“Where to begin with such a talent! Alex is a solid low-level reverse engineer and vulnerability researcher that has both the technical acumen and business mindset to be successful just about any area he wants to explore. I engaged with Alex on security projects and offensive research on a few occasions where he not only blew up bugs in each target, but also putting the pieces back together in a meaningful way, ensuring the same bugs don't keep coming up. His skills go beyond security though, as I truly enjoy interacting with him as a person. His ambition never lets him settle for less than his best work. I believe if you dropped Alex off on an island, he would find his way back by rigging some parts together from a broken cell phone, radio, whatever, with or without a flare gun or boating ores. That's the kind of intellect and ingenuity we're talking about here-- suffice it to say he'd be a solid hire for any company that can keep at his speed.”
About
Alex Matrosov is CEO and Founder of BInarly Inc. where he builds an AI-powered platform…
Activity
-
It’s that time of the year in Vegas. Excited for BlackHat 2024 with BINARLY.
It’s that time of the year in Vegas. Excited for BlackHat 2024 with BINARLY.
Liked by Alex Matrosov
-
In the words of the late great Barnaby Jack… Vegas Baby!! (Old eEye crew will get it) Super excited to be back in this crazy town for the week. I…
In the words of the late great Barnaby Jack… Vegas Baby!! (Old eEye crew will get it) Super excited to be back in this crazy town for the week. I…
Liked by Alex Matrosov
-
I’ll be at Black Hat this week - shoot me a note if you’re in Vegas to catch up and check out our portfolio events below!
I’ll be at Black Hat this week - shoot me a note if you’re in Vegas to catch up and check out our portfolio events below!
Liked by Alex Matrosov
Experience
Education
Publications
-
Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats
No Starch Press
Modern malware is always evolving because malware authors are constantly finding new ways to bypass security and avoid detection. Defending against (and even discovering) the latest malicious software requires cunning and extensive expertise because attackers have become much more sophisticated ...
Other authorsSee publication -
The Evolution of TDL: Conquering x64
ESET
A comprehensive analysis of the latest member of the TDSS/Olmarik/Alureon family, which has learned some radical new tricks.
Other authors -
-
Dr. Zeus: the Bot in the Hat
ESET
During a joint fraud investigation with Group-IB into a remote banking service, our colleagues in Russia analysed a number of samples passed on by the computer forensics experts at Group-IB. On the surface, what they were looking at was pretty much the standard: Zbot Trojan malware, which has been described many times, but they decided to probe a little further, and were rewarded by observing some rather unusual characteristics of the code in question, The Zeus botnet is interesting and highly…
During a joint fraud investigation with Group-IB into a remote banking service, our colleagues in Russia analysed a number of samples passed on by the computer forensics experts at Group-IB. On the surface, what they were looking at was pretty much the standard: Zbot Trojan malware, which has been described many times, but they decided to probe a little further, and were rewarded by observing some rather unusual characteristics of the code in question, The Zeus botnet is interesting and highly adaptive malware with an unhealthy interest in various financial transactions carried out from an infected machine, such as online banking.
Other authorsSee publication -
Rooting about in TDSS
Virus Bulletin magazine
During the course of their research into the TDSS rootkit, Aleksandr Matrosov and Eugene Rodionov developed a universal utility for dumping the rootkit’s hidden file system. Here they provide the details
Other authors -
-
Stuxnet Under the Microscope
ESET
This report is devoted to the analysis of the notorious Stuxnet worm (Win32/Stuxnet) that suddenly attracted the attention of virus researchers this summer. This report is primarily intended to describe targeted and semi-targeted attacks, and how they are implemented, focusing mainly on the most recent, namely Stuxnet. This attack is, however, compared to the Aurora attack, outlining the similarities and differences between the two attacks.
The paper is structured as follows. In the first…This report is devoted to the analysis of the notorious Stuxnet worm (Win32/Stuxnet) that suddenly attracted the attention of virus researchers this summer. This report is primarily intended to describe targeted and semi-targeted attacks, and how they are implemented, focusing mainly on the most recent, namely Stuxnet. This attack is, however, compared to the Aurora attack, outlining the similarities and differences between the two attacks.
The paper is structured as follows. In the first section we introduce the targeted attacks and their common characteristics and goals. In this section we present comparison of two attacks: Stuxnet vs.
Aurora. The second section contains some general information on SCADA (Supervisory Control And Data Acquisition) systems and PLCs (Programmable Logic Controllers) as Stuxnet’s primary targets of. The third section covers the distribution of the Stuxnet worm. Here we describe vulnerabilities that it exploits to infect the target machine. The next section describes the implementation of Stuxnet: user-mode and kernel-mode components, RPC Server and their interconnection. We also describe the remote communication protocol that it uses to communicate with the remote C&C.Other authorsSee publication -
TDL3: The Rootkit of All Evil?
ESET
Subtitled "Account of an Investigation into a Cybercrime Group", this is a comprehensive consideration, by researchers with ESET’s in Russia, of the distribution and the internals of the TDL3 Rootkit, and the involvement of the Dogma Millions group.
Other authors -
Patents
-
Detecting vulnerabilities to fault injection in computer code using machine learning
Filed US US20190370473A1
Honors & Awards
-
Winner of Plugin Contest
Hex-Rays
-
Best Speaker Award
AVAR 2012
Recommendations received
-
LinkedIn User
13 people have recommended Alex
Join now to viewMore activity by Alex
-
Last year in Vegas, BINARLY was one of the finalists for the #BlackHat Startup Spotlight competition. There were many last-minute preparations and…
Last year in Vegas, BINARLY was one of the finalists for the #BlackHat Startup Spotlight competition. There were many last-minute preparations and…
Liked by Alex Matrosov
-
'Secure by Design' is about more than security features and safe defaults. https://lnkd.in/gbV2WH5z
'Secure by Design' is about more than security features and safe defaults. https://lnkd.in/gbV2WH5z
Liked by Alex Matrosov
-
The pk.fail service has an open API interface for mass scanning. By today, 7550 unique system firmware images had been checked, and 534 (7%)…
The pk.fail service has an open API interface for mass scanning. By today, 7550 unique system firmware images had been checked, and 534 (7%)…
Liked by Alex Matrosov
-
Just finished this. I have programmed in C++ for over 30 years and for all its downsides, I love the language. This book is the first book I have…
Just finished this. I have programmed in C++ for over 30 years and for all its downsides, I love the language. This book is the first book I have…
Liked by Alex Matrosov
-
Last year in Vegas, BINARLY was one of the finalists for the #BlackHat Startup Spotlight competition. There were many last-minute preparations and…
Last year in Vegas, BINARLY was one of the finalists for the #BlackHat Startup Spotlight competition. There were many last-minute preparations and…
Shared by Alex Matrosov
-
The pk.fail service has an open API interface for mass scanning. By today, 7550 unique system firmware images had been checked, and 534 (7%)…
The pk.fail service has an open API interface for mass scanning. By today, 7550 unique system firmware images had been checked, and 534 (7%)…
Shared by Alex Matrosov
-
#PKfail made to #ThreeBodyProblem show 🤙 Great thoughts from JAGS and Costin Raiu on platform security and flashbacks from rootkits/bootkits golden…
#PKfail made to #ThreeBodyProblem show 🤙 Great thoughts from JAGS and Costin Raiu on platform security and flashbacks from rootkits/bootkits golden…
Liked by Alex Matrosov
-
Cya with SCYTHE at #Blackhat and ICS VILLAGE at DEF CON. 🦄✈️
Cya with SCYTHE at #Blackhat and ICS VILLAGE at DEF CON. 🦄✈️
Liked by Alex Matrosov
-
I will be at Black Hat Tue/Wed. Let me know if you're around, let's grab a drink and I'll show you what we're working on at Hunt.io.
I will be at Black Hat Tue/Wed. Let me know if you're around, let's grab a drink and I'll show you what we're working on at Hunt.io.
Liked by Alex Matrosov
-
#PKfail made to #ThreeBodyProblem show 🤙 Great thoughts from JAGS and Costin Raiu on platform security and flashbacks from rootkits/bootkits golden…
#PKfail made to #ThreeBodyProblem show 🤙 Great thoughts from JAGS and Costin Raiu on platform security and flashbacks from rootkits/bootkits golden…
Shared by Alex Matrosov
Other similar profiles
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore More