Dmitry Bestuzhev

Director, Global Research & Analysis Team, Latin America

Dmitry Bestuzhev is Director of Kaspersky’s Global Research and Analysis Team in Latin America, where he oversees the company’s anti-malware and threat intelligence research by experts in the region. Dmitry joined Kaspersky in 2007 as a Malware Analyst, monitoring the local threat landscape and providing preliminary analysis. By 2008, he had become Senior Regional Researcher for the Latin American region and was appointed to his current role in 2010. In addition to overseeing anti-malware research and analysis work, Dmitry produces intelligence reports and forecasts for the region and is frequently sought out by international media and organizations for his expert commentary on IT security. Dmitry’s wide field of expertise covers everything from high profile attacks on financial institutions to traditional cybercrime underground activity. Dmitry is also an expert in corporate security, cyber-espionage and complex targeted attacks and participates in various educational initiatives throughout the Americas. Dmitry has more than two decades of experience in IT security across a wide variety of roles and is fluent in English, Spanish and Russian.

Publications

Reports

The leap of a Cycldek-related threat actor

The investigation described in this article started with one such file which caught our attention due to the various improvements it brought to this well-known infection vector.

Lazarus targets defense industry with ThreatNeedle

In mid-2020, we realized that Lazarus was launching attacks on the defense industry using the ThreatNeedle cluster, an advanced malware cluster of Manuscrypt (a.k.a. NukeSped). While investigating this activity, we were able to observe the complete life cycle of an attack, uncovering more technical details and links to the group’s other campaigns.

Sunburst backdoor – code overlaps with Kazuar

While looking at the Sunburst backdoor, we discovered several features that overlap with a previously identified backdoor known as Kazuar. Our observations shows that Kazuar was used together with Turla tools during multiple breaches in past years.

Subscribe to our weekly e-mails

The hottest research right in your inbox