Ilfak Guilfanov

Early Life

Guilfanov was born on 12 November 1966 in a small village in the Tatarstan region of Russia, into a Volga Tatar family. He went on to study at Moscow State University, graduating in 1987 with a Bachelor of Science in Mathematics.

Career

Guilfanov worked for DataRescue, where he developed his expertise in low-level software and reverse engineering. During this period he created the Interactive Disassembler, a powerful tool for analyzing compiled binary code. He serves as the systems architect and main developer of IDA Pro, the commercial version of the disassembler, which is distributed by Hex-Rays. A freeware version of the tool is also available.

In 2005, Guilfanov founded Hex-Rays, the company that commercializes IDA Pro. He is based in Liège, Belgium, where the company operates. By 2020, Hex-Rays had grown to generate annual revenues exceeding 20 million euros. In 2022, a consortium of investors — Smartfin, SFPIM (the Belgian sovereign wealth fund), and SRIW (the development fund of Wallonia) — acquired Hex-Rays for 81 million euros.

Notable Work

Guilfanov is perhaps most widely recognized outside the reverse engineering community for his response to the Windows Metafile (WMF) vulnerability discovered in late 2005. On 31 December 2005, with no official patch yet available from Microsoft, he released a free, unofficial hotfix to address the flaw. The patch was favorably reviewed and widely publicized by the security community given the absence of an official remedy. Microsoft subsequently released its own official patch on 5 January 2006.

IDA Pro itself represents Guilfanov's most enduring technical contribution. The tool is a standard instrument in professional software reverse engineering and binary analysis, used extensively by security researchers, malware analysts, and vulnerability researchers worldwide.

Recognition

Guilfanov's unofficial WMF hotfix brought him significant recognition from the broader security community, demonstrating both his technical capability and his willingness to act in the public interest during a period of active exploitation risk. The commercial success of Hex-Rays and the 2022 acquisition by a consortium of institutional investors further reflect the lasting impact of his work on IDA Pro.