Mohamad Amin Hasbini

Head of Research Center, GReAT, Middle East, Turkey and Africa

Dr. Mohamad Amin Hasbini joined Kaspersky in 2013 as a Senior Security Researcher in the Global Research and Analysis Team (GReAT). He is now head of the same research center for the META region. Amin is responsible for Kaspersky’s expert positioning, research expansion, and knowledge maturity in four regional offices. He has a PHD in smart cities information security from the Brunel University in London. Prior to joining Kaspersky, Amin was a senior consultant at Deloitte and Touche Middle East. Before that, he worked as a senior security Engineer at DataConsult in Lebanon. Dr. Hasbini worked on numerous large-scale defensive infrastructure deployments, industrial and consulting projects for government entities, banks, service providers, oil and gas companies, and others. He has also taught security courses in forensics, malware analysis and ethical hacking. Amin is specialized in wide-scale cyber-defense and anti-APT tools and techniques. He has written a number of publications on advanced malware operations and smart cities security, presented at more than 100 conferences worldwide and received numerous accolades.

@MaHasbini

Reports

Kimsuky (also known as Thallium, Black Banshee and Velvet Chollima) is a prolific and active threat actor primarily targeting Korea-related entities. In early 2022, we observed this group was attacking the media and a think-tank in South Korea.

VileRAT is a Python implant, part of an evasive and highly intricate attack campaign against foreign exchange and cryptocurrency trading companies.

Earlier, the CISA published an alert related to a Stairwell report, “Maui Ransomware.” Our data should openly help solidify the attribution of the Maui ransomware incident to the Korean-speaking APT Andariel, also known as Silent Chollima and Stonefly.

Kaspersky ICS CERT experts detected a wave of targeted attacks in several East European countries, as well as Afghanistan. Of the six backdoors identified on infected systems, five have been used earlier in attacks attributed to APT TA428.

Mohamad Amin Hasbini

Gaza Cybergang – updated activity in 2017:

5G technology predictions 2020

Gaza cybergang, where’s your IR team?

5G security and privacy for smart cities

Operation Ghoul: targeted attacks on industrial and engineering organizations

Publications

5G technology predictions 2020

5G security and privacy for smart cities

Gaza Cybergang – updated activity in 2017:

From Shamoon to StoneDrill

Operation Ghoul: targeted attacks on industrial and engineering organizations

Gaza cybergang, where’s your IR team?

The Desert Falcons targeted attacks

The Syrian malware part 2: Who is The Joe?

The Syrian Malware House of Cards

The Rise of Cybercrime in Dubai and UAE

Reports

Kimsuky’s GoldDragon cluster and its C2 operations

VileRAT: DeathStalker’s continuous strike at foreign and cryptocurrency exchanges

Andariel deploys DTrack and Maui ransomware

Targeted attack on industrial enterprises and public institutions

Subscribe to our weekly e-mails