This method is used to trick the threat into thinking that it's being analyzed
According to researchers from F-Secure, there’s a clever way to protect yourself against the Shakespearian malware known as Shylock. By disabling the Smart Card service from the operating system’s control panel, you can ensure that the threat doesn’t infect your computer.It turns out that when it’s downloaded onto a device, Shylock performs a number of checks to ensure that it hasn’t actually landed in a virtual environment set up by researchers for malware analysis purposes.
It checks the size of the hard drive, memory, and the presence of the Smart Card service. If the memory’s size is less than 256 megabytes, if the hard drive’s size is less than 12 gigabytes, or if the Smart Card service is not active, it quits.
The malware’s masters know that most users don’t bother to deactivate their Smart Card service, despite the fact that they probably never utilized it. That’s why if the Smart Card is not active, the malware automatically assumes that it’s being debugged by security researchers, so it quits.
Experts advise users to deactivate their Smart Card services not only to protect themselves against Shylock, but also to free up some computing resources.
The service can be disabled by accessing the Control Panel, Administrative Tools, and Services.