Ivan Kwiatkowski
Senior Security Researcher at Kaspersky`s GReAT
An OSCP and OSCE-certified penetration tester and malware analyst working as a Senior Security Researcher in the Global Research and Analysis Team (GReAT) at Kaspersky Lab since 2018. Also delivers Kaspersky’s reverse-engineering trainings in Europe. Ivan maintains an open-source dissection tool for Windows executables and his research was presented during several cybersecurity conferences. As a digital privacy activist, he also operates an exit node of the Tor network.Publications
External Publications
Reports
CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit
In this report, we present a UEFI firmware rootkit that we called CosmicStrand and attribute to an unknown Chinese-speaking threat actor.
The SessionManager IIS backdoor
In early 2022, we investigated an IIS backdoor called SessionManager. It has been used against NGOs, government, military and industrial organizations in Africa, South America, Asia, Europe, Russia and the Middle East.
APT ToddyCat
ToddyCat is a relatively new APT actor responsible for multiple sets of attacks against high-profile entities in Europe and Asia. Its main distinctive signs are two formerly unknown tools that we call ‘Samurai backdoor’ and ‘Ninja Trojan’.
WinDealer dealing on the side
We have discovered that malware dubbed WinDealer, spread by Chinese-speaking APT actor LuoYu, has an ability to perform intrusions through a man-on-the-side attack.
Subscribe to our weekly e-mails
The hottest research right in your inbox
