Junior Security Researcher, GReATLeonid joined Kaspersky in 2020 as an intern in the Global Research and Analysis Team (GreAT). Here, he played an active role in the development of internal tools and infrastructure as well as darknet research and assisted in training courses provided by GReAT. In 2021, Leonid was invited to join GReAT as a Junior Security Researcher. As part of his role, he is engaged in open-source security, reverse engineering and malware analysis. In addition to this, Leonid has become one of the authors of Crimeware reports and dark web research publications. Based on his successful research he appears as a speaker in Kaspersky videos demonstrating his expertise in Threat Intelligence.
While monitoring the traffic of our own corporate Wi-Fi network, we noticed suspicious activity that originated from several iOS-based phones. We created offline backups of the devices, inspected them and discovered traces of compromise.
GoldenJackal is an APT group, active since 2019, that usually targets government and diplomatic entities in the Middle East and South Asia. The main feature of this group is a specific toolset of .NET malware, JackalControl, JackalWorm, JackalSteal, JackalPerInfo and JackalScreenWatcher.
Kaspersky analysis of the CloudWizard APT framework used in a campaign in the region of the Russo-Ukrainian conflict.
For more than five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research; and they provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports.