Last week, some of the research I worked on at FireEye over the summer went public! I worked on this research with some members on my team and Sandor Nemes, one of the very talented researchers at FireEye. You can read the blog post here.

The blog post details SAIGON, a new fork of Ursnif based on the v3/RM3 variant. I really enjoyed getting to work on this project, and it’s very exciting to see work I did as an intern go public, especially while I’m still at the company and able to assist in the review process. I’m still working at FireEye through the end of this school year, so we’ll see if I’m able to top that.

If you happen to be a FireEye Intel customer (and for some reason reading my blog, very cool), you can read the report we published back in September 2019 with additional threat intelligence information surrounding SAIGON.