Tibor Éliás

Senior Malware Analyst

Going deep!

Tibor Éliás, Android Senior Malware Analyst at IKARUS Security Software, about malware, puzzle pieces and real successes.

Tibor Éliás

For more than six years, Tibor Éliás has been disassembling Android malware. As a malware analyst, he has witnessed how mobile threats have evolved and spread over the last few years.

“Not only the number of samples in the wild has increased, but also the variety,” says Tibor Éliás: “The first malware programs that sent masses of premium SMS for fast money were followed by classic Trojans and key loggers. In the meantime, we are also dealing with ransomware, banking trojans, cryptomers, adware, stalkerware and PUAs”.

After Windows, Android is the most popular target of cybercriminals. The advantages are obvious: our smartphones now contain just as valuable data, but are less secured – or not secured at all. It pays off to invest in new attack methods.

“A good malware analyst keeps up with the rapid developments and always finds new ways to fend off attacks.”

The strong detection rates of the IKARUS Malware Scan Engine are no coincidence and are not only due to the highly developed technology: It also contains a lot of ambition, know-how and creativity of the analysts.

Reverse engineering is a large and exciting part of the virus laboratory’s everyday work but by far not all.

One exciting task was to unlock a smartphone infected with a new type of ransomware that targeted and misused banking apps. To do this, we had to develop new software, find security gaps and crack the encryption. The task resembled a huge puzzle that had to be put together in the right order. It was exciting until the end”.

Malware comes and goes – success stories like this one will be remembered.

What did you want to be when you were little?

Scientists, physicists or geneticists

When and how did you discover your interest in IT and/or cyber security?

When I met IRC hackers like George Hotz, we worked together on GitHub projects like EDA and reverse-engineered proprietary hypervisor calls. Later, my professor at the University of Applied Sciences advertised a job advertisement for Smartphone Security, for which I applied right away. He also aroused my interest in how malware works on smartphones and how malware works, for example, camouflaged in front of antivirus software. Because I became more and more interested in the subject, I wrote my bachelor’s and master’s thesis with this professor and found my job as an Android malware analyst with his help.

How did you become a Malware Analyst? What training, knowledge or experience was particularly helpful?

I have a Bachelor’s degree in Electronics and a Master’s degree in Telecommunications and Internet Technologies.

Which (professional and human) skills are particularly important in your current job?

Smartphone App Development and Reverse Engineering, Automation, Time Management and Teamwork.

What would you have liked to know about your profession earlier?

I would have liked to learn more general skills like System Administration, DevOps, Machine Learning and Database Development.

What do you like most and least about your job?

I like the interaction with my colleagues and the idea that my job can protect clients from criminals.

What I don’t like is when we have too much to do in a limited time, and sometimes the goal of the task is not clear.

What is special about your role as Malware Analyst?

That I can do my job from anywhere, that is, my work itself is independent of location, and that I can protect our clients from fraud. Furthermore, I am mainly motivated by being able to guarantee the privacy and, in part, the financial security of our customers.

What do you think are good ways to get a foothold in the IT and/or cyber security industry?

Participate in open-source projects; try to build fundamental tools that analysts can use; a blog about various malware threats, write whitepapers, etc.

Why should someone apply to be your new colleague?

Because we have a good team where everyone gets along well, this is also important to me for the future: that we have colleagues who work well with others, but at the same time are also able to work well independently.

Figure 3: The landing page is visited using the mobile devices browser

Mobile overlay attacks on Android

A short but deep insight into how malware works on Android. By Tibor Éliás, Android malware analyst at IKARUS Security Software.

Free Android security app

Since 2013, IKARUS has provided free access to a professional virus scanner for Android with the Android app IKARUS mobile.security. If you want more, you can upgrade to the Pro version with remote control features, URL filter and privacy control.

Mobile overlay attacks on Android

A short but deep insight into how malware works on Android – including expert tips and recommendations for securing your own apps.


Cyber Security Engineer – TIP
Product Owner (m/w/x) - IT Security
Junior Cyber Security Engineer
System Engineer
Malware Analyst


IKARUS Security Software GmbH Blechturmgasse 11
1050 Vienna

Phone: +43 1 58995-0
Sales Hotline:
+43 1 58995-500


Support hotline:
+43 1 58995-400

Support hours:
Mon – Thu: 8am – 5pm
Fri: 8am – 3pm
24/7 support by arrangement

Remote maintenance software:
AnyDesk Download