Matthieu Faou

Matthieu Faou

Senior Malware Researcher


Education:Ingénieur civil at Mines Nancy / M. Sc. in Computer Engineering at Polytechnique Montréal

Position and history at ESET: I joined ESET in august 2016 as a Malware Researcher.

Favorite activities: Running, cycling, skiing.

What is your golden rule for cyberspace? Use your critical mindset.


22 articles by Matthieu Faou

ESET research

Operation Texonto: Information operation targeting Ukrainian speakers in the context of the war

Operation Texonto: Information operation targeting Ukrainian speakers in the context of the war

ESET research

Operation Texonto: Information operation targeting Ukrainian speakers in the context of the war

A mix of PSYOPs, espionage and … fake Canadian pharmacies!

Matthieu Faou21 Feb 202411 min. read


ESET research

Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers

Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers

ESET research

Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers

ESET Research recommends updating Roundcube Webmail to the latest available version as soon as possible

Matthieu Faou25 Oct 20234 min. read


ESET research

MoustachedBouncer: Espionage against foreign diplomats in Belarus

MoustachedBouncer: Espionage against foreign diplomats in Belarus

ESET research

MoustachedBouncer: Espionage against foreign diplomats in Belarus

Long-term espionage against diplomats, leveraging email-based C&C protocols, C++ modular backdoors, and adversary-in-the-middle (AitM) attacks… Sounds like the infamous Turla? Think again!

Matthieu Faou10 Aug 202322 min. read


ESET research

Asylum Ambuscade: crimeware or cyberespionage?

Asylum Ambuscade: crimeware or cyberespionage?

ESET research

Asylum Ambuscade: crimeware or cyberespionage?

A curious case of a threat actor at the border between crimeware and cyberespionage

Matthieu Faou08 Jun 20239 min. read


ESET research

A lookback under the TA410 umbrella: Its cyberespionage TTPs and activity

A lookback under the TA410 umbrella: Its cyberespionage TTPs and activity

ESET research

A lookback under the TA410 umbrella: Its cyberespionage TTPs and activity

ESET researchers reveal a detailed profile of TA410: we believe this cyberespionage umbrella group consists of three different teams using different toolsets, including a new version of the FlowCloud espionage backdoor discovered by ESET.

Alexandre Côté Cyr and Matthieu Faou27 Apr 202233 min. read


ESET research

Strategic web compromises in the Middle East with a pinch of Candiru

Strategic web compromises in the Middle East with a pinch of Candiru

ESET research

Strategic web compromises in the Middle East with a pinch of Candiru

ESET researchers have discovered strategic web compromise (aka watering hole) attacks against high-profile websites in the Middle East

Matthieu Faou16 Nov 202111 min. read


ESET research

FamousSparrow: A suspicious hotel guest

FamousSparrow: A suspicious hotel guest

ESET research

FamousSparrow: A suspicious hotel guest

Yet another APT group that exploited the ProxyLogon vulnerability in March 2021

Tahseen Bin Taj and Matthieu Faou23 Sep 20217 min. read


ESET research

Gelsemium: When threat actors go gardening

Gelsemium: When threat actors go gardening

ESET research

Gelsemium: When threat actors go gardening

ESET researchers shed light on new campaigns from the quiet Gelsemium group

Matthieu Faou and Thomas Dupuy09 Jun 20214 min. read


ESET research

Exchange servers under siege from at least 10 APT groups

Exchange servers under siege from at least 10 APT groups

ESET research

Exchange servers under siege from at least 10 APT groups

ESET Research has found LuckyMouse, Tick, Winnti Group, and Calypso, among others, are likely using the recent Microsoft Exchange vulnerabilities to compromise email servers all around the world

Matthieu Faou, Thomas Dupuy, Mathieu Tartare10 Mar 202115 min. read