1 / 0

Group 2

Group 2. Mubeen Iqbal Ali Jawad Mumtaz Ali Beenish Khokhar. Malware. What is it and it’s V arious Types. What this talk is about?. What is Malware? Purpose of Malwares Different Types of Malware Infectious Malware Viruses Worms Concealment Malware Trojan Horses Rootkits

fred
Download Presentation

Group 2

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Group 2 MubeenIqbal Ali Jawad Mumtaz Ali BeenishKhokhar
  2. Malware

    What is it and it’s Various Types
  3. What this talk is about? What is Malware? Purpose of Malwares Different Types of Malware Infectious Malware Viruses Worms Concealment Malware Trojan Horses Rootkits Backdoors
  4. What this talk is about? Malwares for Profit Spyware Botnets Keystroke Logging Web Threats Dialers Vulnerability to Malware Grayware (Annoying Malware) Adware Web and Spam Phishing
  5. What Is Malware?
  6. What is Malware? The word Malware is short for malicious software. The term malware is a general term used to refer to different types of hostile, damaging and/or annoying software or code. The term “computer virus” is sometimes used as a catch-all phrase to include all types of malware, including true viruses. Malicious Software
  7. Purpose of Malware The early infectious programs were written as experiments which were generally intended to be harmless and caused no serious damage. Young programmers wrote them for the sole purpose of learning and to see how far they could spread. Widespread viruses appeared to have chiefly been written as pranks as late as 1999.
  8. Types of Malware

  9. Infectious Malware

  10. Viruses

    Infectious Malware
  11. Types of MalwareInfectious Malware - Viruses Why is a computer virus called a “virus”?
  12. Types of MalwareInfectious Malware - Viruses Because Like biological viruses, the computer viruses can only reside on a host.
  13. Types of MalwareInfectious Malware - Viruses Because Viruses have the ability to infect another machine when transferred to it through a medium.
  14. Types of MalwareInfectious Malware - Viruses Because Like biological viruses, the computer viruses can multiply.
  15. Types of MalwareInfectious Malware- Viruses A computer virus is a computer program that can “copy” itself and infect a computer. The term virus is commonly used to refer to other types of malware that do not have the reproductive ability (they are not true viruses). The best-known type of malware. Known for the manner in which they spread. Viruses may also contain payload which are often malicious. Requires user intervention to spread. A true virus can only spread from one machine to the other when its host is taken to the target computer in some form of “executable” code.
  16. Types of Viruses
  17. Viruses – Types of Viruses Nonresident Viruses They search for other hosts that can be infected, infect the target, and finally transfer control to the application program they infected. Resident Viruses They load themselves into memory on execution and transfer control to the host program. The virus stays active in the background and infects new hosts when they are accessed by other programs or the operating system itself.
  18. Viruses – Types of Viruses Resident viruses are subdivided into fast infectors and slow infectors. Fast Infectors Designed to infect as many files as possible. Can infect every potential host file that is accessed. Rely on their fast infection rate to spread. Disadvantage: Infecting many files may make detection more likely, probably, by slowing down the computer. Slow Infectors Designed to infect the hosts infrequently and to avoid detection by limiting their actions. Are less likely to slow down the computer, therefore, are less likely to be detected. This approach does not seem very successful.
  19. Stealth
  20. Viruses - Stealth Some viruses try to trick antivirus software by intercepting its request to the operating system. Viruses hide themselves by intercepting the antivirus software’s request to read the file and do not let the request to be passed to the operating system. The virus then returns a response to the antivirus software displaying it as an uninfected version of file. This makes the antivirus software to see the file as “clean”. The only completely reliable method to avoid stealth is to boot from a medium that is known to be clean.
  21. Worms

    Infectious Malware
  22. Types of MalwareInfectious Malware - Worms Why is a computer worm called a “worm”? The term “worm” actually comes from a science fiction story called The Shockwave Rider written by John Brunner in 1975. In short, the story is about a (totalitarian) government that controls its citizens through a powerful computer network. A freedom fighter infests this network with a program called a “tapeworm” forcing the government to shut down the network, thereby destroy its base of power.
  23. Types of MalwareInfectious Malware - Worms Worms too are the best-known type of malware, as one are viruses. Like viruses worms too are known for the manner in which they spread. Like viruses worms too may carry payload which are often malicious. Worms are self-replicating programs. Worms use a network to send copies of itself to other nodes (computers on the network). Worms do not require user intervention to spread; they spread automatically. Worms do not need to attach themselves to an existing program. Worms almost always cause at least one harm to the network i.e. slowing it down by consuming bandwidth.
  24. Concealment Malware

  25. Trojan Horses

    Concealment Malware
  26. Types of MalwareConcealment Malware – Trojan Horses Why is a trojan horse called a “trojan horse”? The term is derived from the Trojan Horse story in Greek mythology. The Trojan Horse was disguised to be as a gift to the Romans but in reality it was the Greeks' trick upon the Romans in order to acquire victory upon them. The Trojan Horse was a disguised invasion in reality.
  27. Types of MalwareConcealment Malware – Trojan Horses Non-self-replicating malware. Appears to perform a desirable function for the user but instead facilitates unauthorized access to the user’s machine. Designed to allow a hacker remote access to a target computer. Require interaction with the hacker to fulfill their purpose. Trojan horses differ from viruses in that only a file specifically designed to carry it can do so. As of 2009 trojan-type malware is on the rise, accounting for 83% of all the global malware detected.
  28. Rootkits

    Concealment Malware
  29. Types of MalwareConcealment Malware - Rootkits Why are rootkits called “rootkits”? The term rootkit is originally referred to a maliciously modified set of administrative tools for a Unix-like operating system that granted root access.
  30. Types of MalwareConcealment Malware - Rootkits Modifies the host operating system so that the malware is hidden from the user. Prevent a malicious process from being visible in the system’s list of processes. The term is used more generally for concealment routines in a malicious program. A successfully-installed rootkit allows unauthorized users to maintain access as system administrators, and thus to take and keep full control of the “rooted” system. Contains routines to defend against removal; not merely to hide themselves, but to repel attempts to remove them. If a rootkit is detected, however, the only sure way to get rid of it is to completely erase the computer’s hard drive and reinstall the operating system.
  31. Backdoors

    Concealment Malware
  32. Types of MalwareConcealment Malware - Backdoors A method of bypassing normal authentication procedures. Once a system has been compromised (by one of the previously explained methods), one or more backdoors may be installed by the residing malware in order to allow easier access to the attacker. Backdoors may also be installed prior to malicious software, to allow attackers entry. Attackers typically use backdoors to secure remote access to a computer, attempting to remain hidden.
  33. Malware for Profit

  34. Spyware

    Malware for Profit
  35. Types of MalwareMalware for profit - Spyware Collects information about users without their knowledge. The presence of spyware is typically hidden from the user (that’s obvious though, why would it be called SPYware then!!!). Can show user pop-up ads. Can collect various types of personal information, such as internet surfing habits. Can interfere with user control of the computer, such as installing additional unwanted software and redirecting web browser activity. Can alter web browser behavior for the financial benefit of the spyware creator, such as redirecting search results to paid advertisements. Known to change computer settings.
  36. Botnets

    Malware for Profit
  37. Types of MalwareMalware for profit - Botnets Where does the term “botnet” come from? The term botnet is short for robotnetwork.
  38. Types of MalwareMalware for profit - Botnets The term botnet generally refers to a collection of compromised computers, called zombie computers, which are infected with a remotely controlled software. Botnets allow, a single, hacker to run automated programs on the zombie computers which are a part of the botnet, with out the knowledge and consent of the computers’ respective owners. The hacker can then use the botnet for many nefarious purposes, such as identity theft or fraud.
  39. Keystroke Logging

    Malware for Profit
  40. Types of MalwareMalware for profit – Keystroke Logging Keystroke logging, often called keylogging, is the practice of tracking (or logging) the keys pressed on a keyboard. The person using the keyboard, i.e. the computer’s owner, is kept unaware that their actions are being monitored. There are several types of keyloggers of which we will discuss only one: The software-based keyloggers Software keyloggers monitor, log and then transmit data from the target computer to the remote location (the hacker). The transmitted data can be: Uploaded to a website or database. Emailed periodically to a pre-defined email address, etc.
  41. Web threats

    Malware for Profit
  42. Types of MalwareMalware for profit – Web Threats A web threat is any threat that uses the internet to facilitate cybercrime. Use multiple types of malware and fraud all of which utilize HTTP and HTTPS protocols. May employ other web components, such as email, IM, malware attachments in emails, etc. One typical example is the nefarious network of botnets which runs using services from the world wide web.
  43. Dialers

    Malware for Profit
  44. Types of MalwareMalware for profit – Dialers Yet another way of stealing money form the infected PC owner. Takes control of the dial-up modem installed on the infected computer. Dials an expensive toll call. The attacker/hacker may sell the line to someone else for revenue. The toll is charged to the infected user.
  45. Vulnerability to Malware

  46. Vulnerability to Malware Various factors make a system more vulnerable to malware. Homogeneity: When all computers in a network run the same OS, upon exploiting one, one can exploit them all. Defects: Malware leveraging defects in the OS design. Unconfirmed Code: Code from a removable device may be executed without the user’s agreement. Over-privileged Users: Some systems allow all users to modify their internal structures. Over-privileged Code: Some system allow code executed by a user to access all rights of that user. Yet there are hundreds more, both explored and unexplored.
  47. Grayware

    Annoying Malware
  48. Grayware In general terms grayware is referred to such applications that behave in a manner that is annoying or undesirable. Yet grayware is less serious or troublesome than malware. Examples can be adware, joke programs, remote access tools, etc. The term “grayware” has been in use since at least as early as September 2004.
  49. Adware

    Grayware
  50. Types of GraywareAdware We will be discussing only one type of graywarei.e. Adware. Adware is software that displays advertising banners on Web browsers. Not necessarily categorized as malware. But still users consider adware invasive. Often create unwanted effects on a system, such as annoying popup ads and general degradation in either network connection or system performance, or both. Typically installed as separate programs that are bundled with certain free software.
  51. Web and Spam

    A Major Medium for Spreading Malware
  52. Web and Spam The World Wide Web is a criminals’ preferred pathway for spreading malware. Today web threats use combinations of malware to create infection chains. About one of ten webpages may contain malicious code.
  53. Phishing

    Web and Spam
  54. Phishing Phishing is the criminally fraudulent process of attempting to acquire sensitive information, such as usernames, passwords, credit card details, etc. The term come from the word “fishing” since in fishing bait is used to attract and trap fish. Same is the case in phishing. The technique is to bait the users by remaining disguised as trustworthy entity in an electronic communication. Once they are fooled, they give away certain critical and useful information.
  55. An Example of Phishing Email(disguised as an official email from a, fictional, bank)
  56. Facts about Malware

  57. Facts about MalwareLocation of Compromised Websites
  58. Facts about MalwareLocation of Malware Distributed Servers
  59. Facts about MalwareSome Facts! In 2007 more Malware was produced than in the previous 20 years. About one in ten web pages may contain malicious code. As of 2009 Trojan Horses account for 83% of all the global malware detected.
  60. Break Time!Watch a Video

  61. Thank You!

  62. Questions!?

More Related