Thursday, December 29, 2011

Malware Types

Malware Type:  Virus
Define
It is a computer program designed to infect files. When they enter a system, without the user’s consent or knowledge, they are normally hosted within the code of other programs. The virus does not act until the infected program is run. Some of them are programmed to activate when a certain condition is met (a specific date, a certain user action, etc.).
Modes of infection
Viruses normally target executable programs (files with .EXE or .COM extensions). However, they can also infect other types of files, such as web pages (.HTML), Word documents (.DOC), spread sheets (.XLS), etc.
Self-Replicating
Damages Computer
Remote Access
Causes Spam/pop ups
Steals Data
Yes
Yes
No
No
No

Malware Type: Worms
Define
Worms are programs that make copies of themselves in different places on a computer. The objective of this type of malware is usually to saturate computers and networks, preventing them from being used. Unlike viruses, worms don’t infect files.
Modes of infection
The main objective of worms is to spread and infect as many computers as possible. They do this by creating copies of themselves on infected computers, which then spread to other computers by several channels including email, P2P programs and instant messaging, among others.

Worms often use social engineering techniques. To do so, malware creators use attractive names to camouflage the malicious files. Most of these names relate to sex, famous people, pirate software, current affairs or generally try to appeal to people’s morbid curiosity.
Self-Replicating
Damages Computer
Remote Access
Cause Spam/pop ups
Steals Data
Yes
Yes
No
No
No

Malware Type: Trojans
Define
Programs that carry out unauthorized actions on computers, such as deleting information on drives, making the system hang, stealing confidential information, etc. This class of malicious program is not a virus in the traditional sense of the word (meaning it does not infect other computers or data). Trojans cannot break into computers on their own and are spread by hackers, who disguise them as regular software. The damage that they incur can exceed that done by traditional virus attacks by several fold.
Modes of infection
The effects of Trojans can be highly dangerous. Like viruses, they can destroy files or information on hard disks. They can also capture and resend confidential data to an external address or open communication ports, allowing an intruder to control the computer remotely. Additionally, they can capture keystrokes or record passwords entered by users. Given all these characteristics, they are frequently used by cyber-crooks, for example, to steal confidential banking information.
Self-Replicating
Damage Computer
Remote Access
Cause Spam/pop ups
Steals Data
No
Rarely
No
Usually/sometimes
Yes

Malware Type: Spyware
Define
Software that collects information about a particular user or organization without their knowledge. You might never guess that you have spyware installed on your computer.
Modes of infection
Spy programs are created by cyber-crooks, who sell them on the black market to be used in online fraud and other cyber-crime.
Self-Replicating
Damages Computer
Remote Access
Causes Spam/pop ups
Steals Data
No
No
No
Yes
No

Malware Type: Backdoors
Define
A back door is an undocumented way of accessing a system, bypassing the normal authentication mechanisms. Some back doors are placed in the software by the original programmer and others are placed on systems through a system compromise, such as a virus or worm. Usually, attackers use back doors for easier and continued access to a system after it has been compromised.
Modes of infection
Through Trojan Horse and Worms
Self-Replicating
Damages Computer
Remote Access
Causes Spam/pop ups
Steals Data
No
Rarely
Yes
No
Yes

Malware Type: Exploit
Define
An exploit is a piece of software, a command, or a methodology that attacks particular security vulnerability. Exploits are not always malicious in intent—they are sometimes used only as a way of demonstrating that vulnerability exists. However, they are a common component of malware.
Modes of infection
Through Security Holes in software
Self-Replicating
Damages Computer
Remote Access
Causes Spam/pop ups
Steals Data
No
Yes
No
Rarely
No

Malware Type: Root Kit
Define
Utilities used to conceal malicious activity. They mask malicious programs to keep anti-virus programs from detecting them.  Rootkits modify the operating system on the computer and alter its basic functions to hide its own existence and actions that the hacker undertakes on the infected computer.
Modes of infection
Through Security Holes in software
Self-Replicating
Damages Computer
Remote Access
Causes Spam/pop ups
Steals Data
Yes
Yes
Yes
No
Yes

Malware Type: Key Loggers
Define
Key loggers are a especially malicious type of malware. They have been designed to log all the keystrokes you make and then to send the information back to the creator.
Modes of infection
Through Trojan horse or by physically installing the hardware key logger
Self-Replicating
Damages Computer
Remote Access
Causes Spam/pop ups
Steals Data
No
No
Yes
No
Yes