Education:Software Engineering student at École de Technologie supérieure
Highlights of your career? OSX/Flashback analysis
Position and history at ESET? Malware Researcher since January 2012
What malware do you hate the most? Malware that steals money or destroys documents
Favorite activities? Photography, Cycling, Playing the clarinet
When did you get your first computer and what kind was it? I rember playing with the TI-99 of my grandfather. At the time it was only playing simple games ;)
Favorite computer game/activity? CTF competitions
ESET researchers discovered a set of previously undocumented Linux malware families based on OpenSSH. In the white paper, “The Dark Side of the ForSSHe”, they release analysis of 21 malware families to improve the prevention, detection and remediation of such threats
Customers see their admin credentials stolen and their servers infected with Linux/ChachaDDoS
It’s tax season in Canada and scammers are using fake tax refund forms to lure victims into supplying their personal information via phishing pages
Relating the collaboration between ESET experts and the FBI about the Windigo's operation, which ended with the sentencing of Maxim Senakh.
A new ransomware outbreak today has hit some major infrastructure in Ukraine including Kiev metro. Here are some details about this new variant of Petya.
The strange behavior of a simple Windows application caught our attention and sparked the analysis by ESET of a previously undocumented malware.
This last month we have seen a new ransomware for Mac. Written in Swift, it is distributed on BitTorrent distribution site as “Patcher” for pirating popular software.
ESET has carried out analysis of new samples of the crypto-ransomware family TorrentLocker, to compare the 2016 campaigns against its research in late 2014.
For the last few weeks, ESET has been investigating OSX/Keydnap, a malware that steals the content of the keychain while maintaining a permanent backdoor.
One year after the release of the technical analysis of the Mumblehard Linux botnet, it is no longer active. ESET, in collaboration with the Cyber Police of Ukraine and CyS Centrum LLC, have taken down the botnet, stopping its spamming activities.
ESET researchers are actively monitoring malware that targets embedded systems such as routers, gateways and wireless access points. We call this new threat Linux/Remaiten.
Earlier this year, a new type of trojan caught the attention of ESET researchers. This article will take a deep dive into how the exploit works and briefly describe the final payload.
Today, ESET researchers reveal a family of Linux malware that stayed under the radar for more than 5 years. We have named this family Linux/Mumblehard. A white paper about this threat is available for download on WeLiveSecuriy.
ESET assess the differences between CryptoFortress and TorrentLocker: two very different strains of ransomware.
Today, we are publishing research on ransomware that emerged in 2014. We have posted blog articles about this threat before, to raise awareness when we realized the criminals were targeting the United Kingdom and Spain.
Three weeks ago, iSIGHT Partners discovered a new Ransomware encrypting victims’ documents. They dubbed this new threat TorrentLocker. TorrentLocker propagates via spam messages containing a link to a phishing page where the user is asked to download and execute “package tracking information”. In August, only Australians were targeted with fake Australian Post package-tracking page. While
In this blog post, we provide an in-depth analysis of Linux/Ebury - the most sophisticated Linux backdoor ever seen by our researchers. It is built to steal OpenSSH credentials and maintain access to a compromised server.
We think that there could be rootkits targeting the OS X platform, but we have very limited visibility into that threat right now. We know that we don’t know. Today, ESET is releasing a simple tool to detect rootkits on OS X.
Some 400 web servers found infected with Linux/Cdorked.A. including 50 in Alexa’s top 100,000 websites. And this backdoor has been applied to Lighttpd and nginx binaries in addition to Apache.
