Robert Simmons

Principal Malware Researcher at ReversingLabs. With an expertise in building automated malware analysis systems based on open source tools, he has been tracking malware and phishing attacks and picking them apart for years. Robert has spoken on malware analysis at many of the top security conferences including DEFCON, HOPE, botconf, and DerbyCon among others.
Find Robert Simmons on:
Twitter
Recent Posts from Robert Simmons
March 12, 2021
Many families of remote access trojan (RAT) are .NET executables
November 16, 2020
Tearing Down HWP Files To Expose a Trojan
June 26, 2020
YARA is a useful member of the toolset of researchers, threat hunters, incident responder, and many other defenders.
June 5, 2020
In March of 2020, MalwareHunterTeam discovered a downloader which installed both a KPot infostealer as well as a second payload which was a ransomware variant that used the string "CoronaVirus".
March 23, 2020
Getting Ahead of Ryuk attacks using YARA Rules - Continued
January 31, 2020
Public hosting sites present a challenge for defenders when exploited by adversaries to conceal payloads using various encoding techniques
January 24, 2020
Many ransomware families have changed their tactics and victim-targeting in recent years. Rather than indiscriminate attacks against anyone they’re able to infect, they have moved to a process called “big game hunting”.
December 13, 2019
A step that an adversary takes during the post exploitation phase of an attack is to establish a command line interface with a computer inside the victim’s network. One recent incident demonstrates the entire intrusion set operated by FIN6, a financially motivated threat actor group.