Lior Keshet

Malware Research Technical Lead, IBM Trusteer

Lior is a malware research technical lead at IBM Security's Trusteer's group. He has been a core member of the Trusteer cybercrime labs for the past four years. Lior holds a B.Sc in computer science from Israel's top technology institution, the Technion. Lior is very passionate about reverse engineering, cryptography and malware analysis.

Advanced Threats January 25, 2017

Anatomy of an hVNC Attack

6 min read - Cybercriminals who rely on remote control tactics to commit financial fraud may use hidden virtual network computing (hVNC) modules to cover their tracks.

Malware January 10, 2017

Client Maximus: New Remote Overlay Malware Highlights Rising Malcode Sophistication in Brazil

7 min read - IBM X-Force researchers discovered a new malware called Client Maximus that contains advanced code written specifically to attack banks in Brazil.

Advanced Threats January 4, 2017

Exposing an AV-Disabling Driver Just in Time for Lunch

8 min read - IBM X-Force researchers discovered a malicious AV-disabling driver while investigating a financial malware campaign targeting Brazilian bank accounts.

Advanced Threats November 9, 2016

Tricks of the Trade: A Deeper Look Into TrickBot’s Machinations

6 min read - Researchers discovered a new banking Trojan, TrickBot, that appears to borrow an uncommon webinjection technique from the infamous Dyre family of malware.

Malware September 2, 2016

Fighting Fire With WinDBG: Breaking URLZone’s Anti-VM Armor

10 min read - URLZone, a sophisticated banking Trojan that first emerged in 2009, keeps its inner workings under wraps with extensive anti-research features.

Advanced Threats July 12, 2016

Two Heads Are Better Than One: Going Under the Hood to Analyze GozNym

8 min read - IBM X-Force researchers recognized that the GozNym banking malware leverages features from two types of malware to make it double the threat.

Malware April 14, 2016

Meet GozNym: The Banking Malware Offspring of Gozi ISFB and Nymaim

5 min read - The new GozNym hybrid takes the best of both the Nymaim and Gozi ISFB malware to create a powerful Trojan targeting banks in the U.S. and Canada.

Failed to load data

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.

Subscribe today

Analysis and insights from hundreds of the brightest minds in the cybersecurity industry to help you prove compliance, grow business and stop threats.

Cybersecurity News By Topic By Industry Exclusive Series X-Force Podcast Events Contact About Us

Security Intelligence

{{title}}

{{title}}

{{title}}

Topics

Lior Keshet

Anatomy of an hVNC Attack

Client Maximus: New Remote Overlay Malware Highlights Rising Malcode Sophistication in Brazil

Exposing an AV-Disabling Driver Just in Time for Lunch

Tricks of the Trade: A Deeper Look Into TrickBot’s Machinations

Fighting Fire With WinDBG: Breaking URLZone’s Anti-VM Armor

Two Heads Are Better Than One: Going Under the Hood to Analyze GozNym

Meet GozNym: The Banking Malware Offspring of Gozi ISFB and Nymaim

{{{title}}}

Topic updates