Category Archives: Uncategorized

Malware

Published by:

Malware

There are many types of threats created to disrupt computers and networks. The greatest and most common threat for computers and the data contained on them is malware.

Sources of Malware

Malware is software developed by cybercriminals to perform malicious acts. In fact, the word malware is an abbreviation of malicious software.

Malware is typically installed on a computer without user knowledge. Once a host is infected, the malware could:

  • Change the computer configuration.
  • Delete files or corrupt hard drives.
  • Collect information stored on the computer without the user’s consent.
  • Open extra windows on the computer or redirect the browser.

How does malware get on your computer? Cybercriminals use a variety of methods such as those listed in the figure to infect hosts.

Depending on their goals, cybercriminals will use different types of malware. The choice of malware depends on the target and what they are after.

Non-compliant and legacy systems are especially vulnerable to software exploitations. A non-compliant system is one which has not been updated with operating system or application patches or missing antivirus and firewall security software. Legacy systems are those which the vendor no longer provides support or fixes for vulnerabilities.

This image is a text list of 9 sources of malware: user visiting infected website, user has outdated antivirus software, web browser not patched for new vulnerability, downloading a “free” program, opening unsolicited email, exchanging files on file sharing sites, computer infected by another infected host, opening attachments sent in instant messenger, social media, etc., insert a USB stick that you found in a public area

Viruses and Trojan Horses

The first and most common type of computer malware is a virus. Viruses require human action to propagate and infect other computers. For example, a virus can infect a computer when a victim opens an email attachment, opens a file on a USB drive, or downloads a file.

The virus hides by attaching itself to computer code, software, or documents on the computer. When opened, the virus executes and infects the computer. Figure 1 lists examples of what can happen once a virus has infected a host. Modern viruses are developed for specific nefarious intent such as those listed in Figure 2.

Cybercriminals also use Trojan horses to compromise hosts. A Trojan horse is a program that looks useful but also carries malicious code. Trojan horses are often provided with free online programs such as computer games. Unsuspecting users download and install the game, installing the Trojan malware.

There are several types of Trojan horses as described in Figure 3.

Viruses and Trojan horses are only two types of malware that cybercriminals use. There are many other types of malware that have been designed for specific purposes.

To fix some issues caused by viruses, it may be necessary to boot the computer using the Windows product disk and then use the Windows Recovery Console, which replaces the recovery console from Windows 2000, to run commands from a “clean” command environment. The Recovery Console is able to perform functions such as repairing the boot file and writing a new master boot record or volume boot record.

There are 3 figures on the page. Figure 1: Is a list about viruses. Viruses can: alter, corrupt, delete files, or erase entire computer drives, cause computer booting issues, corrupt applications, capture and send sensitive information to attackers, access and use email accounts to spread, and lay dormant until summoned by the attacker. Figure 2: Is a table with two columns. First column for the Type of Virus, second column for its Description. Row 1. Boot sector virus description, virus attacks the boot sector, file partition table, or file system. Row 2. Firmware viruses description, virus attacks the device firmware. Row 3. Macro virus description, virus uses the MS Office macro feature maliciously. Row 4. Program viruses description, virus inserts itself in another executable program. Row 5. Script viruses description, virus attacks the OS interpreter which is used to execute scripts. Figure 3: Is a table with two columns. First column for the Type of Trojan Horse, second column for its Description. Row 1. Remote-access description, trojan enables unauthorized remote access. Row 2. Data-sending description, trojan provides the attacker with sensitive data, such as passwords. Row 3. Destructive description, Trojan corrupts or deletes files. Row 4. Proxy description, trojan will use the victim’s computer as the source device to launch attacks and perform other illegal activities. Row 5. FTP description, trojan enables unauthorized file transfer services on end devices. Row 6. Security software disabler description, trojan stops antivirus programs or firewalls from functioning. Row 7. Denial of Service (DoS) description, trojan slows or halts network activity. Row 8. Keylogger description, trojan actively attempts to steal confidential information, such as credit card numbers, by recording keystrokes entered into a web form.