4 Posts

Lior Keshet

Malware Research Technical Lead, IBM Trusteer

Lior is a malware research technical lead at IBM Security's Trusteer's group. He has been a core member of the Trusteer cybercrime labs for the past four years. Lior holds a B.Sc in computer science from Israel's top technology institution, the Technion. Lior is very passionate about reverse engineering, cryptography and malware analysis.

Written By Lior Keshet

Exposing an AV-Disabling Driver Just in Time for Lunch

IBM X-Force researchers discovered a malicious AV-disabling driver while investigating a financial malware campaign targeting Brazilian bank accounts.

Tricks of the Trade: A Deeper Look Into TrickBot’s Machinations

Researchers discovered a new banking Trojan, TrickBot, that appears to borrow an uncommon webinjection technique from the infamous Dyre family of malware.

Fighting Fire With WinDBG: Breaking URLZone’s Anti-VM Armor

URLZone, a sophisticated banking Trojan that first emerged in 2009, keeps its inner workings under wraps with extensive anti-research features.

Two Heads Are Better Than One: Going Under the Hood to Analyze GozNym

IBM X-Force researchers recognized that the GozNym banking malware leverages features from two types of malware to make it double the threat.

Co-Written By Lior Keshet

Client Maximus: New Remote Overlay Malware Highlights Rising Malcode Sophistication in Brazil

IBM X-Force researchers discovered a new malware called Client Maximus that contains advanced code written specifically to attack banks in Brazil.

Meet GozNym: The Banking Malware Offspring of Gozi ISFB and Nymaim

The new GozNym hybrid takes the best of both the Nymaim and Gozi ISFB malware to create a powerful Trojan targeting banks in the U.S. and Canada.