Section 6 Malware

Malware

any software that is used to do harm

Attack Vector

Method used by an attacker to gain access to a victim's machine in order to infect it with malware

virus

malicious software that attaches to clean files and spreads into a computer system

Ransomware

Software that encrypts programs and data until a ransom is paid to remove it.

Rootkits

Malicious tools that hide their activities and operate at the OS level to allow for ongoing privileged access

Backdoors

Malicious means of bypassing normal authentication processes to gain unauthorized access to a system

logic bombs

an instruction in a computer program that triggers a malicious act

Bloatware

Unnecessary or preinstalled software that consumes system resources in space, without offering any value to the user

name the different viruses

boot sector

macro virus

program virus

multipartite virus

encrypted virus

polymorphic virus

metamorphic virus

stealth virus

armored virus

hoax

Boot Sector Virus

Stored in the first sector of a hard drive, and instead loaded in the memory whenever the computer boots up

- difficult to detect

macro virus

A form of virus that infects the data files of commonly used applications such as word processors and spreadsheets.

program virus

Tries to find executable's or application files to infect with their malicious code

Multipartite Virus

Combination of a boot sector type virus and a program virus

Encrypted Virus

Designed to hide itself from being detected by encrypting its malicious code or payloads to avoid detection by any antivirus software

polymorphic virus

Advanced version of an encrypted virus that changes itself every time it is executed by altering the decryption module to avoid detection

Metamorphic Virus

Able to rewrite itself entirely before it attempts to infect a given file

- more advanced version of polymorphic

Stealth Virus

Not necessarily a specific type of virus as much as it is a technique used to prevent the virus from being detected by antivirus software

Armored Virus

Have a layer of protection to confuse a program or a person who's trying to analyze it

hoax

A form of technical social engineering that attempts to scare end-users into taking undesirable action on their system

Worms

standalone malware computer program that replicates itself in order to spread to other computers

-can infect the workstation and other computing assets

- can cause ddos

- spreading far and wide over the internet

which was the largest worm?

conficker

Trojan

A piece of malicious software that is disguised as a piece of harmless or desirable software

how to prevent ransomware?

-conducting regular backups

-installing regular software updates

-providing security awareness training

-implementing multi-factor authentication for the systems

Botnet

a network of powerful and dangerous hijacked computers that are used to attack systems or spread malware

Zombies

Computers that have been taken control by hackers

DLL injection

Technique used to run arbitrary code within the address space of another process by forcing it to load a dynamic link library