http://blog.webroot.com/2010/05/20/game-phishing-trojan-uses-directx-to-launch-itself/ WEBROOT - INSIGHTS INTO THREATS AND TRENDS FROM OUR INTERNET SECURITY EXPERTS Thu, 23 May 2013 07:00:37 +0000 hourly 1 http://wordpress.com/ http://blog.webroot.com/2010/05/20/game-phishing-trojan-uses-directx-to-launch-itself/#comment-2206 Fri, 22 Oct 2010 20:23:17 +0000 http://blog.webroot.com/?p=2698#comment-2206 [...] One technique that emerged this year ties the malicious keylogger to one or more of Microsoft’s DirectX libraries. DirectX is the engine in Windows that most 3D games use to render graphics, play sound effects, and manage game controllers. Trojans that hook into DirectX always load when DirectX is in use, and since DirectX is always loaded when you play a game, it means the “sleeper cell” game phishing Trojan doesn’t wake up and do its job until you’re playing a game. We published a definition in May, Trojan-PWS-Cashcab, which defeats this technique, and you can also simply reinstall DirectX over the top of itself to break the infection. [...]

]]>