Thomas holds a PhD in computer science and works as a Senior Cyber Security Analyst in the Cyber Threat Intelligence Chapter. 
He is passionately engaged in malware analysis, threat actor tracking, and bug hunting. Throughout the last years he has found numerous vulnerabilities in low-level software and participated in several botnet take-downs. In his blogs he tells techies and non-techies stories about his adventures in binary code wonderland. 

Articles by Thomas Barabosch

Your choice

Smokeloader emerged from the Russian cybercrime underground in 2011 but is still alive.

Blog.Telekom

Smokeloader is still alive

One of the oldest malware families that is still in use today learned some new tricks: A special way to encrypt CC server URLs.

Cybersecurity: TA505’s Box of Chocolate

Blog.Telekom

TA505's Box of Chocolate

Cybersecurity: TA505, a very active threat actor, works differently than, for example, the group behind Emotet. Which tools are used here, Thomas Barabosch explains to you in his Blog.

Insights into TA505’s ransomware operations.

Blog.Telekom

Inside of CL0P’s ransomware operation

Cybercrime actor TA505 started three waves of spam in 2020 to find new victims. Here are insights into their ransomware operations.

Cybersecurity: TA505’s Box of Chocolate

Blog.Telekom

TA505 returns with a new bag of tricks

Cybersecurity: In this blogpost, Thomas Barabosch, shows you a new technique of big threat actor TA505: basically, it’s about operations for big game hunting.

Researcher Thomas Barabosch will give recommendations to fight them and share ways to detect TA505 intrusions in your network.

Blog.Telekom

Eager Beaver: A Short Overview of the Restless Threat Actor TA505

Researcher Thomas Barabosch will give recommendations to fight them and share ways to detect TA505 intrusions in your network.

FAQ