Dmitry Galov

Head of Global Research & Analysis Team (GReAT) Russia and CIS Unit

Dmitry Galov serves as the Head of Kaspersky's Global Research & Analysis Team (GReAT) Russia and CIS Unit. In this influential role, he leads the team of experts in charge of researching the most sophisticated cases related to APTs and financially motivated attacks. Dmitry embarked on his journey with Kaspersky in September 2015 as an intern and later joined GReAT in August 2018, gradually progressing to become Senior Security Researcher. Before assuming his current position, he spearheaded the crimeware research group, showcasing his leadership capabilities. Dmitry is an expert with a profound understanding of various threats. His extensive research, covering topics such as non-Windows malware, future connected healthcare, cyber-espionage campaigns, and ransomware, has been published on Securelist.com, a testament to his expertise and contributions. Known for his exceptional public speaking skills, Dmitry frequently represents Kaspersky at global and local events, leaving a lasting impact on audiences. Additionally, he actively participates in the creation of webinars and videos that delve into the realm of cybersecurity.

Reports

Kaspersky discloses new tools and techniques discovered in 2025 Tomiris activities: multi-language reverse shells, Havoc and AdaptixC2 open-source frameworks, communications via Discord and Telegram.

Kaspersky experts analyze the ToddyCat APT attacks targeting corporate email. We examine the new version of TomBerBil, the TCSectorCopy and XstReader tools, and methods for stealing access tokens from Outlook.

Kaspersky GReAT experts dive deep into the BlueNoroff APT’s GhostCall and GhostHire campaigns. Extensive research detailing multiple malware chains targeting macOS, including a stealer suite, fake Zoom and Microsoft Teams clients and ChatGPT-enhanced images.

Kaspersky researchers discovered previously unidentified commercial Dante spyware developed by Memento Labs (formerly Hacking Team) and linked it to the ForumTroll APT attacks.

Dmitry Galov

A glimpse into the present state of security in robotics

Remote spring: the rise of RDP bruteforce attacks

Dox, steal, reveal. Where does your personal data end up?

The story of the year: remote work

Ransomware world in 2021: who, how and why

Publications

State of ransomware in 2025

Luna and Black Basta — new ransomware for Windows, Linux and ESXi

BloodyStealer and gaming assets for sale

Ransomware world in 2021: who, how and why

The story of the year: remote work

Dox, steal, reveal. Where does your personal data end up?

Remote spring: the rise of RDP bruteforce attacks

A glimpse into the present state of security in robotics

Jack of all trades

IoT lottery: finding a perfectly secure connected device

SambaCry is coming

Reports

Tomiris wreaks Havoc: New tools and techniques of the APT group

ToddyCat: your hidden email assistant. Part 1

Crypto wasted: BlueNoroff’s ghost mirage of funding and jobs

Mem3nt0 mori – The Hacking Team is back!

Subscribe to our weekly e-mails