ESET HOME Security Essential delivers not only outstanding protection of digital life, but also is recognized as the perfect blend of simplicity, advanced customization for tech-savvy users, and low impact on device performance. 

What makes software perfect? Be it an email service, a video editor, a shopping app, or even a video game… First and foremost, it should be outstanding in doing what it is designed to do, right? That’s true, but not the whole story.

On 20 February, ESET was honored with AV-Comparatives’ Product of the Year 2024 Award for ESET HOME Security Essential at AV-Comparatives’ Awards Ceremony. This award is a result of more than 30 years of ESET experience and its efforts to deliver the best cyber protection for home users.

What makes the AV-Comparatives award particularly intriguing is the reviewers’ broad focus on multiple aspects of the assessed cybersecurity solutions. Leaving no stone unturned, they checked anti-malware capabilities, performance, overall user experience, and support across a series of tests in 2024.

Let’s take a look at how ESET HOME Security protects users against both laboratory and real-life scenarios, how it affects the protected device, and why it is so user-friendly.

ESET HOME Security Essential excelled across several protection tests, including AV-Comparatives’ Real-World Protection Test, Malware Protection Test, and Advanced Threat Protection Test. What does this mean for users? It proves that ESET can protect them from hundreds of thousands of threats trying to compromise their devices from a variety of entry points.

See for yourself:

Real-World Protection Test – This test aims to simulate real-world conditions users experience every day while browsing the Internet. Antivirus products are tested against hundreds of malicious URLs. Testers also note any required human interactions, i.e. blocking/allowing detected samples to execute.

Malware Protection Test – While in the Real-World Protection Test the gateway to a tested device is the web, in the Malware Protection Test the vectors can be, for example, network drives or USBs – or they cover scenarios in which the malware is already on the disk.

Advanced Threat Protection (ATP) Test – Also known as the Enhanced Real-World Test, this examination uses penetration techniques that allow attackers to target specific external computer systems, and it evaluates how well security products protect against such attacks. This test also evaluates protection against targeted advanced threats such as exploits and fileless attacks.

The Advanced Threat Protection Test also acknowledges the ESET prevention-first approach, where our technology is configured to stop attacks before they happen. To that end, half of the blocked malware samples (7 of 15) were stopped in their pre-execution phase, i.e. before the threat had run and was still inactive on the system.

This protection is not theoretical. ESET detection engines have discovered and stopped many advanced threats such as Lumma Stealer. Sold on the dark web, this infostealer malware mostly targets cryptocurrency wallets, user credentials, and two-factor authentication browser extensions. It also tries to exfiltrate other data from compromised machines and can spread in multiple ways, including cracked installations of popular open-source and paid apps such as ChatGPT or Vegas Pro.

The real magic behind this “product of the year” is not only making it effective, but ensuring those capabilities don’t significantly slow down the protected device or overwhelm users with false alarms.

Creating security capable of catching malware at every step of its deployment process is one thing (and there can be hundreds of those steps), but it takes a number of real experts to finetune it to effectively block malware without impacting the processes of legitimate software or triggering false alarms. To ensure that the products tested didn’t suffer from these issues, AV-Comparatives’ reviewers also checked for false positives while  products are in their default settings. “False positives can cause as much trouble as a real infection” reads the AV-Comparatives summary report.

ESET HOME Security Essential won the silver medal in the False Positives category as testers detected altogether only 15 false positives during all tests run in 2024. To compare, some other tested solutions produced around 30 false positives in a single test.

On top of that, ESET was also awarded for low system-impact while testers performed usual user procedures such as file copying, installing applications, or browsing websites.

Read the full AV-Comparatives’ Summary Report 2024.

When considering what the best software should look like, the critical part is user experience. And what did AV-Comparatives have to say about ESET HOME Security Essential?

“Reviewers were impressed by the clean, intuitive user interface designed for non-expert users, as well as extensive customization and scan options available for power users.”

They describe ESET HOME Security Essential as a well-designed and easy-to-use security product providing safe default settings and a clean, intuitive interface for non-expert users, where essential features like “help” and access-control are easily accessible. For power users, the settings dialog has plenty of advanced options, including excellent access-control.

In this way, ESET HOME Security Essential can perfectly serve both average Joes and tech-savvy home admins.

Learn more about ESET HOME Security solutions here.

So, what makes a software perfect? Perfect software seamlessly combines functionality, usability, and reliability. It addresses user needs effectively, providing intuitive and user-friendly interfaces that enhance the overall experience.

Having a cyber security solution with all these attributes is especially important when we are talking about protecting your data, identity, and finances. ESET HOME Security Essential is all-in-one protection for your digital life, and ESET is proud to say that it has triumphed as AV-Comparatives´ 2024 Product of the Year.

• DeceptiveDevelopment targets freelance software developers through spearphishing on job-hunting and freelancing sites, aiming to steal cryptocurrency wallets and login information from browsers and password managers.
• This operation primarily uses two malware families – BeaverTail (infostealer, downloader) and InvisibleFerret (infostealer, Remote Access Trojan – RAT).
• DeceptiveDevelopment’s techniques are similar to several other known North Korea-aligned operations.

PRAGUE, BRATISLAVA — February 20, 2025 — Since 2024, ESET researchers have observed a series of malicious North Korea-aligned activities, where the operators, posing as software development  recruiters, entice the victims with fake employment offers. Subsequently, they try to serve their targets with software projects that conceal infostealing malware. ESET Research calls this activity cluster DeceptiveDevelopment. This North Korea-aligned activity is currently not attributed by ESET to any known threat actor. It targets freelance software developers through spearphishing on job-hunting and freelancing sites, aiming to steal cryptocurrency wallets and login information from browsers and password managers.

“As part of a fake job interview process, the DeceptiveDevelopment operators ask their targets to take a coding test, such as adding a feature to an existing project, with the files necessary for the task usually hosted on private repositories on GitHub or other similar platforms. Unfortunately for the eager work candidate, these files are trojanized: Once they download and execute the project, the victim’s computer gets compromised,” explains ESET researcher Matěj Havránek, who made the discovery and analyzed DeceptiveDevelopment.

DeceptiveDevelopment’s tactics, techniques, and procedures are similar to several other known North Korea-aligned operations. Operators behind DeceptiveDevelopment target software developers on Windows, Linux, and macOS. They steal cryptocurrency primarily for financial gain, with a possible secondary objective of cyberespionage. To approach their targets, these operators use fake recruiter profiles on social media. The attackers don’t distinguish based on geographical location, instead aiming to compromise as many victims as possible to increase the likelihood of successfully extracting funds and information.

DeceptiveDevelopment primarily uses two malware families as part of its activities, delivered in two stages. In the first stage, BeaverTail (infostealer, downloader) acts as a simple login stealer, extracting browser databases containing saved logins, and as a downloader for the second stage, InvisibleFerret (infostealer, RAT), which includes spyware and backdoor components, and is also capable of downloading the legitimate AnyDesk remote management and monitoring software for post-compromise activities.

In order to pose as recruiters, the attackers copy profiles of existing people or even construct new personas. They then either directly approach their potential victims on job-hunting and freelancing platforms, or post fake job listings there. While some of these profiles are set up by the attackers themselves, others are potentially compromised profiles of real people on the platform, modified by the attackers.

Some of the platforms where these interactions occur are generic job-hunting ones, while others focus primarily on cryptocurrency and blockchain projects and are thus more in line with the attackers’ goals. The platforms include LinkedIn, Upwork, Freelancer.com, We Work Remotely, Moonlight, and Crypto Jobs List.

Victims receive the project files either directly via file transfer on the site, or through a link to a repository like GitHub, GitLab, or Bitbucket. They are asked to download the files, add features or fix bugs, and report back to the recruiter. Additionally, they are instructed to build and execute the project in order to test it, which is where the initial compromise happens. The attackers often use a clever trick to hide their malicious code: They place it in an otherwise benign component of the project, usually within backend code unrelated to the task given to the developer, where they append it as a single line behind a long comment. This way, it is moved off-screen and stays mostly hidden.

“The DeceptiveDevelopment cluster is an addition to an already large collection of money-making schemes employed by North Korea-aligned actors and conforms to an ongoing trend of shifting focus from traditional money to cryptocurrencies,” concludes Havránek.

For a more detailed analysis and technical breakdown of DeceptiveDevelopment, check out the latest ESET Research blogpost, “DeceptiveDevelopment targets freelance developers,” on WeLiveSecurity.com. Make sure to follow ESET Research on Twitter (today known as X) for the latest news from ESET Research.

Heatmap of different victims of DeceptiveDevelopment

• ESET has been included among knowledgeable respondents in an independent Best Practice report: How To Measure The Effectiveness And Value Of Threat Intelligence.
• ESET Threat Intelligence (ETI) offerings are ideally suited to meet the needs described in the report of the CART model.

BRATISLAVA — February 26, 2025 — ESET, a global leader in cybersecurity solutions, is proud to announce its participation among knowledgeable respondents whom Forrester surveyed in its Best Practice report: How To Measure The Effectiveness And Value Of Threat Intelligence. Forrester, a respected research firm, highlighted the essential characteristics of credible threat intelligence, summarized in the CART model: Complete, Accurate, Relevant, and Timely. ESET Threat Intelligence offerings align closely with these principles, empowering organizations to strengthen their security posture and stay ahead of advanced threats.

“For us, our inclusion in Forrester’s report reinforces our commitment to delivering actionable, high-quality threat intelligence that meets the evolving needs of today’s organizations,” said Juraj Knapec, Product Manager for ESET Threat Intelligence. “By focusing on clarity, accuracy, and timeliness, we enable our clients to make critical decisions faster, reduce exposure, and bolster their defenses against advanced threat actors.”

Forrester’s CART framework underscores the needs for threat intelligence that is:

• Complete: Covering a wide range of sources and threat vectors.
• Accurate: Offering curated and verified insights from practical experience.
• Relevant: Delivering tailored, actionable information that aligns with organizational needs.
• Timely: Enabling proactive decisions by anticipating emerging threats.

ESET Threat Intelligence solutions were designed with these principles in mind. By prioritizing quantitative metrics and providing clarity in threat analysis, ESET ensures its clients receive reliable, actionable data to help mitigate risks effectively.

The report also highlights a critical challenge. Many security and risk professionals struggle to measure the value and effectiveness of their threat intelligence, leading to wasted resources and missed opportunities. Forrester emphasizes the importance of using robust quantitative and qualitative metrics to demonstrate the impact of threat intelligence within an organization, which ESET addresses by providing clear threat intelligence metrics to simplify decision-making, as well as quantitative insights that showcase measurable value and drive strategic outcomes.

As further stated in Forrester´s Best Practice report: How To Measure The Effectiveness And Value Of Threat Intelligence: “Metrics are essential for you to demonstrate the effectiveness of threat intelligence, but resist the temptation to rely solely on consumption-based metrics… more does not necessarily mean better. The right target value for a given metric is unique to each organization’s cybersecurity maturity and risk profile.” Built on the robust CART framework, ETI allows us to customize each threat intelligence solution to meet the unique needs of our clients, ensuring they receive the most targeted and relevant information.

ESET Threat Intelligence provides real-time data on malicious files, domains, IPs, URLs, botnets, and APT activity to help organizations act swiftly. Its Advanced Persistent Threat (APT) Reports offer in-depth analyses of advanced threats, with the PREMIUM packages including direct analyst consultations. Curated, actionable insights enhance detection and response, while seamless SIEM and TIP integration maximizes efficiency. With these offerings, ESET empowers clients to automate threat searches, stay ahead of emerging risks, and reduce incident response times, ultimately strengthening their cybersecurity architecture.

For more information about ESET Threat Intelligence, please visit our website.