Mohamad Amin Hasbini

Head of Research Center, GReAT, Middle East, Turkey and Africa

Dr. Mohamad Amin Hasbini joined Kaspersky in 2013 as a Senior Security Researcher in the Global Research and Analysis Team (GReAT). He is now head of the same research center for the META region. Amin is responsible for Kaspersky’s expert positioning, research expansion, and knowledge maturity in four regional offices. He has a PHD in smart cities information security from the Brunel University in London. Prior to joining Kaspersky, Amin was a senior consultant at Deloitte and Touche Middle East. Before that, he worked as a senior security Engineer at DataConsult in Lebanon. Dr. Hasbini worked on numerous large-scale defensive infrastructure deployments, industrial and consulting projects for government entities, banks, service providers, oil and gas companies, and others. He has also taught security courses in forensics, malware analysis and ethical hacking. Amin is specialized in wide-scale cyber-defense and anti-APT tools and techniques. He has written a number of publications on advanced malware operations and smart cities security, presented at more than 100 conferences worldwide and received numerous accolades.

@MaHasbini

Reports

This is our latest summary of advanced persistent threat (APT) activity, focusing on events that we observed during Q1 2022.

We recently discovered a Trojanized DeFi application that was compiled in November 2021. This application contains a legitimate program called DeFi Wallet that saves and manages a cryptocurrency wallet, but also implants a full-featured backdoor.

At the end of 2021, we inspected UEFI firmware that was tampered with to embed a malicious code we dub MoonBounce. In this report we describe how the MoonBounce implant works and how it is connected to APT41.

It appears that BlueNoroff shifted focus from hitting banks and SWIFT-connected servers to solely cryptocurrency businesses as the main source of the group’s illegal income.

Mohamad Amin Hasbini

Gaza Cybergang – updated activity in 2017:

5G technology predictions 2020

Gaza cybergang, where’s your IR team?

5G security and privacy for smart cities

Operation Ghoul: targeted attacks on industrial and engineering organizations

Publications

5G technology predictions 2020

5G security and privacy for smart cities

Gaza Cybergang – updated activity in 2017:

From Shamoon to StoneDrill

Operation Ghoul: targeted attacks on industrial and engineering organizations

Gaza cybergang, where’s your IR team?

The Desert Falcons targeted attacks

The Syrian malware part 2: Who is The Joe?

The Syrian Malware House of Cards

The Rise of Cybercrime in Dubai and UAE

Reports

APT trends report Q1 2022

Lazarus Trojanized DeFi app for delivering malware

MoonBounce: the dark side of UEFI firmware

The BlueNoroff cryptocurrency hunt is still on

Subscribe to our weekly e-mails