Hello! My name is Matt Suiche. I am an independent researcher, advisor, and investor. I previously served as the Head of Detection Engineering at Magnet Forensics. Our organization was passionately dedicated to justice and protecting the innocent, a mission we embarked on more intensely after the 2022 acquisition of my cybersecurity start-up, Comae Technologies.
My life-long fascination with learning and understanding complex systems first led me to cybersecurity. My teenage years were spent immersed in reverse engineering, which ignited a profound curiosity about technology that continues to this day. I’ve since explored various fields including operating systems architecture, programming languages, virtualization, modern web application development, and generative art. Furthermore, I’ve delved into numerous domains such as privacy, surveillance, forensics, blockchain, and community development among others.
What languages I’ll keep a close look at next year (2018)
If “crypto” stands for cryptography… then, is my auto-correct right to call “cryptocurrencies” just “currencies”?
Cryptocurrencies and blockchain made a lot of noise this year, good and bad. Smart contracts are finding new use cases (e.g. CryptoKitties), and some existing use case like multi-sig wallets (e.g. Parity) have been challenged due to their high complexity which introduced, like any piece of complex software, security vulnerabilities.
Porosity 🔗 GitHub Repository: https://github.com/msuiche/porosity Abstract 🔗Ethereum is gaining a significant popularity in the blockchain community, mainly due to fact that it is design in a way that enables developers to write decentralized applications (Dapps) and smart-contract using blockchain technology. This new paradigm of applications opens the door to many possibilities and opportunities. Blockchain is often referred as secure by design, but now that blockchains can embed applications this raise multiple questions regarding architecture, design, attack vectors and patch deployments.
Ransomware-as-a-service soon to be renamed Lure-as-a-Service 🔗Dubbed Fakesomware by Comae (Also called ExPetr, PetrWrap, NotPetya, DiskCoder).**
TL;DR:** The ransomware was a lure for the media, this variant of Petya is a disguised wiper.
Update1: Few hours later, Kaspersky’s research led to a similar conclusion.
Update2: Added more info on the wiper command & comparative screenshots of the two keys that visually confirms Kaspersky’s finding and why the MBR copy routine didn’t make sense.
