LLMpediaThe first transparent, open encyclopedia generated by LLMs

Costin Raiu

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: The Shadow Brokers Hop 4
Expansion Funnel Raw 109 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted109
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
Costin Raiu
NameCostin Raiu
OccupationComputer security researcher, Director of Global Research and Analysis Team
EmployerKaspersky Lab
Known forMalware analysis, incident response, cyber-espionage investigations

Costin Raiu is a Romanian-born computer security researcher and the Director of the Global Research and Analysis Team (GReAT) at Kaspersky Lab. He is noted for leading high-profile malware investigations and public analysis of cyber-espionage operations, working with international partners including Europol, FBI, Interpol, and academic groups from Massachusetts Institute of Technology and Stanford University. Raiu has spoken at major conferences such as Black Hat USA, DEF CON, RSA Conference, and Virus Bulletin and contributed to technical reporting used by governments and private sector firms including Microsoft, Google, Cisco, and Symantec.

Early life and education

Raiu was born in Romania and completed formative studies that led him into information security circles associated with universities and research centers in Bucharest and broader Eastern Europe. Early exposure to computing drew connections with projects at institutions such as Technical University of Munich, École Polytechnique, and researcher networks around Karlsruhe Institute of Technology. He later engaged with professional training and certification programs linked to organizations like SANS Institute, ISC2, and ISOC.

Career and roles at Kaspersky Lab

At Kaspersky Lab Raiu rose to direct the GReAT team, coordinating analysts and incident responders across regions including North America, Europe, Asia-Pacific, and Latin America. His role involved collaboration with corporate partners such as Microsoft Corporation, Google LLC, Amazon Web Services, and Oracle Corporation as well as government entities like United States Department of Homeland Security, National Security Agency, UK National Cyber Security Centre, and Estonian Information System Authority. Raiu worked alongside researchers from organizations including ESET, Trend Micro, McAfee, CrowdStrike, FireEye, Palo Alto Networks, and Bitdefender to share intelligence and publish coordinated disclosures. He liaised with standards bodies and consortia such as MITRE Corporation, FIRST, CVE, and OWASP on attribution practices, telemetry sharing, and threat intelligence frameworks.

Research and notable investigations

Raiu led or contributed to investigations into advanced persistent threat groups and malware families that affected targets across governments, corporations, and research labs. Notable work included analysis tied to operations associated with groups referenced in reporting on Stuxnet, Equation Group, Duqu, Flame, Lazarus Group, APT28, APT29, and broader campaigns linked to Operation Pawn Storm and Shadow Brokers. He authored technical write-ups and coordinated disclosures on malware such as BlackEnergy, NotPetya, Petya, WannaCry, Gaza Cybergang-related tooling, and targeted implants leveraging zero-days in products from Microsoft Windows, Adobe Systems, Oracle, and Apple Inc.. His team produced telemetry-driven reports used by CERTs including US-CERT, CERT-EU, JPCERT/CC, and INCIBE, and collaborated with academic research labs at Carnegie Mellon University, University of Oxford, ETH Zurich, and University of Cambridge on malware attribution and forensic techniques.

Public appearances and media coverage

Raiu regularly presented findings at technical venues such as Black Hat USA, DEF CON, RSA Conference, Virus Bulletin, CanSecWest, and InfoSec World, and participated in panels organized by NATO CCDCOE, United Nations Office on Drugs and Crime, and World Economic Forum. Media outlets that covered his work include The New York Times, The Washington Post, The Guardian, BBC News, Reuters, Bloomberg News, The Wall Street Journal, Wired, The Economist, and Politico, while trade publications such as SC Magazine, Dark Reading, ZDNet, and TechCrunch reported on his analyses. Raiu gave interviews and briefings to policymakers and parliamentary committees in countries including United States Congress, European Parliament, UK Parliament, and national ministries in Poland, Ukraine, Estonia, and Romania.

Awards and recognitions

Raiu and his team at Kaspersky Lab have been cited in industry rankings, white papers, and community awards from organizations such as SC Awards, SANS Institute, Virus Bulletin VB100, and professional bodies like IEEE Computer Society and ACM SIGCOMM. His contributions to incident response collaborations and threat intelligence sharing earned acknowledgements from national CERTs including CERT-UA and private-sector partners including Cisco Talos and Google Project Zero. Raiu’s public research has been referenced in governmental cybersecurity assessments and policy reports from bodies such as NATO, European Union Agency for Cybersecurity, and national security agencies.

Category:Computer security researchers Category:Kaspersky Lab employees Category:Romanian scientists