We see a lot of compromised environments every year. In 2008 alone, we performed full forensic investigations on over 150 different environments ranging from financial institutions, hotels, restaurants and even some casinos not too far from DEF CON. This presentation will show the inner workings of three very interesting pieces of malware, ranging from somewhat simple to very complex. Each sample was actually used to steal confidential data that resulted in significant fraud and business loss for the organizations we found them at. Many of the pieces of malware we have been running across are very advanced pieces of software written by very skilled developers. The complexity in their propagation, control channels, and data exporting properties will be very interesting to anyone interested in this topic.