CompTIA Security+ Study Guide Chapter 3: Malicious Code

Malware

Malware

A wide range of software that is intentionally designed to cause harm to systems and devices, networks, or users. It can also gather information, provide illicit access, and take a broad range of actions that the legitimate owner of a system or network may not want to occur.

Ransomware

Malware that takes over a computer and then demands a ransom. ex. Crypto Malware

Trojans

Type of malware that is typically disguised as legitimate software.

Worms

Malware that can spread by itself through email attachments, network file shares, or other methods as well.

Rootkits

Malware that is specifically designed to allow attackers to access a system through a backdoor.

Backdoors

Methods or tools that provide access that bypass normal authentication and authorization procedures, allowing attackers access to systems, devices, or applications.

Bots

Remotely controlled systems or devices that have a malware infection.

Botnets

Group of bots.

Command and Control (C&C)

Core of a botnet. They allow attackers to manage the botnet and have a broad range of capabilities that can help attackers steal data, conduct DDOS attacks on a massive scale, deploy and update additional malware capabilities, and respond to attempts by defenders to protect their network.

Keyloggers

Programs that capture keystrokes from keyboards, although keylogger applications may also capture other input like mouse movement, touchscreen inputs, or credit card swipes from attached devices.

Logic Bombs

Functions or code that are placed inside other programs that will activate when set conditions are met. ex. Specific date or Set of Conditions

Viruses

Malicious programs that self-copy and self-replicate. Requires one ore more infection mechanisms that they use to spread themselves, typically paired with some form os search capability to find new places to spread to. Also typically have both a trigger, and a payload.

Fileless Virus

Similar to traditional viruses in a number of critical ways. Spread through spam email and malicious websites. Exploits flaws in browser plug-ins and web browsers themselves. They inject themselves into memory and do not require local file storage.

Spyware

Malware that is designed to obtain information about an individual, organization, or system. Many track users browsing habits, installed software, or similar information and report it back to central servers. Can also tap into web cameras.

Potentially Unwanted Programs (PUPs)

Programs that may not be wanted by the user but are not as dangerous as other types of malware. Typically installed without the user's awareness or as part of a software bundle.

Adversarial Artificial Intelligence

A developing field where artificial intelligence (AI) is used by attackers for malicious purposes. The focus of these attacks currently tends to deal with data poisoning, providing security and analytic AI and ML algorithms with adversarial input that serves the attackers purposes.