Senior Security Researcher at Kaspersky`s GReAT
Mark Lechtik is a Senior Security Researcher at Kaspersky`s GReAT, based in Israel. He is mainly engaged with malware analysis and threat intelligence. Formerly, Mark reverse engineered a bunch of North Korean anti-viruses, and spoke about it in a few conferences. Today he is mostly engaged with breaking down malware and understanding the nitty gritty of APT campaigns.While monitoring the traffic of our own corporate Wi-Fi network, we noticed suspicious activity that originated from several iOS-based phones. We created offline backups of the devices, inspected them and discovered traces of compromise.
GoldenJackal is an APT group, active since 2019, that usually targets government and diplomatic entities in the Middle East and South Asia. The main feature of this group is a specific toolset of .NET malware, JackalControl, JackalWorm, JackalSteal, JackalPerInfo and JackalScreenWatcher.
Kaspersky analysis of the CloudWizard APT framework used in a campaign in the region of the Russo-Ukrainian conflict.
For more than five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research; and they provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports.
Notifications