主权项 |
1. A method comprising:
accessing, by a client device, a service on a first server system; recording, by the client device in a memory device operably coupled thereto, a first record of the accessing of the service on the first server, the first record including an identifier of the first server system and a first description of the accessing of the service; receiving, by the client device, a second record referencing a second server system and a second description mimicking the first description, the second server system implementing services and monitoring functions operable to gather data with respect to unauthorized code accessing the second server system; recording, by the client device, the second record in the memory device; accessing, by the client device using a malicious code module one of accessing and executing on the client device, the second record; accessing, by the malicious code module executing on one of the client device and another device, the second server system using data contained in the second record; monitoring, by the second server, activities of the malicious code module with respect to the second server; and characterizing, by the second server system, the malicious code module according to the monitoring of the activities of the malicious code module; wherein accessing, by the client device, the service on the first server system comprises authenticating the client device with the service on the first server system; and wherein recording the first record in the memory device comprises receiving a first credential for automatically authenticating the client device with the service on the first server system and storing the first credential in the memory device; and wherein the second record is a second credential mimicking data contained in the first credential but referencing the second server. |