About Us:
A leading global technology group, renowned for its extensive ecosystem of digital services and platforms. With a strong presence in cloud computing, mobile gaming, social media, and enterprise solutions, the organization supports millions of users and businesses worldwide. It emphasizes innovation, scalability, and security, making it a key player in driving digital transformation across various industries.
Job Responsibilities
- Perform in-depth static and dynamic reverse engineering of malware, cheats, trojans, and hacking tools; analyze core mechanisms, communication protocols, exploitation methods, and obfuscation techniques.
- Write high-quality vulnerability analysis reports, reverse engineering reports, and detection rules (e.g., YARA), while promoting and implementing remediation and protective measures.
- Proactively track and monitor black-market activity, including production, distribution, and sales channels of cheats (e.g., private servers, cheat marketplaces, gold farming studios).
- Study the technical evolution, organizational structures, business models, and financial flows of black-market operations to create comprehensive ecosystem maps.
- Monitor domestic and international darknet marketplaces, underground forums, and other illicit hubs; analyze communications to provide early warnings of potential attacks, data breaches, or novel cheating methods.
Job Requirements
- Minimum 3 years of solid reverse engineering experience on Windows, Linux, or Android platforms; proficient with mainstream tools such as IDA Pro, Ghidra, OllyDbg, x64dbg, and WinDbg.
- Expertise in x86/x64/ARM assembly language; strong understanding of compiled C/C++ program structure and skills in code analysis and logic reconstruction.
- Practical experience in software vulnerability analysis (e.g., stack overflow, UAF) or unpacking complex packers/VMs is highly preferred.
- First-hand, in-depth research experience in at least one black-market field, such as game cheating, e-commerce brushing, financial fraud, or data theft.
- Familiar with common cheat techniques (e.g., memory modification, API Hooking, packet tampering, click simulation) and the full cheat lifecycle from production to monetization.
- Practical experience accessing and gathering intelligence from the darknet (e.g., Tor network) or core underground forums.
- Strong systematic thinking: able to connect individual samples to broader attack organizations and business models.
- Passion for technical details with the ability to identify subtle clues and investigate root causes.
- Self-driven and capable of solving problems in ambiguous scenarios without direct supervision.
Preferred Qualifications (Bonus Points)
- Programming skills in Python, C++, or Go; able to develop automated analysis scripts or PoC tools.
- Experience in reverse engineering or black-market research on mobile applications (Android/iOS).
- Understanding of network protocol analysis, with experience using tools like Wireshark to analyze malicious traffic.
- Familiarity with large-scale AI models and applications is a significant plus.
