The keksec’s botnets we observed in the past year
Ye JinQihoo 360
Ye Jin is a senior botnet researcher from 360netlab. His main job is to analyse and track botnet malware and develop lightweight simulation technology to extract IoC information. He has eight years of experience in malware reverse analysis. Before that, he was a virus analysis engineer in Kaspersky's Anti-Virus Lab. He participated in the XCon 2020 conference .
Lingming TuQihoo 360
Lingming Tu used to work at KingSoft and Kaspersky as a malware analyst and kernel developer. Now he is a botnet researcher at 360netlab. His work is mainly focused on malware reverse engineering and botnet tracking, with a focus on IoT botnets. In the past years, he has done a lot of research on classic Linux botnets, including Elknot, Gafgyt, Dofloo, and Mirai. During this period, he also discovered some new botnets, including Ngioweb (Linux version), Godlua, Mozi, Moobot, Fbot, Zhtrap, Matryosh and Bigviktor.