, sustainability and ecology. It is intended to support the use of public transport and maximum comfort for pedestrians as much as possible. In addition to public transport stops, there is also a railway station in the immediate vicinity of the complex, thanks to which train transport in this part of the city could become a full-fledged part of public transport.

BIG – BJARKE INGELS GROUP
BIG is a Copenhagen, New York, London and Barcelona based group of architects, designers, urbanists, landscape professionals, interior and product designers, researchers and inventors. The office is currently involved in a large number of projects throughout Europe, North America, Asia and the Middle East. BIG’s architecture emerges out of a careful analysis of how contemporary life constantly evolves and changes, not least due to the influence from multicultural exchange, global economic flows and communication technologies that all together require new ways of architectural and urban organization. More info: big.dk.

Google headquarters, USA. With Google and parent company Alphabet’s ever-expanding and ever-evolving ventures, occupying existing buildings for the expanding workforce has reached its organizational limitations – teams become spread across multiple buildings, separated by parking lots. On the other hand, a single centralized headquarters is also not the approach for Google, nor is it desirable for the city of Mountain View. Our mission is to create a replicable and scalable building typology that is also adaptable and inclusive to the various sites of North Bayshore and beyond. More info: big.dk/press/gce/

Toyota Woven City. Together with Toyota Motor Corporation, BIG unveils Toyota Woven City as the world’s first urban incubator dedicated to the advancement of all aspects of mobility at the foothills of Mt. Fuji in Japan. Envisioned as a living laboratory to test and advance mobility, autonomy, connectivity, hydrogen-powered infrastructure and industry collaboration, More info: big.dk/press/twc

Google London headquarter, UK.  Centrally located in King’s Cross and adjacent to the city’s largest station, Google’s London headquarters will be its first wholly owned and designed building outside the United States. The new 11-storey building, combined with Google’s current building at 6 Pancras Square and an additional third building, will create a King’s Cross Campus with the potential to house 7,000 Google employees. Comprising of more than 1 million sqft, of which Google will occupy 650,000 sqft, the purpose-built building is being developed from the ground up and will contribute to the Knowledge Quarter and King’s Cross’s growing knowledge-based economy. More info: big.dk/press/kgx

BRATISLAVA – ESET, a global leader in IT security, will highlight its top research for 2020 during the VB2020 localhost conference. This year, the Virus Bulletin international conference will go entirely online, thus the name change. The virtual event will take place over three days from September 30 to October 2. ESET researchers will hold four presentations and participate in one panel debate. Two notable research presentations, which have not been published before, are the discovery of knowledge sharing among Latin American financial cyber criminals and a previously undisclosed cyber espionage operation targeting several governments in Eastern Europe, the Balkans and Russia. The conference is free this year, with registration required.

First to present will be Jakub Souček and Martin Jirkal, from ESET’s R&D center in Prague, about Latin American financial cybercriminals – competitors in crime who benefit from sharing tactics, techniques and procedures. Even though knowledge sharing among cybercriminals is not unusual, seeing so many examples of it in region-specific malware families with the same focus caught the attention of ESET researchers. The presentation will take place on October 1, 19:45-20:15 CEST.  
The second presentation will cover a discovery ESET researchers made earlier this year: a previously undisclosed cyber espionage operation targeting several governments in Eastern Europe, the Balkans and Russia. The presentation, headlined “XDSpy: Stealing government secrets since 2011,” will be held by ESET Montreal researchers Matthieu Faou and Francis Labelle on October 2, 20:15-20:45 CEST.  

The final live online talk, based on a recent ESET white paper, will be given by researcher Zuzana Hromcova on October 2, 21:00-21.30 CEST. The presentation, “InvisiMole: First-class persistence through second-class exploits,” will discuss the InvisiMole group’s surprisingly effective strategy to evade detection using old exploits.

You can join the livestreamed presentations anytime, and re-watch, rewind or pause them.

The fourth presentation will be a recorded one by Ignacio Sanmillan on “Ramsay: A cyber-espionage toolkit tailored for air-gapped networks.” This research was first published in May 2020.  

ESET Senior Research Fellow Righard Zwienenberg will participate in a recorded panel debate on “Flattening the Curve of Cyber-Risks” in the Threat Intelligence Practitioners’ Summit track.

For more information, visit VB2020 localhost’s website and WeLiveSecurity.com, where the new research will be subsequently published. Make sure to follow ESET research on Twitter for the latest news from ESET Research.

BRATISLAVA – ESET, a global leader in cybersecurity, has launched version 6.0 of ESET Mobile Security (EMS), an award-winning solution that provides protection against a multitude of Android mobile security threats such as malware and phishing, and now has the added feature of Payment Protection for financial transactions.

ESET Mobile Security protects users’ data against loss, leakage and misuse through strong malware protection, as well as providing a safe browsing environment with its anti-phishing feature. EMS also protects users from physical loss and theft, connecting to my.eset.com to provide as much real-time information as possible about the status and whereabouts of the device.

Version 6.0 of the premium Mobile Security solution introduces a new layer of security for EMS users. The Payment Protection feature safeguards users from applications that utilize sensitive financial information such as banking transactions and online shopping. This feature automatically categorizes all installed applications from the Google Play Store that fall into the Finance category and scans them for potential threats. The user is also able to add other installed apps to the list that may fall outside of the Finance category.

A “safe launcher” icon is added to the user’s list of applications, and from there, apps pertaining to sensitive financial data can be launched and will be protected from malware or fake apps that may be attempting to steal credentials by replicating login screens. If an app is not launched from the safe launcher module, Mobile Security will continue to run a basic scan for unresolved antivirus issues, open network usage and the root state of the device.

To further cement ESET’s commitment to cutting-edge Android mobile protection, the company has been awarded the MRG Effitas Certificate in the Android 360° Assessment Programme Q1 2020 by MRG Effitas, a world leader in independent IT security efficacy testing, research and expertise. As the report highlights, Android devices are used by approximately 2.3 billion people around the globe, and with Android-based malware on a constant rise, it is vital that antivirus solutions protect against 100% of threats.

Version 6.0 has also undergone design changes to improve intuitiveness and ease-of-use features, such as the Call Filter feature that allows users to protect against unwanted incoming calls and a redesign of the Anti-Theft feature to allow for simpler onboarding and the resetting of passwords.

Branislav Orlík, product manager at ESET, states: “Mobile devices are a central part of our everyday lives and go far beyond just the need to call or message our friends and family. Our mobile devices are now a direct pathway to our wallets, our memories and our jobs, and it is vital that personal data is safely secured, especially sensitive financial data. With this latest version of ESET Mobile Security, we want to ensure our users feel completely secure when performing financial transactions on their devices, in addition to being protected from malware and phishing attempts. At ESET, we are dedicated to the safety of technology users across the globe and are proud to be recognized for our innovative and reliable security solutions.”

For further information on ESET Mobile Security, click here.

BRATISLAVA – ESET researchers have discovered and analyzed malware that targets Voice over IP (VoIP) softswitches. This new malware, named CDRThief by ESET, is designed to target a very specific VoIP platform used by two China-made softswitches (software switches): Linknat VOS2009 and VOS3000. A softswitch is a core element of a VoIP network that provides call control, billing, and management. These softswitches are software-based solutions that run on standard Linux servers. Entirely new Linux malware is rarely seen, thus making CDRThief worthy of interest. The primary goal of the malware is to exfiltrate various private data, including call detail records (CDR), from a compromised softswitch.

“It’s hard to know the ultimate goal of attackers who use this malware. However, since it exfiltrates sensitive information, including call metadata, it seems reasonable to assume that the malware is used for cyberespionage. Another possible goal for attackers using this malware is VoIP fraud. Since the attackers obtain information about the activity of VoIP softswitches and their gateways, this information could be used to perform International Revenue Share Fraud,” says ESET researcher Anton Cherepanov, who discovered CDRThief. “CDRs contain metadata about VoIP calls such as caller and IP addresses of call recipients, starting time of the call, call duration, call fees, and other information,” he adds.

To steal this metadata, the malware queries internal MySQL databases used by the softswitch. Thus, attackers demonstrate a solid understanding of the internal architecture of the targeted platform.

“We noticed this malware in one of our sample sharing feeds, and as an entirely new Linux malware, it’s a rarity and caught our attention. What was even more interesting was that it quickly became apparent that this malware targeted a specific Linux VoIP platform,” explains Cherepanov.

To hide malicious functionality from basic static analysis, the authors encrypted any suspicious-looking strings. Interestingly, the password from the configuration file is stored encrypted. Despite this, Linux/CDRThief malware is still able to read and decrypt it. Thus, the attackers demonstrate deep knowledge of the targeted platform, since the algorithm and encryption keys used are not documented. Furthermore, only the malware authors or operators can decrypt any exfiltrated data.

“The malware can be deployed to any location on the disk under any file name. It’s unknown what type of persistence is used for starting the malware. However, it should be noted that once the malware is started, it attempts to launch a legitimate file present on the Linknat platform. This suggests that the malicious binary might somehow be inserted into a regular boot chain of the platform in order to achieve persistence and possibly masquerade as a component of the Linknat softswitch software,” concludes Cherepanov.

For more technical details about CDRThief, read the blog post “Who is calling? CDRThief targets Linux VoIP softswitches” on WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research.