David has worked in the malware research field since 2017, building deep expertise across the cybersecurity threat landscape. He specializes in malware reverse engineering and advanced threat hunting and has de-obfuscated some of the most complex and heavily protected malware families in the wild. David is known for his ability to uncover high-end threats, analyze sophisticated obfuscation techniques, and translate deep technical research into actionable insights for defenders.
The Acronis TRU team identified a threat cluster leveraging a customized Adwind (Java RAT) variant with polymorphic characteristics to deliver a ransomware module, tracked as ‘JanaWare.' Analysis of malware samples, infrastructure and telemetry indicates the campaign is likely focused on Turkish users.
Acronis Threat Research Unit (TRU) analyzed DragonForce, a Conti-derived ransomware-as-a-service active since 2023, documenting its malware, affiliate model and links to Scattered Spider.