Five of the Dirtiest Malware Tricks

Malware graphic
Illustration: Tomer Hanuka
If the crooks behind viruses, Trojan horses, and other malicious software were as stupid as they are scummy, we'd have a lot less to worry about. But as protective measures get better at stopping the obvious attacks, online creeps respond with underhanded moves to invade your PC. Here are five of their dirtiest tricks, all based on Trojan horses.

Don't mind me--I'm only here to break your PC: It's like sending in a different scout each time to open the gate for the rest of the invaders. The "Glieder Trojan" and many others use a multistage infection process whose first step is a tiny program that the crooks can change constantly so your antivirus watchdog is less likely to recognize it. Once it gets in, the downloader tries to disable your security before pulling down the real payload, which could be a data stealer or anything else the attacker wants.

Locked and encrypted Web sites? No problem: Web sites can and should use secure socket layer (SSL) to encrypt and protect sensitive data such as bank account log-ins. (When a lock icon appears in the address bar, that indicates the site is using SSL.) But the "Gozi Trojan" and its ilk evade SSL protections by making Windows think they're part of the process, so your data leaves IE and goes through Gozi before it's encrypted and sent out on the network. Instead of spying on your keyboard, which many security programs watch for, these apps roll into the OS as fake layered-service providers (LSPs).

Related:
1 2 Page 1
Shop Tech Products at Amazon