MALWARE SCIENCE
IF YOU UNDERSTAND ANY OF THIS PAGE THEN YOU ARE DOING WELL!
Adware
Adware is software that presents highly visible banner ads or pop-up windows in a web browser.
Those advertising spots usually can't be removed and are always visible.
The adware may monitor the websites visited to make conclusions about the people using the computer in order to display more personalised advertising.
Backdoors
Computer systems have security systems built in but a backdoor is a way to gain access to a computer by going around the normal computer access security mechanisms.
A backdoor is like someone sneaking in to a building to let other people in the backdoor whenever they like. The other people in this case are criminal computer hackers. An open backdoor will give the criminal complete access to all the information stored or processed by the computer. Backdoors are often used to bring in even more malware such as botnet software.
Boot viruses
The master boot record of a hard disk is the first thing that most computers access after powering up.
The boot or master boot sector of hard drives is mainly infected by boot sector viruses. They overwrite important information necessary for the system execution.
One of the awkward consequences: the computer system cannot be loaded any more…
Bot-Net
A Bot-Net is a large collection of internet connected computers infected with malware that is being co-ordniated by a criminal organisation.
Bot-Nets serve various purposes:
- Denial-of-service attacks for political or industrial sabotage
- spam email
- co-ordinated brute force password cracking
- click fraud
The main potential of Bot-Nets is that with so many computers under central control the criminal enterprise has access to much greater network resources than usually possible.
Article about botnets
Dialer
A dialer is a computer program that establishes a connection to another computer through a dialup modem connection on a standard telephone line.
The telephone number dialled will be a premium rate service which is charged to the phone bill. The fraudsters are usually located in other countries.
This type of malware is not so common since broadband connections have become the norm.
Exploit
An exploit (vulnerability) is a computer code that takes advantage of a bug, glitch or vulnerability in a computer system which can be used to circumvent low-level system security.
Software such as web browsers and plugins such as java, adobe flash and acrobat are often updated to address security exploits.
Grayware
Grayware operates in a way similar to malware, but it is not spread to harm the users directly. It does not affect the system functionality as such. Mostly, information on the patterns of use is collected in order to either sell collected data or to place advertisements systematically.
Keystroke logging
Keystroke leggers are originally a diagnostic tool used in software development that captures the user's keystrokes. It can be useful to determine sources of error in computer systems and is sometimes used to measure employee productivity on certain clerical tasks.
BUT if a criminal secretly adds a key logger is to a computer via a trojan or backdoor it can also be used to grab passwords and credit card details as they are input, which will be later sent back to a central server.
Macro viruses
About 10 years ago these type of virus caused huge problems for businesses. They spread very quickly through email systems and were often quite destructive.
Even 10 years on, many businesses will not open email attachments containing certain types of files because they fear a repeat of the chaos caused.
When using office software Macros can be used to automate repetive taks. Macros are a type of computer programming language.
Polymorph viruses
Polymorph viruses are the real masters of disguise. They change their own programming codes - and are therefore very hard to detect.
Program viruses
A computer virus is a program that is capable to attach itself to other programs after being executed and cause an infection. Viruses multiply themselves unlike Trojans.
In contrast to a worm, a virus always requires a program as host, where the virus deposits his virulent code. The program execution of the host itself is not changed as a rule.
Scareware
The term scareware refers to software which has been designed with the intent to cause anxiety or panic.
The victim could be tricked and feels threatened and usually accepts an offer to pay and have the inexistent threat removed.
In some cases the victim is seduced to cause the attack himself by making him think this intervention will successfully remove the threat.
This is currently a very common malware and usually presnts in the form of fake anti-virus software. The user is told their computer is infected with many viruses and they need to take action to remove them. They are offerered a soulution by the scareware in exchange for £30.00 - £50.00 paid for with a credit card.
If the computer user refuses to pay then the scare tactics get increasingly severe and the computer is rendered more and more useless with each day.
If the user pays up, the money is simply stolen as no solution is provided. the machine remains un-useable.
the user will be very lucky if their credit card wont be maxed out.
an article about scareware
Script viruses
Such viruses are extremely easy to program and are similar to macro viruses - they use built in script programming languages such as visual basic to carry out their work.
They are often used to open up existing security issues in software that has not been updated with security patches. see exploits.
Worms
A worm is a program that copies itself across a network with or without user assistance. Worms are used to add backdoors to computers, create bot computers or simply be used as a prank.
Spyware
Spyware are so called spy programs that intercept or take partial control of a computer's operation without the user's informed consent.
Spyware is designed to expolit infected computers for commerical gain.
Typical tactics furthering this goal include delivery of unsolicited pop-up advertisements.
Trojan horses (short Trojans)
Just like in the story of Troy - a gift is offered which contains a nasty surprise. Often free things are offerered on the internet - there is alot of perfectly legitimate free stufff on the net.
But sometimes its not legitimate and the nasty surprise is the trojan.
Often the offer is of free software, music or video which wouldn't normally be free. This might be on a website or more commonly through peer to peer filesharing networks.
ONce installed the trojan can do as it wishes, for example, format the hard drive, open backdoors, install keyloggers, set up a zombie bot or delete/ damage files
peer to peer filesharing
Zombie
A Zombie-PC is a computer that is infected as part of a bot net with malware programs and that enables hackers to abuse computers via remote control for criminal purposes. The affected PC, for example, can start Denial-of-Service- (DoS) attacks at command or send spam and phishing emails.
http://en.wikipedia.org/wiki/Zombie_computer