5 Posts

Lior Keshet

Malware Research Technical Lead, IBM Trusteer

    Lior is a malware research technical lead at IBM Security's Trusteer's group. He has been a core member of the Trusteer cybercrime labs for the past four years. Lior holds a B.Sc in computer science from Israel's top technology institution, the Technion. Lior is very passionate about reverse engineering, cryptography and malware analysis.

    Written By Lior Keshet

    Anatomy of an hVNC Attack

    Cybercriminals who rely on remote control tactics to commit financial fraud may use hidden virtual network computing (hVNC) modules to cover their tracks.

    Exposing an AV-Disabling Driver Just in Time for Lunch

    IBM X-Force researchers discovered a malicious AV-disabling driver while investigating a financial malware campaign targeting Brazilian bank accounts.

    Tricks of the Trade: A Deeper Look Into TrickBot’s Machinations

    Researchers discovered a new banking Trojan, TrickBot, that appears to borrow an uncommon webinjection technique from the infamous Dyre family of malware.

    Fighting Fire With WinDBG: Breaking URLZone’s Anti-VM Armor

    URLZone, a sophisticated banking Trojan that first emerged in 2009, keeps its inner workings under wraps with extensive anti-research features.

    Two Heads Are Better Than One: Going Under the Hood to Analyze GozNym

    IBM X-Force researchers recognized that the GozNym banking malware leverages features from two types of malware to make it double the threat.

    Co-Written By Lior Keshet

    Client Maximus: New Remote Overlay Malware Highlights Rising Malcode Sophistication in Brazil

    IBM X-Force researchers discovered a new malware called Client Maximus that contains advanced code written specifically to attack banks in Brazil.

    Meet GozNym: The Banking Malware Offspring of Gozi ISFB and Nymaim

    The new GozNym hybrid takes the best of both the Nymaim and Gozi ISFB malware to create a powerful Trojan targeting banks in the U.S. and Canada.