Which malware remains dormant until the user performs an online financial transaction and edits registry entries at startup?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which malware remains dormant until the user performs an online financial transaction and edits registry entries at startup?

Explanation:
This item is about how form grabbing malware operates. Form grabbing is designed to lie dormant on a system and only activates when you engage in an online financial transaction, intercepting data as you submit banking forms. It often achieves persistence by editing startup registry entries so it loads with Windows and stays resident across reboots. When you initiate a financial transaction, the malware hooks into the browser or intercepts the form submission to capture the data you enter, such as credentials or card details, before it’s sent to the bank. That combination of activation timing during online banking and startup persistence through registry edits is what characterizes this type of threat. The other options describe different attack vectors: POS Trojans target card data at point-of-sale terminals, GlitchPOS is a POS-focused family, and Dreambot Trojans are banking trojans that may use web injects and credential theft but aren’t defined by hiding until a financial transaction with startup registry persistence in the same way form grabbers are.

This item is about how form grabbing malware operates. Form grabbing is designed to lie dormant on a system and only activates when you engage in an online financial transaction, intercepting data as you submit banking forms. It often achieves persistence by editing startup registry entries so it loads with Windows and stays resident across reboots. When you initiate a financial transaction, the malware hooks into the browser or intercepts the form submission to capture the data you enter, such as credentials or card details, before it’s sent to the bank. That combination of activation timing during online banking and startup persistence through registry edits is what characterizes this type of threat.

The other options describe different attack vectors: POS Trojans target card data at point-of-sale terminals, GlitchPOS is a POS-focused family, and Dreambot Trojans are banking trojans that may use web injects and credential theft but aren’t defined by hiding until a financial transaction with startup registry persistence in the same way form grabbers are.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy