210 likes | 297 Views
Types of Computer Malware. The first macro virus was written for Microsoft Word and was discovered in August 1995. Today, there are thousands of macro viruses in existence—some examples are WM.concept, Melissa and Nimda.
E N D
The first macro virus was written for Microsoft Word and was discovered in August 1995. Today, there are thousands of macro viruses in existence—some examples are WM.concept, Melissa and Nimda
A logic bomb employs a code that lies hidden until specific conditions are met. When that condition happens, it will trigger a certain function such as deleting files, flashing messages on the screen, etc. Logic bombs may be found in single programs, or they may be part of a worm or virus.
An example of a logic bomb would be a virus that waits to execute until it has infected a certain number of hosts. Each infection counts down to the trigger. A time bomb is a subset of logic bomb, which is set to trigger on a particular date, such as the infamous ‘Friday the 13th’ virus.
The boot sector is where your computer looks to read your operating system. By inserting its code into the boot sector, a virus guarantees that it loads into memory during every boot sequence. A boot virus does not affect files; instead, it affects the disks that contain them. In the 1980’s boot sector viruses were common and spread rapidly from one computer to another via floppy disks.
With the invention of the CD-ROM, it became virtually impossible to infect read-only CDs. Though boot viruses still exist, they are much less common than in the 1980s. Today’s operating systems do not allow ordinary programs to write to the boot sector. Examples of boot viruses are Polyboot.B and AntiEXE.
A worm is a small piece of software that uses computer networks and security holes in software to replicate and spread itself. • A copy of the worm scans the network for another machine that has a specific security hole. • It copies itself to the new machine and continues replicating from there
Unlike a virus, it does not need to attach itself to an existing program. Worms harm the network (if for no other reason than by consuming bandwidth). There are several types of Worms, including the Email Worm, Instant messaging worms, IRC worms, File-sharing networks worms, and Internet Worms.
Email worms are spread via email messages. The worm will arrive as email, where the message body or attachment contains the worm code. The email may also provide a link to a code on a website. Most email systems requires the user to open an attachment to activate the worm, but "social engineering" can often successfully be used to encourage this.
Once activated the worm will email itself using either a local email service, such as Microsoft Outlook, or Windows MAPI functions, or directly using SMTP. The addresses it sends to are often taken from the infected computers email address list. Worms using SMTP can even fake the sender's address.
With E-mail viruses defense is mostly discipline. Never double-click on an attachment that contains an executable program. A file with an extension like .EXE, .COM or .VBS is an executable and an executable can do all sorts of damage. Attachments that come in as Word files (.DOC), spreadsheets (.XLS), images (.GIF and .JPG), etc., are data files, and they can do no damage except for the macro virus problem in Word and Excel documents.
Trojan horses may appear to be useful application or an interesting game to an naive user, but they are indeed harmful when executed.
There are two common types of Trojan horses. One is a useful piece of software that has been corrupted by a hacker. This person inserts malicious code into the program that executes while the program is used. The other is a standalone program that masquerades as something it is not. Perhaps a game or image file, but when opened, the malicious code carries out its objective.
A keylogger is a diagnostic program used in software development that captures the user's keystrokes. It can be useful in finding errors in computer systems and can be used to measure an employee’s productivity on clerical tasks. It is even useful for law enforcement purposes.
In the hands of a hacker, it can be dangerous. One can obtaining passwords or encryption keys without a user’s knowledge. Keyloggers are widely available on the internet and can be used by anyone for the purpose of gaining passwords, data, etc.
One way of stealing money from the owner of an infected PC is to take control of the modem and dial an expensive toll call. Auto-Dialer software dials up a premium-rate telephone number such as a "900 number" and leaves the line open charging the toll to the infected user.
Sentinels are highly advanced viruses capable of giving the programmer of the virus remote access to the computers that are infected. They are used to form large networks of slave, or zombie computers which can be used for malicious purposes such as a Distributed Denial of Service attack.
A Distributed Denial of Service attack occurs when all the zombies attempt to contact a server at the same time. The barrage of incoming requests overloads the server’s capabilities, and legitimate users are denied access.