Author
Sébastien Duquette
Sébastien Duquette
Malware Researcher

Education? Graduate in Computer Science at Université du Québec à Montréal.

Highlights of my career? Took part in the investigation on Georbot in spring 2012.

Position and history at ESET? Malware Researcher, ESET Canada. With ESET for 2 years.

What malware do you hate the most? Exploit kits.

Favorite activities? Cycling, Starcraft 2.

What is your golden rule for cyberspace? Keep your software up to date.

When did you get your first computer and what kind was it? Commodore 64 when I was 7 years old.

Favorite computer game/activity? Starcraft 2.

More Info

Two recently patched Adobe Flash vulnerabilities now used in Exploit Kits

Two Flash vulnerabilities that were fixed by Adobe 2 weeks ago are now being used in exploit kits. This is in addition to a third vulnerability, CVE-2014-0556, that was patched in September and that has also been added to Nuclear EK last week.

How to make sure Adobe Flash is up-to-date and enabling it on-demand

Learn how to update Adobe Flash Player, to help protect against malware attacks.

Interactive exploit kit redirection technique

The usual pattern we see when dealing with exploit kits starts with a legitimate website that gets compromised and used to automatically redirect its visitors to the actual malicious content.

The Home Campaign: overstaying its welcome

The Home Campaign is a malware campaign that uses a modified variant of Darkleech to direct visitors to the Blackhole exploit kit. We want to give a better idea of the size and extent of this campaign.

Sinkholing of Trojan Downloader Zortob.B reveals fast growing malware threat

Malware infecting 25,000 computers, mostly in the United States, pumping out 80 million spam messages per hour? ESET researchers sinkhole to investigate Win32/TrojanDownloader.Zortob.B

Linux/SSHDoor.A Backdoored SSH daemon that steals passwords

In his summary of New Year predictions by security researchers here at ESET, Stephen Cobb pointed to expanded efforts by malware authors to target the Linux operating system. Looks like that might be right: A blog post published by Sucuri yesterday describes a backdoored version of the SSH daemon discovered on compromised servers. Interestingly, this

Foxxy Software Outfoxed?

Part of my daily routine here at ESET is to inspect URLs for new trends and malware campaigns identified by our systems. A couple of weeks ago I noticed a group of URLs with a similar pattern. When I investigated further, I found out that the URLs pointed to copies of legitimate web sites with

Spam campaign uses Blackhole exploit kit to install SpyEye

This article was written in collaboration with my colleague Jean-Ian Boutin. The Wigon botnet (also known as Cutwail) is being used in a massive spam campaign. A multitude of ruses are used to get the user to click on a link: fake LinkedIn or Facebook notifications, free Windows licenses, fake deliveries etc. The links are

Win32/Flooder.Ramagedos botnet participating in DDoS related to elections in Russia

Russia has been in the news for the last week, with thousands of protesters taking to the street to protest against alleged irregularities in the elections held on December 4th. There are also multiple reports of attempts to silence protesters on the Internet, such as DDoS attacks against websites used by the political opposition, the use

Win32/Delf.QCZ : Additional details

At the beginning of this month, my colleague Robert Lipovsky posted an article on a new threat called Win32/Delf.QCZ, also known as Trojan.Badlib or Trojan.Win32.Miner.h. This threat caught the attention of others and additional information has since been added by fellow researchers on the blogs of Kaspersky and Symantec as well as on the H-Online

Win32/PSW.OnlineGames.OUM : Part 2 – Data stealing

Win32/PSW.OnlineGames.OUM is a malware that aims to steal credentials for online games. It targets popular titles such as World of Warcraft, Star Wars Galaxy, Lineage 2 or Guild Wars. Active since 2006, it is amongst the most detected threats by ESET, taking the 7th position between January and April 2011. In our previous blog post,

Win32/PSW.OnlineGames.OUM – Part 1 : The update process

Win32/PSW.OnlineGames.OUM is a malware that aims to steal credentials for online games. It targets popular game titles such as World of Warcraft, Star Wars Galaxy, Lineage 2 or Guild Wars. Active since 2006. This malicious software is amongst the most detected threats by ESET, taking the 7th position of the Top 10 most detected threats

Follow Us

Sign up to our newsletter

The latest security news direct to your inbox

ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.