Junior Security Researcher, GReATLeonid joined Kaspersky in 2020 as an intern in the Global Research and Analysis Team (GreAT). Here, he played an active role in the development of internal tools and infrastructure as well as darknet research and assisted in training courses provided by GReAT. In 2021, Leonid was invited to join GReAT as a Junior Security Researcher. As part of his role, he is engaged in open-source security, reverse engineering and malware analysis. In addition to this, Leonid has become one of the authors of Crimeware reports and dark web research publications. Based on his successful research he appears as a speaker in Kaspersky videos demonstrating his expertise in Threat Intelligence.
In this report, we compare the ROADSWEEP ransomware and ZEROCLEARE wiper versions used in two waves of attacks against Albanian government organizations.
While hunting for less common Deathstalker intrusions, we identified a new Janicab variant used in targeting legal entities in the Middle East throughout 2020.
This is our latest summary of advanced persistent threat (APT) activities, focusing on events that we observed during Q3 2022.
In the second part of this report, we discuss improvements made to the LODEINFO backdoor shellcode in 2022.