Research | Trusteer

Our research group, lead by CTO Amit Klein, explores new malware attack techniques and is responsible for setting product goals. The group works closely with other security vendors, researchers, and our customers to maintain its edge in malware research. As part of its work the group often finds new vulnerabilities and flaws in various products. Most of the information uncovered by the group is not publicly disclosed due to lack of vendor patches or various non-disclosure agreements. Publicly available research notes are presented below.

Malware Tricks


MBR-Torpig and Asynchronous Procedure Call


The WSNPOEM malware


NetHell: Rapid malware development using BHO and code examples


Torpig and SilentBanker: HTML Modifying Malware

Vulnerabilities

BIND 9 DNS Cache Poisoning


BIND 8 DNS Cache Poisoning


Windows DNS Server Cache Poisoning


OpenBSD DNS Cache Poisoning and Multiple O/S Predictable IP ID Vulnerability


PowerDNS Recursor DNS Cache Poisoning


Microsoft Windows DNS Stub Resolver Cache Poisoning

Attack Techniques


Anti-Keyloggers Myths


Bypassing Device Identification


The Threat of DNS Spoofing on Financial Services