SentinelLabs Logo RGB WhitePurp
ABOUT
CVE DATABASE
CONTACT
VISIT SENTINELONE.COM

Vitali Kremez

Vitali Kremez is a strategic advisor for SentinelLabs. He specializes in researching and investigating complex cyberattacks, network intrusions, data breaches, and hacking incidents mainly emanating from the Eastern European cybercriminal ecosystem. He has earned the majority of major certifications available in information technology, information security, and digital forensics fields.
Copy Of Pro Russian CyberSpy APT Gamaredon Wages Silent War With Ukranian Military Law Enforcement 2
Security & Intelligence

Pro-Russian CyberSpy Gamaredon Intensifies Ukrainian Security Targeting

Vitali Kremez / February 5, 2020

Read how the Gamaredon group wages a silent cyber war against the Ukraine even when all other domains are denied by the strategic or political framework.

Read More
SLABS Blog TrickbotTrick
Crimeware

Top-Tier Russian Organized Cybercrime Group Unveils Fileless Stealthy “PowerTrick” Backdoor for High-Value Targets

Vitali Kremez / January 9, 2020

SentinelLabs developed mock command-and-control panels to allow the institutions to utilize them for testing detections related to “PowerTrick”

Read More
Planeswalker 3
Adversary

Anchor Project | The Deadly Planeswalker: How The TrickBot Group United High-Tech Crimeware & APT

Vitali Kremez / December 10, 2019

The Wind of Time Shakes the Underground | High-Tech Cybercrime & APT | Most Sophisticated & Resourceful Crimeware Group

Read More

YARA Hunting for Code Reuse: DoppelPaymer Ransomware & Dridex Families

From the Front Lines | 8 minute read
Read More >

From “RobbinHood” to APT28: Crimeware Virus & APT Journey

From the Front Lines | 7 minute read
Read More >
How TrickBot Hooking Engine Targets Windows 10 Browsers 5
Crimeware

How TrickBot Malware Hooking Engine Targets Windows 10 Browsers

Vitali Kremez / October 24, 2019

Vitali Kremez revealing how TrickBot’s hooking engine targets Chrome, Firefox, Explorer and Edge in Windows 10

Read More
From Office Macro Malware To Lightweight JS Loader 10 1
Advanced Persistent Threat

Deep Insight into “FIN7” Malware Chain: From Office Macro Malware to Lightweight JS Loader

Vitali Kremez / October 3, 2019

Vitali Kremez dissecting the ‘Fin7’ malware chain that leverages malicious MS Office Macros and a JS loader.

Read More
FIN6 “FrameworkPOS”  Point Of Sale Malware Analysis Internals 1
Advanced Persistent Threat

FIN6 “FrameworkPOS”: Point-of-Sale Malware Analysis & Internals

Vitali Kremez / September 19, 2019

Vitali Kremez diving into the FIN6 “FrameworkPOS”, targeting payment card data from Point-of-Sale (POS) or eCommerce systems.

Read More
Cybercrime   Banload  Banking Malware Implements New Techniques For Fraud 1
Crimeware

RIG Exploit Kit Chain Internals

Vitali Kremez / September 12, 2019

Vitali Kremez explaining the RIG Exploit Kit and the infection chain internals that led to the Amadey Stealer and Clipboard Hijacker.

Read More
Cybercrime   Banload  Banking Malware Implements New Techniques For Fraud 1
Security Research

Cybercrime: Groups Behind “Banload” Banking Malware Implement New Techniques

Vitali Kremez / May 13, 2019

Cybercriminals aren’t deterred by legacy AV. Learn how the gang behind “Banload” malware used a new kernel driver to remove popular anti-malware solutions.

Read More
Previous
1 2
Next

SentinelLabs

In the era of interconnectivity, when markets, geographies, and jurisdictions merge in the melting pot of the digital domain, the perils of the threat ecosystem become unparalleled. Crimeware families achieve an unparalleled level of technical sophistication, APT groups are competing in fully-fledged cyber warfare, while once decentralized and scattered threat actors are forming adamant alliances of operating as elite corporate espionage teams.

Recent Posts

  • FreeDrain Unmasked | Uncovering an Industrial-Scale Crypto Theft Network
    FreeDrain Unmasked | Uncovering an Industrial-Scale Crypto Theft Network
    May 8, 2025
  • Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today’s Adversaries
    Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today’s Adversaries
    April 28, 2025
  • AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale
    AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale
    April 9, 2025

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

  • Twitter
  • LinkedIn
©2025 SentinelOne, All Rights Reserved.