Author
Alexis Dorais-Joncas
Alexis Dorais-Joncas
Security Intelligence Team Lead

Education: M. Sc., Electrical Engineering

Highlights of your career? VP engineering @ tech startup Kryptiva
Malware Researcher @ ESET
Security Intelligence Team Lead @ ESET

Position and history at ESET? Joined ESET as a Malware Researcher in 2010
Co-started ESET Canada office in Montreal in 2011
Currently holding a Security Intelligence Team Lead position in Montreal.

What malware do you hate the most? Festi

Favorite activities? Camping and home improvement projects.

What is your golden rule for cyberspace? Use multiple layers of protection: A-V, hardened browsers & OS, etc.

When did you get your first computer and what kind was it? In 1996, my parents got the family a Pentium 1 @133 Mhz and 16 Mb RAM. 6 months later we even installed a 9600 modem to connect to the Internet.

Favorite computer game/activity? Freecell is awesome.

More Info

Syndicasec in the sin bin: targeted espionage malware in action

Technical analysis of Win32/Syndicasec.A, malware active in Nepal and China as far back as 2010, with a JavaScript payload registered in the Windows WMI subsystem and a system of fake blogs to discover its C&C servers, hosted on Tibet-related domains.

Win32/Kelihos botnet keeps on phishing, now exploiting Boston bombing

The botnet known as Win32/Kelihos keeps on infecting, now touting a YouTube video of the Boston Marathon bombing that comes with a malicious iframe pointing to a Redkit exploit page that infects viewers.

Malware evolving to defeat anti-DDoS services like CloudFlare?

Could distributed denial of service (DDoS) malware be evolving to defeat anti-DDoS security measures like CloudFlare? We do not usually see a lot of innovative denial-of-service malware in our day-to-day work. What we do see usually boils down to the basic flooding techniques: TCP Syn, UDP and ping floods, and sometimes HTTP-oriented floods. Of course,

Walking through Win32/Jabberbot.A instant messaging C&C

Malware authors have a solid track record in regards to creative Command and Control protocols. We’ve seen peer-to-peer protocols, some custom (Sality), some standard (Win32/Storm uses the eDonkey P2P protocol).

Walking through Win32/Jabberbot.A

Malware authors have a solid track record in regards to creative Command and Control protocols. We’ve seen peer-to-peer protocols, some custom (Sality), some standard (Win32/Storm uses the eDonkey P2P protocol). We’ve seen binary protocols (Win32/Peerfrag, aka Palevo). We’ve seen other custom protocols that leverage other standard protocols such as HTTP (Win32/Georbot), DNS (Morto)and IRC (Win32/AutoRun.IRCBot.AK),

OS X Lamadai: Flashback isn't the only Mac malware threat

The Flashback trojan has been all over the news lately, but it is not the only Mac malware threat out there at the moment. A few weeks ago, we published a technical analysis of OSX/Lamadai.A, the Mac OS X payload of a multi-platform attack exploiting the Java vulnerability CVE-2011-3544 to infect its victims. OSX/Lamadai.A has

OSX/Lamadai.A: The Mac Payload

Earlier this month, researchers from AlienVault and Intego reported a new malware attack targeting Tibetan NGOs (Non-Governmental Organizations). The attack consisted of luring the victim into visiting a malicious website, which then would drop a malicious payload on the target’s computer using Java vulnerability CVE-2011-3544 and execute it. The webserver would serve a platform-specific JAR

OSX/Imuler updated: still a threat on Mac OS X

A new variant of Mac information-stealer OSX/Imuler hides itself inside a ZIP archive, right in the middle of an array of erotic pictures.

Follow Us

Sign up to our newsletter

The latest security news direct to your inbox

ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.