Alexey Antonov

Lead data scientist, Kaspersky

Alexey joined Kaspersky in 2010. In his current role, he leads the Detection Methods Analysis Group (DMAG). The group researches up-to-date machine learning techniques and implements these to detect security threats. Alexey has developed a variety of models for detecting executable files, created locality-sensitive hashing for PE files, and designed models for detecting intrusion methods. He holds patents to many of these innovations. Alexey also conducts research in the field of ML model security. His expertise is backed by a Ph.D. degree in the field of mathematics and software engineering for computers, complexes, and computer networks.

Reports

Kaspersky analyzes SideWinder APT’s recent activity: new targets in the MiddleEast and Africa, post-exploitation tools and techniques.

Kaspersky shares insights into the activity and TTPs of the BlindEagle APT, which targets organizations and individuals in Colombia, Ecuador, Chile, Panama and other Latin American countries.

Kaspersky has identified a new EastWind campaign targeting Russian organizations and using CloudSorcerer as well as APT31 and APT27 tools.

The report features the most significant developments relating to APT groups in Q2 2024, including the new backdoor in Linux utility XZ, a new RAT called SalmonQT, and hacktivist activity.

Alexey Antonov

How to confuse antimalware neural networks. Adversarial attacks and protection

How we took part in MLSEC and (almost) won

Analysis of user password strength

Publications

Analysis of user password strength

How we took part in MLSEC and (almost) won

How to confuse antimalware neural networks. Adversarial attacks and protection

Reports

Beyond the Surface: the evolution and expansion of the SideWinder APT group

BlindEagle flying high in Latin America

EastWind campaign: new CloudSorcerer attacks on government organizations in Russia

APT trends report Q2 2024

Subscribe to our weekly e-mails