Patents Assigned to Trusteer Ltd.
-
Patent number: 9424424Abstract: A method for detecting malware in a user terminal device that has been infected by malware via a browser running on the user terminal device, according to which upon detecting a predetermined a triggering event on the user terminal, a security application installed on the terminal automatically activates a transparent browser to navigate to one or more predetermined URLs. Then the security application checks the code of an inspected webpage that has been received immediately after it is opened by the transparent browser and rechecks the code after being at least partially processed by the transparent browser. If a change the code is detected, an alert is issued, indicating that the terminal has been infected by malware.Type: GrantFiled: April 8, 2013Date of Patent: August 23, 2016Assignee: TRUSTEER, LTD.Inventor: Amit Klein
-
Patent number: 9330259Abstract: A process for identifying potentially harmful malware, comprises the steps of: a) identifying an executable that is about to run; b) providing a monitoring agent that monitors all threads that are descendent of a thread initiated by the process of said executable; and c) configuring said monitoring agent to conclude that a high probability of malware presence exists, if one of said descendent threads reaches a target process in which suspicious patches are created.Type: GrantFiled: March 19, 2013Date of Patent: May 3, 2016Assignee: TRUSTEER, LTD.Inventors: Amit Klein, Yaron Dycian, Gal Frishman, Avner Gideoni
-
Patent number: 9323925Abstract: A method for preventing the acquisition of data by a screen capturing malware, comprises preventing an unidentified process that does not open a window from performing screen capture.Type: GrantFiled: May 30, 2013Date of Patent: April 26, 2016Assignee: TRUSTEER, LTD.Inventor: Amit Klein
-
Patent number: 9270691Abstract: A method for detecting HTML-modifying malware present in a computer includes providing a server which serves a web page (HTML) to a browser. A determination is made whether a modified string exists in the page received by the browser and if a modifying element is found, determining the malware is present in the computer.Type: GrantFiled: November 1, 2010Date of Patent: February 23, 2016Assignee: TRUSTEER, LTD.Inventors: Amit Klein, Michael Boodaei
-
Patent number: 9218487Abstract: A method for protecting a browser from malicious processes, comprises providing at least one process-proxy object and at least a browser-proxy object, interposed between the browser and a process, such that when the process invokes one of the DOM entry points, the process-proxy object isolates it from the real browser implementation and executes the process-proxy object's code instead.Type: GrantFiled: October 13, 2014Date of Patent: December 22, 2015Assignee: TRUSTEER, LTD.Inventors: Amit Klein, Eldan Ben-Haim, Oleg Izmerly, Shmuel Regev, Michael Boodaei
-
Publication number: 20150235026Abstract: A process for finding potentially harmful malware dropper on an infected computer system includes the steps of a) identifying an executable file that is about to run, and b) providing a storage agent that stores a copy of said executable file for a later inspection.Type: ApplicationFiled: February 17, 2014Publication date: August 20, 2015Applicant: Trusteer Ltd.Inventor: Amit Klein
-
Patent number: 9111090Abstract: A method for alerting a service provider and/or a user of a web browser of a phishing attempt comprises providing on a page that it is desired to protect against phishing, a Javascript that when caused by a phishing page to run not in the context of the original page generates an indication that a phishing attempt may exist.Type: GrantFiled: April 2, 2012Date of Patent: August 18, 2015Assignee: TRUSTEER, LTD.Inventors: Amit Klein, Michael Boodaei
-
Patent number: 9081956Abstract: A method for protecting a browser from malicious processes, comprises providing at least one process-proxy object and at least a browser-proxy object, interposed between the browser and a process, such that when the process invokes one of the DOM entry points, the process-proxy object isolates it from the real browser implementation and executes the process-proxy object's code instead.Type: GrantFiled: May 22, 2009Date of Patent: July 14, 2015Assignee: Trusteer Ltd.Inventors: Amit Klein, Eldan Ben-Haim, Oleg Izmerly, Shmuel Regev, Michael Boodaei
-
Publication number: 20150178374Abstract: The present disclosure relates to a method of providing user categorization from computer pointer interaction, comprising the steps of: creating a plurality of different pointer data profiles based on initial user sessions and storing said created pointer data profiles in the form of pointer data profile entries in a pointer data profile database, wherein said pointer data profile is obtained from collected user activity data generated by a pointing device; and categorizing each user using the stored pointer data profiles at an onset of subsequent user sessions.Type: ApplicationFiled: December 23, 2013Publication date: June 25, 2015Applicant: TRUSTEER LTD.Inventors: Ofer Rahat, Ron Peleg, Ayman Jarrous, Shmuel Regev
-
Publication number: 20150128206Abstract: A method for providing early filtering of events using a kernel-based filter, comprising the steps of: a) providing a driver for the kernel level that acts as a kernel filtering process, wherein said driver is configured to match events that occur at the kernel level according to predefined rules; and b) upon finding a match, acting according to the definition of the matched rule in order to allow the event, disallow said event or forward the content of said event for further processing.Type: ApplicationFiled: November 4, 2013Publication date: May 7, 2015Applicant: TRUSTEER LTD.Inventors: Eldan Ben Haim, Ilan Fraiman, Arkady Dubovsky
-
Publication number: 20150113644Abstract: An Agent for detecting and/or preventing an Exploit attack, comprises: a) means for monitoring the operation of one or more process elements in a computer system; b) means for determining whether said one or more process elements has initiated, or is about to initiate a “create process” operation; and c) means for performing preventive activities as a result of the determination.Type: ApplicationFiled: October 21, 2013Publication date: April 23, 2015Applicant: Trusteer, Ltd.Inventors: Amit KLEIN, Gal Frishman, Yaron Dycian, Avner Gideoni, Eldan Ben Haim, Ilan Fraiman
-
Patent number: 9015833Abstract: A method for defending a computer system comprising a DNS server against a DoS or a DDoS attack directed at said DNS server comprises replacing the address of said system provided by a user to a client software with an alternative address, wherein said address is replaced by a software agent associated with said user, such that said client software is capable of connecting with said system.Type: GrantFiled: November 7, 2012Date of Patent: April 21, 2015Assignee: Trusteer, Ltd.Inventor: Michael Boodaei
-
Patent number: 8863281Abstract: A method for protecting a browser from malicious processes, comprises providing at least one process-proxy object and at least a browser-proxy object, interposed between the browser and a process, such that when the process invokes one of the DOM entry points, the process-proxy object isolates it from the real browser implementation and executes the process-proxy object's code instead.Type: GrantFiled: May 22, 2009Date of Patent: October 14, 2014Assignee: Trusteer Ltd.Inventors: Amit Klein, Eldan Ben-Haim, Oleg Izmerly, Shmuel Regev, Michael Boodaei
-
Publication number: 20140289851Abstract: A process for identifying potentially harmful malware, comprises the steps of: a) identifying an executable that is about to run; b) providing a monitoring agent that monitors all threads that are descendent of a thread initiated by the process of said executable; and c) configuring said monitoring agent to conclude that a high probability of malware presence exists, if one of said descendent threads reaches a target process in which suspicious patches are created.Type: ApplicationFiled: March 19, 2013Publication date: September 25, 2014Applicant: TRUSTEER LTD.Inventors: Amit KLEIN, Yaron DYCIAN, Gal FRISHMAN, Avner GIDEONI
-
Patent number: 8813224Abstract: A method for protecting a browser from malicious processes, comprises providing at least one process-proxy object and at least a browser-proxy object, interposed between the browser and a process, such that when the process invokes one of the DOM entry points, the process-proxy object isolates it from the real browser implementation and executes the process-proxy object's code instead.Type: GrantFiled: May 22, 2009Date of Patent: August 19, 2014Assignee: Trusteer Ltd.Inventors: Amit Klein, Eldan Ben-Haim, Oleg Izmerly, Shmuel Regev, Michael Boodaei
-
Patent number: 8732794Abstract: A browser plug-in firewall manages data exchanged between a browser and a plug-in according to a pre-defined list of rights.Type: GrantFiled: August 11, 2008Date of Patent: May 20, 2014Assignee: Trusteer Ltd.Inventors: Michael Boodaei, Amit Klein, Oleg Izmerly
-
Patent number: 8725636Abstract: A method detects fraudulent transaction of money transfer to a mule account, according to which a detection software module is injected into a browser or a website to be protected. The detection module traces the content and the activities performed on a webpage of the website and detects any exceptional activity/condition which may be fraudulent online activity performed by malware and waits until all sensitive data to perform a fraud transaction is entered. Then the detection module stores and/or forwards the details of the mule account that has been used for the fraudulent transaction.Type: GrantFiled: October 22, 2012Date of Patent: May 13, 2014Assignee: Trusteer Ltd.Inventors: Amit Klein, Michael Boodaei
-
Publication number: 20140130152Abstract: A method for defending a computer system comprising a DNS server against a DoS or a DDoS attack directed at said DNS server comprises replacing the address of said system provided by a user to a client software with an alternative address, wherein said address is replaced by a software agent associated with said user, such that said client software is capable of connecting with said system.Type: ApplicationFiled: November 7, 2012Publication date: May 8, 2014Applicant: TRUSTEER LTD.Inventor: Michael Boodaei
-
Publication number: 20140114843Abstract: A method detects fraudulent transaction of money transfer to a mule account, according to which a detection software module is injected into a browser or a website to be protected. The detection module traces the content and the activities performed on a webpage of the website and detects any exceptional activity/condition which may be fraudulent online activity performed by malware and waits until all sensitive data to perform a fraud transaction is entered. Then the detection module stores and/or forwards the details of the mule account that has been used for the fraudulent transaction.Type: ApplicationFiled: October 22, 2012Publication date: April 24, 2014Applicant: TRUSTEER LTD.Inventors: Amit KLEIN, Michael BOODAEI
-
Publication number: 20140053267Abstract: In a computer system, a method detects a suspected malware behavior. Activities on a computer system conducted within a given time frame are monitored during the installation of a suspected file. The monitored activities are recorded and the monitored/recorded activities are compared with patterns of malware behavior, stored in a database. Upon detecting a suspicious program, the recorded monitored activities are provided for further analysis to be performed by appropriate software removal tools.Type: ApplicationFiled: August 20, 2012Publication date: February 20, 2014Applicant: TRUSTEER LTD.Inventors: Amit KLEIN, Mickey Boodaei