ESET arrives at RSA Conference 2021 with research on stalkerware, air-gapped networks and XP exploits

ESET will highlight its latest and as yet unpublished research during the RSA Conference 2021 taking place virtually from today till May 20. ESET researchers Jean-Ian Boutin, Alexis Dorais-Joncas, Zuzana Hromcová and Lukáš Štefanko will provide a deep dive into Windows XP exploits, how nation-state actors have been breaching air-gapped networks and Android stalkerware.

Two of the presentations will take place on the opening day of the conference on May 17. ESET researcher Lukáš Štefanko will address “Security: The Hidden Cost of Android Stalkerware” from 11:20 to 12:00 PDT (20:20 to 21:00 CEST). Stalkerware is used to spy on users by gathering, transmitting, and storing their personal information. ESET Research has discovered serious vulnerabilities in Android stalkerware apps and their monitoring servers that could result in serious user impact if exploited.

“Mobile stalkerware is a popular threat sold legally on various websites,” explains Štefanko. “Based on ESET telemetry, the number of detections of stalkerware in 2020 rose by 48% compared to 2019. I will cover more than 80 different families of Android stalkerware and focus on security issues and privacy flaws in their code.”

Immediately following Štefanko, Head of Threat Research at ESET Jean-Ian Boutin and ESET researcher Zuzana Hromcová will take the virtual stage with “Beyond Living-Off-the-Land: Why XP Exploits Still Matter” from 12:05 to 12:45 PDT (21:05 to 21:45 CEST). Living-off-the-land refers to a technique where attackers use legitimate, preinstalled tools to carry out their malicious operations.

“This presentation will introduce the evolution of this technique, and explain how vulnerable binaries can be leveraged to replace the well-known and well-mapped living-off-the-land binaries,” says Hromcová.

“A vulnerable Windows XP DLL can quickly turn incident response into a nightmare, even on non-XP machines,” adds Boutin. “Learn from ESET’s experience and leverage our guidance to fortify your defenses against this emerging trend.”

The final presentation from ESET Research will be delivered by Alexis Dorais-Joncas, security intelligence team lead at ESET. His presentation on May 19 (time yet to be confirmed) is headlined: “Jumping the air-gap: 15 years of nation-state efforts.”

“Nation-state actors have been breaching air-gapped networks for over a decade, and we’ve analyzed and compared all their malicious frameworks known to date,” emphasizes Dorais-Joncas. “So, learn from the best and discover how they’re doing this, so you can protect yourself better.”