Marc-Etienne M.Léveillé

Marc-Etienne M.Léveillé

Senior Malware Researcher


Education: Software Engineering student at École de Technologie supérieure

Highlights of your career? Winning the first Péter Szőr award for our research on Operation Windigo.

Position and history at ESET? Malware Researcher since January 2012

What malware do you hate the most? Malware that steals money or destroys documents

Favorite activities? Photography, Cycling, Playing the clarinet

When did you get your first computer and what kind was it? I remember playing with the TI-99 of my grandfather, but this first one I broke was his 486SX by editing the config.sys file incorrectly.

Favorite computer game/activity? CTF competitions


30 articles by Marc-Etienne M.Léveillé

ESET research

TorrentLocker: Crypto-ransomware still active, using same tactics

TorrentLocker: Crypto-ransomware still active, using same tactics

ESET research

TorrentLocker: Crypto-ransomware still active, using same tactics

ESET has carried out analysis of new samples of the crypto-ransomware family TorrentLocker, to compare the 2016 campaigns against its research in late 2014.

Marc-Etienne M.Léveillé01 Sep 201611 min. read


ESET research

New OSX/Keydnap malware is hungry for credentials

New OSX/Keydnap malware is hungry for credentials

ESET research

New OSX/Keydnap malware is hungry for credentials

For the last few weeks, ESET has been investigating OSX/Keydnap, a malware that steals the content of the keychain while maintaining a permanent backdoor.

Marc-Etienne M.Léveillé06 Jul 20167 min. read


ESET research

Mumblehard takedown ends army of Linux servers from spamming

Mumblehard takedown ends army of Linux servers from spamming

ESET research

Mumblehard takedown ends army of Linux servers from spamming

One year after the release of the technical analysis of the Mumblehard Linux botnet, it is no longer active. ESET, in collaboration with the Cyber Police of Ukraine and CyS Centrum LLC, have taken down the botnet, stopping its spamming activities.

Marc-Etienne M.Léveillé07 Apr 20164 min. read


ESET research

Meet Remaiten - a Linux bot on steroids targeting routers and potentially other IoT devices

Meet Remaiten - a Linux bot on steroids targeting routers and potentially other IoT devices

ESET research

Meet Remaiten - a Linux bot on steroids targeting routers and potentially other IoT devices

ESET researchers are actively monitoring malware that targets embedded systems such as routers, gateways and wireless access points. We call this new threat Linux/Remaiten.

Michal Malik and Marc-Etienne M.Léveillé30 Mar 201611 min. read


ESET research

Multi-stage exploit installing trojan

Multi-stage exploit installing trojan

ESET research

Multi-stage exploit installing trojan

Earlier this year, a new type of trojan caught the attention of ESET researchers. This article will take a deep dive into how the exploit works and briefly describe the final payload.

Marc-Etienne M.Léveillé20 Oct 20158 min. read


ESET research

Unboxing Linux/Mumblehard: Muttering spam from your servers

Unboxing Linux/Mumblehard: Muttering spam from your servers

ESET research

Unboxing Linux/Mumblehard: Muttering spam from your servers

Today, ESET researchers reveal a family of Linux malware that stayed under the radar for more than 5 years. We have named this family Linux/Mumblehard. A white paper about this threat is available for download on WeLiveSecuriy.

Marc-Etienne M.Léveillé29 Apr 20152 min. read


ESET research

CryptoFortress mimics TorrentLocker but is a different ransomware

CryptoFortress mimics TorrentLocker but is a different ransomware

ESET research

CryptoFortress mimics TorrentLocker but is a different ransomware

ESET assess the differences between CryptoFortress and TorrentLocker: two very different strains of ransomware.

Marc-Etienne M.Léveillé09 Mar 20151 min. read


ESET research

TorrentLocker — Ransomware in a country near you

TorrentLocker — Ransomware in a country near you

ESET research

TorrentLocker — Ransomware in a country near you

Today, we are publishing research on ransomware that emerged in 2014. We have posted blog articles about this threat before, to raise awareness when we realized the criminals were targeting the United Kingdom and Spain.

Marc-Etienne M.Léveillé16 Dec 20142 min. read


Less Technical

TorrentLocker now targets UK with Royal Mail phishing

TorrentLocker now targets UK with Royal Mail phishing

Less Technical

TorrentLocker now targets UK with Royal Mail phishing

Marc-Etienne M.Léveillé04 Sep 20143 min. read