Junior Security Researcher, GReAT
Leonid joined Kaspersky in 2020 as an intern in the Global Research and Analysis Team (GreAT). Here, he played an active role in the development of internal tools and infrastructure as well as darknet research and assisted in training courses provided by GReAT. In 2021, Leonid was invited to join GReAT as a Junior Security Researcher. As part of his role, he is engaged in open-source security, reverse engineering and malware analysis. In addition to this, Leonid has become one of the authors of Crimeware reports and dark web research publications. Based on his successful research he appears as a speaker in Kaspersky videos demonstrating his expertise in Threat Intelligence.In October 2022, we identified an active infection of government, agriculture and transportation organizations located in the Donetsk, Lugansk, and Crimea regions.
Roaming Mantis (a.k.a Shaoye) is a long-term cyberattack campaign that uses malicious Android package (APK) files to control infected Android devices and steal data. In 2022, we observed a DNS changer function implemented in its Android malware Wroba.o.
We continue to track the BlueNoroff group’s activities and this October we observed the adoption of new malware strains in its arsenal.
In this report, we compare the ROADSWEEP ransomware and ZEROCLEARE wiper versions used in two waves of attacks against Albanian government organizations.