Jakub Souček

Jakub Souček

Senior Malware Researcher


Education:
Master's in Computer Security at FIT CTU

Position and history at ESET:
I joined ESET while still finishing my studies in 2015 as a Malware Analyst. I spend quite some time tracking various botnets and transitioned to Malware Research in 2022.

Favorite activities:
LEGO, console couch games, TV series, skiing

What is your golden rule for cyberspace?
Trust no one.


6 articles by Jakub Souček

Killing me gently: Inside Gentlemen’s EDR killer framework

Killing me gently: Inside Gentlemen’s EDR killer framework

Killing me gently: Inside Gentlemen’s EDR killer framework

ESET Research shares the results of a months-long investigation into the suite of EDR killers maintained by the RaaS gang Gentlemen

Jakub Souček18 Jun 202614 min. read


EDR killers explained: Beyond the drivers

EDR killers explained: Beyond the drivers

EDR killers explained: Beyond the drivers

ESET researchers dive deeper into the EDR killer ecosystem, disclosing how attackers abuse vulnerable drivers

Jakub Souček19 Mar 202620 min. read


Shifting the sands of RansomHub’s EDRKillShifter

Shifting the sands of RansomHub’s EDRKillShifter

Shifting the sands of RansomHub’s EDRKillShifter

ESET researchers discover new ties between affiliates of RansomHub and of rival gangs Medusa, BianLian, and Play

Jakub Souček and Jan Holman26 Mar 202522 min. read


Telekopye transitions to targeting tourists via hotel booking scam

Telekopye transitions to targeting tourists via hotel booking scam

Telekopye transitions to targeting tourists via hotel booking scam

ESET Research shares new findings about Telekopye, a scam toolkit used to defraud people on online marketplaces, and newly on accommodation booking platforms

Jakub Souček and Radek Jizba10 Oct 202411 min. read


CosmicBeetle steps up: Probation period at RansomHub

CosmicBeetle steps up: Probation period at RansomHub

CosmicBeetle steps up: Probation period at RansomHub

CosmicBeetle, after improving its own ransomware, tries its luck as a RansomHub affiliate

Jakub Souček10 Sep 202418 min. read


Scarabs colon-izing vulnerable servers

Scarabs colon-izing vulnerable servers

Scarabs colon-izing vulnerable servers

Analysis of Spacecolon, a toolset used to deploy Scarab ransomware on vulnerable servers, and its operators, CosmicBeetle

Jakub Souček22 Aug 202322 min. read