• bleistift2@feddit.de
    link
    fedilink
    English
    arrow-up
    32
    ·
    edit-2
    1 year ago

    In general, a compromised system may be running any software the attacker might find useful, including, but not limited to:

    • keyloggers to find passwords that are in use in the company
    • software to copy sensitive files to a remote server
    • software to encrypt the system itself or (if the computer has access to other machines on the network) other computers
    • produce documents (think, mail) that purport to have been created by the user of the corrupted machine.