Head of Anti-Malware Research, Kaspersky
As Head of Anti-Malware Research, Alexander is responsible for ensuring that Kaspersky products provide quality protection from security threats across all platforms. This includes improving threat detection rates, creating new technologies for protection against advanced threats, and the development of current malware detection mechanisms. Alexander joined Kaspersky in 2006 as a malware analyst in the Packed Objects Analysis Group. Within this role he acquired great experience in reverse engineering and software development. In 2013, he became a leader in the Heuristic Detection Group and, several years later, the group’s manager. The division provided generic detections for all kinds of threats as well as developing malware detection methods. As a lead malware analyst, Alexander designed and developed a number of technologies that currently form the basis of Kaspersky’s anti-virus engine. In 2018, Alexander became Head of the Heuristic Detection and Vulnerability Research Team. The team was responsible for heuristic and generic malware detection, developing new threat protection technologies, static and dynamic exploit detection, vulnerability assessment and patch management, packed objects analysis and format parsers. Alexander graduated with honors from the Department of Mechanics and Mathematics at Moscow State University.In this report Kaspersky researchers provide an analysis of the previously unknown HrServ web shell, which exhibits both APT and crimeware features and has likely been active since 2021.
Asian APT groups target various organizations from a multitude of regions and industries. We created this report to provide the cybersecurity community with the best-prepared intelligence data to effectively counteract Asian APT groups.
We unveil a Lazarus campaign exploiting security company products and examine its intricate connections with other campaigns
How Kaspersky researchers obtained all stages of the Operation Triangulation campaign targeting iPhones and iPads, including zero-day exploits, validators, TriangleDB implant and additional modules.