David Jacoby

Senior Security Researcher, Global Research & Analysis Team

David joined Kaspersky in 2010 as a senior security researcher for the Nordic region. From his base in Sweden, he is also responsible for technical PR activities for the same region and for North Europe, where he acts as a technical spokesperson. David has a passion for researching vulnerabilities and threats. His research often focuses on identifying vulnerabilities and threats in not only enterprise environments but also identifying social and psychological threats in, for example, social media. He also has a true passion for alternative operating systems such as UNIX, Linux, BSD, etc. Prior to joining Kaspersky, David worked in vulnerability research and vulnerability management. He was a senior security researcher, advisor and consultant at TrueSec AB. Before joining TrueSec AB in 2008, David worked for seven years at Outpost24, starting out as chief researcher and rising to vice president for customer experience by the time he left the company.

@JacobyDavid

Reports

An unknown actor targeted an electric utility in southern Africa with Cobalt Strike beacons and DroxiDat, a new variant of the SystemBC payload. We speculate that this incident was in the initial stages of a ransomware attack.

This is our latest summary of the significant events and findings, focusing on activities that we observed during Q2 2023.

While monitoring the traffic of our own corporate Wi-Fi network, we noticed suspicious activity that originated from several iOS-based phones. We created offline backups of the devices, inspected them and discovered traces of compromise.

GoldenJackal is an APT group, active since 2019, that usually targets government and diplomatic entities in the Middle East and South Asia. The main feature of this group is a specific toolset of .NET malware, JackalControl, JackalWorm, JackalSteal, JackalPerInfo and JackalScreenWatcher.

David Jacoby

New multi platform malware/adware spreading via Facebook Messenger

Trying to unmask the fake Microsoft support scammers!

Mass Defacements: the tools and tricks

Dissecting the Chrome Extension Facebook malware

Hey there! How much are you worth?

Publications

The cybercrime ecosystem: attacking blogs

Hey there! How much are you worth?

Dissecting the Chrome Extension Facebook malware

New multi platform malware/adware spreading via Facebook Messenger

An increase of sophisticated phishing attacks in Sweden

Understanding the operations of a scam

Guidelines for securing your home

IoT: How I hacked my home

Largest Website in Sweden Spreading Malicious Code

Hackers Target High Profile Domains

Exposing the Security Weaknesses We Tend to Overlook

A Hot Security Conference On Cold Iceland

Reports

Focus on DroxiDat/SystemBC

APT trends report Q2 2023

Operation Triangulation: iOS devices targeted with previously unknown malware

Meet the GoldenJackal APT group. Don’t expect any howls

Subscribe to our weekly e-mails