Expert

Vitaly Kamluk

Director, Global Research & Analysis Team, APAC

Vitaly has been involved in research at Kaspersky since 2005. In 2008, he was appointed Senior Antivirus Expert, before becoming Director of the EEMEA Research Center in 2009. In 2014 he was seconded to INTERPOL, where for two years he worked in the Digital Crime Center, specializing in malware reverse engineering, digital forensics and cybercrime investigation. Currently Vitaly is based in Singapore and is leading a team of APAC threat researchers focused on targeted attacks investigation. He is the author of Kaspersky’s first open-source project, a remote digital forensics tool called Bitscout, made available on Github. Vitaly has presented at many international security conferences as well as multiple invite-only security events. He is a trainer in malware analysis, YARA for malware hunters, and remote digital forensics.

@vkamluk

Reports

Kimsuky (also known as Thallium, Black Banshee and Velvet Chollima) is a prolific and active threat actor primarily targeting Korea-related entities. In early 2022, we observed this group was attacking the media and a think-tank in South Korea.

VileRAT is a Python implant, part of an evasive and highly intricate attack campaign against foreign exchange and cryptocurrency trading companies.

Earlier, the CISA published an alert related to a Stairwell report, “Maui Ransomware.” Our data should openly help solidify the attribution of the Maui ransomware incident to the Korean-speaking APT Andariel, also known as Silent Chollima and Stonefly.

Kaspersky ICS CERT experts detected a wave of targeted attacks in several East European countries, as well as Afghanistan. Of the six backdoors identified on infected systems, five have been used earlier in attacks attributed to APT TA428.

Vitaly Kamluk

Absolute Computrace Revisited

Bitscout – The Free Remote Digital Forensics Tool Builder

Absolute Computrace: Frequently Asked Questions

Cybersecurity Research During the Coronavirus Outbreak and After

Simda’s Hide and Seek: Grown-up Games

Publications

The BlueNoroff cryptocurrency hunt is still on

Cybersecurity Research During the Coronavirus Outbreak and After

Threats to macOS users

Bitscout – The Free Remote Digital Forensics Tool Builder

Adwind: FAQ

Simda’s Hide and Seek: Grown-up Games

Blockchain technology abuse: time to think about fixes

Absolute Computrace: Frequently Asked Questions

Absolute Computrace Revisited

The Icefog APT Hits US Targets With Java Backdoor

Kaspersky Security Bulletin 2013. Corporate threats

ZeroNights: A Technical Security Conference in Russia

Reports

Kimsuky’s GoldDragon cluster and its C2 operations

VileRAT: DeathStalker’s continuous strike at foreign and cryptocurrency exchanges

Andariel deploys DTrack and Maui ransomware

Targeted attack on industrial enterprises and public institutions

Subscribe to our weekly e-mails