A day in the life of a white hat hacker

"And if we open this file then we should see their credit card number," says PrevX's Jacques Erasmus as he clicks on the encrypted text file that has just appeared on his laptop screen – he's not wrong.

In the course of a couple of hours Erasmus has shown me how to get the software that can force its way into people's computers, told me how much it costs and given a demonstration of just how simple it is to use.

South African born Erasmus has been a hacker for his entire professional life, but insists that since he turned 17 and got a job testing out company security, he has been a force against cyber-crime.

His job title with PrevX is Director of Malware Research, but his business card may as well read 'white hat hacker'. It's his day job to replicate what cyber-criminals are doing so that he can stay ahead of the curve and keep PrevX customers safe.

Learning the tricks

Within minutes of sitting down with Erasmus, under the watchful eye of an affable PR man (or 'mother' as Erasmus refers to him several times through the day), the hacker is modifying simple text files and installing some cutting-edge cyber-crime tools.

"It's not as hard to get as you would think," he explains. "If you have the money and someone to vouch for you, you can get hold of this particular program fairly quickly."

Erasmus spends a few minutes tinkering with a text file as he tries to get things working, occasionally glancing up at the big screen that he's using for our visit.

Something is clearly broken, but after a few minutes the problem is tracked down to a missing symbol. Erasmus looks a little sheepish, admitting: "every time I do a demonstration something like this happens."

He needn't worry – the software itself is a lot less complicated that we'd have believed, but seeing him use it shows just how au fait he is with the insidious tools of the trade.

Exploiting a PDF

Soon enough, Erasmus has set up a working website loaded with a .pdf exploit that has a chance of breaking into PCs running the popular Adobe plug-in without the latest security updates.

"Using a .pdf exploit is by far the most common route into people's machines at the moment," he says. "It's a numbers game, but I'd say around one in three of the PCs that visit this site with old Acrobat software will get infected."

The exploit is simple. It opens a back door into the target PC that allows the installation of all manner of malware, most of which is more than capable of stealing passwords, personal information and bank account details. It also leaves the computer open for the hacker to use as part of a bot-net of machines.

Erasmus displays this technique by visiting a site he knows is positively leprous with malware and showing us the files that are run when the computer's security is compromised.

"The first thing that a cyber-criminal does is install what amounts to anti-virus software," he says as the laptop becomes flooded with malware. "The last thing he wants is for another hacker to get their software on the machine and take it away from him."

The sheer number of programs infecting our test laptop brings it quickly to its knees.

'It's all brute force'

"That's bad for them," points out Erasmus. "If the malware breaks the machine it's no good for anyone and if its performance is affected by that much then people will get suspicious and not do their online banking or put in personal details."