Security Researcher, Global Research & Analysis TeamSantiago Pontiroli joined Kaspersky's Global Research and Analysis Team (GReAT) as a security researcher in 2013. His principal responsibilities include the analysis and investigation of security threats in the Latin American region, the development of automatization tools, reverse engineering of programs with malicious code and creating analysis reports derived from threat intelligence studies. His expertise includes the analysis of gaming trends and threats, the evolution of the cryptocurrency sector and implementation of blockchain technologies. Santiago regularly trains executives in topics such as threat intelligence, YARA, and advanced malware analysis. He has been quoted in industry publications across Latin America and has participated as a notable speaker in industry conferences worldwide, including Virus Bulletin, BSides New York and Chile, Kaspersky Security Analyst Summit (SAS) and Nuit du Hack, among others. Santiago holds degrees in systems engineering and systems analysis from the Universidad Tecnológica Nacional F.R.L.P in Buenos Aires, Argentina.
We continue to track the BlueNoroff group’s activities and this October we observed the adoption of new malware strains in its arsenal.
In this report, we compare the ROADSWEEP ransomware and ZEROCLEARE wiper versions used in two waves of attacks against Albanian government organizations.
While hunting for less common Deathstalker intrusions, we identified a new Janicab variant used in targeting legal entities in the Middle East throughout 2020.
This is our latest summary of advanced persistent threat (APT) activities, focusing on events that we observed during Q3 2022.