The malware has previously been used to steal $220,000 worth of bitcoins from victims.
The research presents techniques for distinguishing legit data leaks from false claims.
Igor Baikalov was appointed chief scientist at security intelligence firm Securonix.
In a detailed report, an array of malicious tools and tactics used by a cyberespionage group, called Axiom, are divulged.
The credential-stealing malware Dyre has been tied to a string of phishing attacks.