.svg?width=185&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Home"){kind=logo}
.svg?width=13&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Top Navigation - Sign in - Icon")
Gabor Szappanos
Gabor graduated from the Eotvos Lorand University of Budapest with a degree in physics. His first job was in the Computer and Automation Research Institute, developing diagnostic software and hardware for nuclear power plants. He started antivirus work in 1995, and began developing freeware antivirus solutions in his spare time. Gabor joined VirusBuster in 2001 where he was responsible for taking care of macro virus and script malware and became head of the virus lab in 2002. In 2008 he became a member of the Board of Directors in AMTSO (Anti Malware Testing Standards Organization) and, in 2012, joined Sophos as a Principal Malware Researcher.
Content by Gabor Szappanos
Threat Research
Claude
Beagle
Backdoor
malvertising
AI
DONUT
DLL sideloading
Sophos X-Ops
Donuts and Beagles: Fake Claude site spreads backdoor
May 7, 2026
Threat Research
EDR killer
Featured
packer
Ransomware
shanya
SophosLabs
Inside Shanya, a packer-as-a-service fueling modern attacks
December 6, 2025
Threat Research
blind spider
Featured
heartcrypt
packer
Service
HeartCrypt’s wholesale impersonation effort
September 26, 2025
Threat Research
avkiller
EDR killer
Featured
heartcrypt
RansomHub
Sophos X-Ops
Shared secret: EDR killer in the kill chain
August 6, 2025
Threat Research
cobalt strike
DLL sideloading
minhook
Finding Minhook in a sideloading attack – and Sweden too
April 29, 2025
Threat Research
Featured
Gootkit
Gootloader
HelloDolly
JScript
malicious SEO
malware
obfuscation
php
PHP shell
SEO
WordPress
YARA
Gootloader inside out
January 16, 2025
Security Operations
Threat Research
binaries
Featured
impersonation
Sophos X-Ops
Malware campaign attempts abuse of defender binaries
April 26, 2024
Threat Research
Featured
initial access
malvertising
MDR
nitrogen
sideloading
Sophos X-Ops
Into the tank with Nitrogen
July 26, 2023
Threat Research
DLL sideloading
Featured
Sophos X-Ops
Telegram
A doubled “Dragon Breath” adds new air to DLL sideloading attacks
May 3, 2023
