Santiago Pontiroli

Security Researcher, Global Research & Analysis Team

Santiago Pontiroli joined Kaspersky's Global Research and Analysis Team (GReAT) as a security researcher in 2013. His principal responsibilities include the analysis and investigation of security threats in the Latin American region, the development of automatization tools, reverse engineering of programs with malicious code and creating analysis reports derived from threat intelligence studies. His expertise includes the analysis of gaming trends and threats, the evolution of the cryptocurrency sector and implementation of blockchain technologies. Santiago regularly trains executives in topics such as threat intelligence, YARA, and advanced malware analysis. He has been quoted in industry publications across Latin America and has participated as a notable speaker in industry conferences worldwide, including Virus Bulletin, BSides New York and Chile, Kaspersky Security Analyst Summit (SAS) and Nuit du Hack, among others. Santiago holds degrees in systems engineering and systems analysis from the Universidad Tecnológica Nacional F.R.L.P in Buenos Aires, Argentina.

@spontiroli

Reports

While monitoring the traffic of our own corporate Wi-Fi network, we noticed suspicious activity that originated from several iOS-based phones. We created offline backups of the devices, inspected them and discovered traces of compromise.

GoldenJackal is an APT group, active since 2019, that usually targets government and diplomatic entities in the Middle East and South Asia. The main feature of this group is a specific toolset of .NET malware, JackalControl, JackalWorm, JackalSteal, JackalPerInfo and JackalScreenWatcher.

Kaspersky analysis of the CloudWizard APT framework used in a campaign in the region of the Russo-Ukrainian conflict.

For more than five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research; and they provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports.

Santiago Pontiroli

The rise of .NET and Powershell malware

The cake is a lie! Uncovering the secret world of malware-like cheats in video games

A nightmare on malware street

“All your creds are belong to us”

BSides NYC, a volunteer organized event put on by and for the community

Publications

Cyberthreats to financial organizations in 2022

The cake is a lie! Uncovering the secret world of malware-like cheats in video games

BSides NYC, a volunteer organized event put on by and for the community

XPan, I am your father

Kaspersky Security Bulletin 2016. The ransomware revolution

The first BSides Latin America, this time in Sao Paulo

“All your creds are belong to us”

The rise of .NET and Powershell malware

Coinvault, are we reaching the end of the nightmare?

Our Fifth Latin American Security Analysts Summit in Santiago de Chile

One night to hack in Paris

Challenging CoinVault – it’s time to free those files

Reports

Operation Triangulation: iOS devices targeted with previously unknown malware

Meet the GoldenJackal APT group. Don’t expect any howls

CloudWizard APT: the bad magic story goes on

APT trends report Q1 2023

Subscribe to our weekly e-mails