"And if we open this file then we should see their credit card number," says PrevX's Jacques Erasmus as he clicks on the encrypted text file that has just appeared on his laptop screen – he's not wrong.
In the course of a couple of hours Erasmus has shown me how to get the software that can force its way into people's computers, told me how much it costs and given a demonstration of just how simple it is to use.
South African born Erasmus has been a hacker for his entire professional life, but insists that since he turned 17 and got a job testing out company security, he has been a force against cyber-crime.
His job title with PrevX is Director of Malware Research, but his business card may as well read 'white hat hacker'. It's his day job to replicate what cyber-criminals are doing so that he can stay ahead of the curve and keep PrevX customers safe.
Learning the tricks
Within minutes of sitting down with Erasmus, under the watchful eye of an affable PR man (or 'mother' as Erasmus refers to him several times through the day), the hacker is modifying simple text files and installing some cutting-edge cyber-crime tools.
"It's not as hard to get as you would think," he explains. "If you have the money and someone to vouch for you, you can get hold of this particular program fairly quickly."
Erasmus spends a few minutes tinkering with a text file as he tries to get things working, occasionally glancing up at the big screen that he's using for our visit.
Something is clearly broken, but after a few minutes the problem is tracked down to a missing symbol. Erasmus looks a little sheepish, admitting: "every time I do a demonstration something like this happens."
He needn't worry – the software itself is a lot less complicated that we'd have believed, but seeing him use it shows just how au fait he is with the insidious tools of the trade.
Exploiting a PDF
Soon enough, Erasmus has set up a working website loaded with a .pdf exploit that has a chance of breaking into PCs running the popular Adobe plug-in without the latest security updates.
"Using a .pdf exploit is by far the most common route into people's machines at the moment," he says. "It's a numbers game, but I'd say around one in three of the PCs that visit this site with old Acrobat software will get infected."
The exploit is simple. It opens a back door into the target PC that allows the installation of all manner of malware, most of which is more than capable of stealing passwords, personal information and bank account details. It also leaves the computer open for the hacker to use as part of a bot-net of machines.
Erasmus displays this technique by visiting a site he knows is positively leprous with malware and showing us the files that are run when the computer's security is compromised.
"The first thing that a cyber-criminal does is install what amounts to anti-virus software," he says as the laptop becomes flooded with malware. "The last thing he wants is for another hacker to get their software on the machine and take it away from him."
The sheer number of programs infecting our test laptop brings it quickly to its knees.
'It's all brute force'
"That's bad for them," points out Erasmus. "If the malware breaks the machine it's no good for anyone and if its performance is affected by that much then people will get suspicious and not do their online banking or put in personal details."
I ask why malware makers aren't more subtle with their delivery – why not use one incisor-like piece of software instead of a whole host of programmes?
He shrugs. "It's all very brute force at the moment. Once people break in they want to get as much software on as possible."
But surely one hidden piece of software is potentially much more dangerous in the long term? "I'm not sure they see it like that," he adds. "These guys work on numbers. They tend to target a big group."
The site that Erasmus has set up delivers a much smaller payload of malware – but the program it does put on our test machine is effective.
Phishing for answers
Putting a keylogger on someone's machine is relatively common, but the information it can provide is low grade. "It takes a lot of effort to get anything meaningful out of the data," explains Erasmus. "You quite often have gigabytes of information to trawl through."
But Erasmus's software only activates when a user visits certain sites, meaning he can pare away the fluff and mine bank details much more effectively.
He also shows us how the program can change a page's html – potentially extracting even more information.
He demonstrates this on a well-known news site which asks for user name, password and ATM number. It's brilliantly OTT, but he says with a minimum of fuss he could do this for any banking site, so that it asks for more security code digits or any other information that could potentially open up the account.
Brains before beauty
I note that all of the sites he has visited to show us active malware in action have been adult sites.
"Yeah, if you're going to surf porn you should definitely have a good anti-virus program installed," he says, immediately glancing at the PR guy who is shaking his head.
"Oh come on, I can say that!" He grins as the point is grudgingly conceded.
How to get the Edge
Erasmus is also keen to show off PrevX's Edge anti-virus program, which is a tiny download and works in conjunction with other AV programs.
Bravely, this demonstration is done on the laptop that has been turned into a gibbering wreck by its visit to an adult site without protection.
Amusingly, the viruses have embedded so deeply that all of the major anti-virus company's websites are blocked – returning a 404 error and meaning that Edge has to be put onto the machine via a USB stick.
The malware tries to shut down the anti-virus program several times, but Edge finally breaks down the resistance and eliminates half of the malware in its first attempt.
A reboot shows that yet more is present, hidden beneath a root kit that was hiding beneath a second root kit – essentially software that makes programs largely invisible to the computer.
The second time around and the computer is clean and both Jacques and the PR man breathe an audible sigh of relief.
"I'm fairly pleased with that," says Erasmus. "Although obviously I'd have preferred it to have got rid of everything on the first pass."
As I pull on my coat to start the long trek home, Erasmus is once more glaring at the screen – trying to work out the best way of making Edge even better. Given today's demonstration, we wouldn't bet against him doing just that.
-------------------------------------------------------------------------------------------------------
Now read 10 embarrassing moments in tech
Sign up for the free weekly TechRadar newsletter
Get tech news delivered straight to your inbox. Register for the free TechRadar newsletter and stay on top of the week's biggest stories and product releases. Sign up at http://www.techradar.com/register
No comments