Head of Global Research & Analysis Team, Russia
Yury joined the Kaspersky Global Research and Analysis Team (GReAT) in July 2011. He specializes in analyzing advanced persistent threats and attacks against banks and financial institutions, as well as malware data collection and analysis. He is also involved in research into mobile threats and malware and web application security issues. He constantly reviews general changes to malware trends. Yury started his career at Kaspersky in 2007 as a virus analyst and was promoted to senior virus analyst after one year. In 2009 he was instrumental in a project, where he developed statistical services for the Kaspersky Security Network (KSN) as senior developer-analyst. After finishing this project, he moved to the education unit of Kaspersky Research and Development as project manager, where he organized and conducted training on IT Security for different organizations including universities, financial organizations and law enforcement agencies. In 2015 Yury was promoted to the position of Head of GReAT in Russia.The report features the most significant developments relating to APT groups in Q1 2024, including the new malware campaigns DuneQuixote and Durian, and hacktivist activity.
We continue to report on the APT group ToddyCat. This time, we’ll talk about traffic tunneling, constant access to a target infrastructure and data extraction from hosts.
New unattributed DuneQuixote campaign targeting entities in the Middle East employs droppers disguised as Total Commander installer and CR4T backdoor in C and Go.
In this report Kaspersky researchers provide an analysis of the previously unknown HrServ web shell, which exhibits both APT and crimeware features and has likely been active since 2021.