A day in the life of a white hat hacker

I ask why malware makers aren't more subtle with their delivery – why not use one incisor-like piece of software instead of a whole host of programmes?

He shrugs. "It's all very brute force at the moment. Once people break in they want to get as much software on as possible."

But surely one hidden piece of software is potentially much more dangerous in the long term? "I'm not sure they see it like that," he adds. "These guys work on numbers. They tend to target a big group."

The site that Erasmus has set up delivers a much smaller payload of malware – but the program it does put on our test machine is effective.

Phishing for answers

Putting a keylogger on someone's machine is relatively common, but the information it can provide is low grade. "It takes a lot of effort to get anything meaningful out of the data," explains Erasmus. "You quite often have gigabytes of information to trawl through."

But Erasmus's software only activates when a user visits certain sites, meaning he can pare away the fluff and mine bank details much more effectively.

He also shows us how the program can change a page's html – potentially extracting even more information.

He demonstrates this on a well-known news site which asks for user name, password and ATM number. It's brilliantly OTT, but he says with a minimum of fuss he could do this for any banking site, so that it asks for more security code digits or any other information that could potentially open up the account.

Brains before beauty

I note that all of the sites he has visited to show us active malware in action have been adult sites.

"Yeah, if you're going to surf porn you should definitely have a good anti-virus program installed," he says, immediately glancing at the PR guy who is shaking his head.

"Oh come on, I can say that!" He grins as the point is grudgingly conceded.

How to get the Edge

Erasmus is also keen to show off PrevX's Edge anti-virus program, which is a tiny download and works in conjunction with other AV programs.

Bravely, this demonstration is done on the laptop that has been turned into a gibbering wreck by its visit to an adult site without protection.

Amusingly, the viruses have embedded so deeply that all of the major anti-virus company's websites are blocked – returning a 404 error and meaning that Edge has to be put onto the machine via a USB stick.

The malware tries to shut down the anti-virus program several times, but Edge finally breaks down the resistance and eliminates half of the malware in its first attempt.

A reboot shows that yet more is present, hidden beneath a root kit that was hiding beneath a second root kit – essentially software that makes programs largely invisible to the computer.

The second time around and the computer is clean and both Jacques and the PR man breathe an audible sigh of relief.

"I'm fairly pleased with that," says Erasmus. "Although obviously I'd have preferred it to have got rid of everything on the first pass."

As I pull on my coat to start the long trek home, Erasmus is once more glaring at the screen – trying to work out the best way of making Edge even better. Given today's demonstration, we wouldn't bet against him doing just that.


Now read 10 embarrassing moments in tech

Sign up for the free weekly TechRadar newsletter
Get tech news delivered straight to your inbox. Register for the free TechRadar newsletter and stay on top of the week's biggest stories and product releases. Sign up at http://www.techradar.com/register

Follow TechRadar on Twitter

Patrick Goss

Patrick Goss is the ex-Editor in Chief of TechRadar. Patrick was a passionate and experienced journalist, and he has been lucky enough to work on some of the finest online properties on the planet, building audiences everywhere and establishing himself at the forefront of digital content.  After a long stint as the boss at TechRadar, Patrick has now moved on to a role with Apple, where he is the Managing Editor for the App Store in the UK.