Comment Re:Broken test? (Score 1) 63
Sure, sometimes keygens are trojans as well, but those are covered under the heading "virus". Most anti-virus software also detects perfectly harmless keygens these days, supposedly to "protect" the user from "accidentally" generating a key and pirating software.
Actually, most keygens people run into are infested with malware - Trojans and viruses and all that. Usually they're wrapped with a "dropper" application - run the keygen, and the dropper downloads the malware then launches the keygen.
The reason for this is infecting installations is a bit more difficult these days - since a lot of software is already downloadable the companies behind them sign the executable. So when you launch the installer, Windows pops up the nice message about the file and it's all signed and everything. Of course, since keygens are rarely signed, if they've been altered it's impossible for the user to tell.
The money involved in the malware trade is sufficient enough that they basically crowd out the sites that actually offer clean keygens.
Cracks, too. At least with keygens you can reasonably run them in a VM to get a serial number without infecting your PC, but cracks have to be run on the live installation, making them an ideal target for malware authors.
Stuff like drive-by-downloads generally aren't used much - between enhanced browser security, elimination of Java or Flash plugins, it's a lot harder to spread malware. But a good keygen or crack for a popular application and you can easily spread CryptoWall around and get $500 from a lot of users.