Collective Intelligence Podcast, Vitali Kremez on TreasureHunter Source Code Leak
It’s been a busy couple of weeks on the cybercrime front starting with the TreasureHunter malware source code leak and culminating in last week’s takedown of bulletproof hosting provider MaxiDed, a known outpost for command and control infrastructure belonging to groups such as Carbanak, AdGholas and the operators of the Mirai IoT botnet.
Vitali Kremez, director of research at Flashpoint, talks to Editorial Director Mike Mimoso about both events and their short- and long-term impact on cybercrime.
The TreasureHunter leak, disclosed by Flashpoint on May 10, was not your average malware source code leak. Not only was the code made public for the point-of-sale malware, but compounding the issue was also the leak by the same actor of the source code for the malware’s graphical user interface builder and administrator panel. This gives criminals an opportunity to build their own variants of the malware in a relatively quicker fashion.
Flashpoint worked in close collaboration with researchers at Cisco Talos, sharing intelligence on the leak in order to have updated Snort rules and ClamAV signatures ready upon disclosure hoping to head off copycats looking to capitalize on the leak. Flashpoint said it had observed conversations on Russian-speaking cybercrime forums about improvements that could be made to the code and how to weaponize it.
Wrapping up the discussion, Vitali and Mike discuss the MaxiDed takedown, announced last week by the Dutch National Police. Vitali explains the importance of international cooperation in takedowns such as this, and what kind of a dent this makes in the context of overall underground activity.
The Collective Intelligence Podcast, presented by Flashpoint and hosted by Editorial Director Mike Mimoso, features regular interviews with a diverse set of industry experts and Flashpoint analysts on the latest information security news and industry trends.
Director of Research
Vitali Kremez is a Director of Research at Flashpoint. He oversees analyst collection efforts and leads a technical team that specializes in researching and investigating complex cyber attacks, network intrusions, data breaches, and hacking incidents. Vitali is a strong believer in responsible disclosure and has helped enterprises and government agencies deliver indictments of many high-profile investigations involving data breaches, network intrusions, ransomware, computer hacking, intellectual property theft, credit card fraud, money laundering, and identity theft. Previously, Vitali enjoyed a rewarding career as a Cybercrime Investigative Analyst for the New York County District Attorney’s Office.
He has earned the majority of certifications available in the information technology, information security, digital forensics, and fraud intelligence fields. A renowned expert, speaker, blogger, and columnist, Vitali has contributed articles to Dark Reading, BusinessReview, and Infosecurity Magazine and is a frequent commentator on cybercrime, hacking incidents, policy, and security.
Michael Mimoso brings over a decade of experience in IT security news reporting to Flashpoint. As Editorial Director, he collaborates with marketing, analyst, and leadership teams to share the company’s story. Prior to Flashpoint, Mike was as an Editor of Threatpost, where he covered security issues and cybercrime affecting businesses and end-users.
Prior to joining Threatpost, Mike was Editorial Director of the Security Media Group at TechTarget and Editor of Information Security magazine where he won several ASBPE national and regional writing awards. In addition, Information Security was a two-time finalist for national magazine of the year. He has been writing for business-to-business IT publications for 11 years, with a primary focus on information security.
Earlier in his career, Mike was an editor and reporter at several Boston-area newspapers. He holds a bachelor’s degree from Stonehill College in North Easton, Massachusetts.