Socially Distanced or Socially Engineered: Uncovering the Vizom Malware
In our talk, we’ll discuss a new discovery made by our global counter-cybercrime labs of malware code that targets online banking users. The malware was coined “Vizom” by our team; it uses familiar remote overlay attack tactics to take over user devices in real-time as the intended victim logs in, and then initiate fraudulent transactions from their bank account.
We will provide further information about Vizom, going over the technical details of its components and how it achieves the attacker’s objectives to steal money from online banking users. This topic will be backed up by a demo and real attack example during the session.
The Coronavirus (COVID-19) pandemic has changed the world in many ways and has especially affected the ways we work. Since so many people have switched to working from home, and almost everyone uses videoconferencing software, Vizom uses the binaries of popular videoconferencing software to pave its way into new devices.
It’s important to keep in mind that while Vizom currently operates in Latin America, it can be adapted to target any other country in other parts of the world as well as other digital industries then banking. In the past year, we saw that the remote overlay threat has started to attack globally and spread to other countries in Europe.
Lastly, we will discuss high-level processes that cyber security teams have to start adapting, including proper preparation for today’s cyber fraud threat landscape, and how machine learning models can be leveraged to generally combat the Remote Overlay threat and specifically Vizom.
Chen Nahman
IBM Security
Chen is a Security Threat Researcher at IBM Security (Trusteer). Chen is experienced in malware analysis and advanced threat research. Prior to that Chen worked at RSA, the Security Division of EMC, where his duties entailed examining threats in the banking industry.
Ofir Ozer
IBM Security
Ofir is a Malware Researcher at IBM Security (Trusteer). He specializes in researching attacks targeting the financial threat landscape. Ofir has a keen interest in Windows Internals, reverse engineering, memory analysis and network anomalies. In his spare time Ofir enjoys football, listening to music, drumming and world traveling.
Sponsors and Supporting Organizations
Diamond Sponsors
Platinum Sponsor
Networking Lounge Sponsor
Supporting Organization
Associate Sponsors