Which malware remains inactive until a financial transaction occurs and can modify registry entries on startup?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which malware remains inactive until a financial transaction occurs and can modify registry entries on startup?

Explanation:
Form grabber malware is designed to target online banking by waiting for a banking transaction to begin, then capturing the data entered into forms. It often uses persistence mechanisms, such as modifying registry entries that run on startup, so it stays resident and ready to intercept data across reboots or future sessions. This combination—dormant until a financial transaction is attempted and the ability to set startup persistence—fits the scenario described: it remains inactive until a financial action occurs, then can grab sensitive form data and keep itself active by modifying startup registry keys. HTML injection isn’t a standalone program that sits dormant; it’s a web vulnerability that can be exploited to alter pages. Dreambot Trojans are banking trojans with various capabilities, but the specific behavior of staying idle until a transaction and using startup registry changes for persistence points most directly to form grabbers. E-banking trojans cover a broad category of banking-focused malware, but the described dormant-in-w anticipation with startup persistence aligns best with form grabber behavior.

Form grabber malware is designed to target online banking by waiting for a banking transaction to begin, then capturing the data entered into forms. It often uses persistence mechanisms, such as modifying registry entries that run on startup, so it stays resident and ready to intercept data across reboots or future sessions. This combination—dormant until a financial transaction is attempted and the ability to set startup persistence—fits the scenario described: it remains inactive until a financial action occurs, then can grab sensitive form data and keep itself active by modifying startup registry keys.

HTML injection isn’t a standalone program that sits dormant; it’s a web vulnerability that can be exploited to alter pages. Dreambot Trojans are banking trojans with various capabilities, but the specific behavior of staying idle until a transaction and using startup registry changes for persistence points most directly to form grabbers. E-banking trojans cover a broad category of banking-focused malware, but the described dormant-in-w anticipation with startup persistence aligns best with form grabber behavior.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy