Junior Security Researcher, GReAT
Leonid joined Kaspersky in 2020 as an intern in the Global Research and Analysis Team (GreAT). Here, he played an active role in the development of internal tools and infrastructure as well as darknet research and assisted in training courses provided by GReAT. In 2021, Leonid was invited to join GReAT as a Junior Security Researcher. As part of his role, he is engaged in open-source security, reverse engineering and malware analysis. In addition to this, Leonid has become one of the authors of Crimeware reports and dark web research publications. Based on his successful research he appears as a speaker in Kaspersky videos demonstrating his expertise in Threat Intelligence.In this report we provide technical analysis of the GamePlayerFramework deployed by an APT we call DiceyF, which is targeting online casinos in Southeast Asia.
In this report we focus on tactics, techniques, and procedures (TTPs) of the DeftTorero (aka Lebanese Cedar or Volatile Cedar) threat actor, which targets Middle East countries.
Kimsuky (also known as Thallium, Black Banshee and Velvet Chollima) is a prolific and active threat actor primarily targeting Korea-related entities. In early 2022, we observed this group was attacking the media and a think-tank in South Korea.
VileRAT is a Python implant, part of an evasive and highly intricate attack campaign against foreign exchange and cryptocurrency trading companies.