Йорнт ван дер Вил

Security Researcher, Global Research & Analysis Team

Jornt works as a local security expert for the BeNeLux region in Kaspersky’s Global Research and Analysis Team (GReAT). During his time at the company, Jornt has managed several different high-profile projects. For instance, he helped the Dutch police with the Coinvault case, that led to the arrest of two malware authors. After this success, Jornt was a driving force behind the NoMoreRansom project. Together with various law enforcement agencies, he identified several servers that held cryptographic keys of ransomware victims. As a result, more than 35,000 people got their files back without paying the criminals and the action prevented millions of dollars going into the pockets of criminals. Jornt also speaks at national and international conferences, is a regular media commentator and alongside his malware research, offers malware reverse engineering training. Before joining Kaspersky in 2014, Jornt worked as a researcher/developer for Security Matters. Whilst he was there, he implemented and designed detection modules for Intrusion Detection Systems that operate in an Industrial Control System (ICS) environment. Prior to that, Jornt worked as a security consultant for Digidentity, where he improved existing products by creating new software and cryptographic algorithms. He has also worked as a consultant at the Rijkswaterstaat Security Operations Center (the governmental institution responsible for roads and water management), where he was actively involved in securing ICS environments.

Публикации

Отчеты

StripedFly: двуликий и незаметный

Разбираем фреймворк StripedFly для целевых атак, использовавший собственную версию эксплойта EternalBlue и успешно прикрывавшийся майнером.

Азиатские APT-группировки: тактики, техники и процедуры

Делимся с сообществом подходами, которые используют азиатские APT-группировки при взломе инфраструктуры, и подробной информацией о тактиках, техниках и процедурах (TTPs) злоумышленников, основанной на методологии MITRE ATT&CK.

Как поймать «Триангуляцию»

Эксперты «Лаборатории Касперского» смогли получить все этапы «Операции Триангуляция»: эксплойты нулевого дня для iOS, валидаторы, имплант TriangleDB и дополнительные модули.

Подпишитесь на еженедельную рассылку

Самая актуальная аналитика – в вашем почтовом ящике