Multipartite Viruses infect the boot sector or Master Boot Record and also infect program files.
Such a virus typically has two parts, one for each type.
When it infects an executable, it acts as an executable infector.
When it infects a boot sector, it works as a boot sector infector.
Such viruses come in through infected media and reside in memory then they move on to the boot sector of the hard drive. Form there, the virus infects executable files on the hard drive and spreads across the system.
Polymorphic Viruses change their own code each time they duplicate themselves.
In this way, each new copy is a variation of the original virus, in order to evade detection by antivirus software.
Polymorphic viruses encrypt or encode themselves in a different way (using different algorithms and encryption keys) every time they infect a system.
This makes it impossible for antivirus to find them using string or signature searches (because they are different in each encryption) and also enables them to create a large number of copies of themselves.
Some examples include: Elkern, Marburg, Satan Bug, Tuareg and Dark Avenger.
Both viruses cost organization and individuals billion of dollars
Mellissa virus spread in MS Word documents sent via e-mail
When the document was opened, the virus was triggered
Mellissa accessed the MS Outlook address book on that computer and automatically sent the infected Word attachment by e-mail to the first 50 people in the address book. Each time another person opened the attachment, the virus would send out another 50 messages.
The ILOVEYOU virus was sent as an attachment to an e-mail posing as a love letter.
The message in the e-mail said “Kindly check the attached love letter coming from abc”
A virus can only spread from one computer to another when its hosts is taken to the uninfected computer, for instance by a user sending it over a network or carrying it on a removable medium such as a floppy disk, CD, or USB drive.
Additionally, viruses can spread to other computes by infecting files on a network file system or a file system that is accessed by another computer.
Today’s viruses may also take advantage of network services such as the World Wide Web, e-mail and file sharing systems to spread.
If we want to protect our computer from computer viruses than we must have to install Antivirus Software and must update it from internet on regular basis.
A firewall is software program or device that checks information coming from the Internet or a network, and then either blocks it or allows it to pass through to your computer, depending on your firewall settings.
Protects local area network (LAN) from outside intruders
Prohibit all data not allowed or permit all data not prohibited
Types of firewalls
Rejects all data with local addresses from outside
Examine only source not content
Small metal box filled with plug openings, or ports.
Hook your computer network into the box (just as other peripherals') then set it up on your computer.
Hardware firewalls are typically owned by larger businesses.
Practice of hiding information within other information
Hides existence of message
Using only a subset of letters/words in a longer message marked in some way
For example, if you want to tell your stock broker to buy, vs sell a stock and your message must be transmitted over insecure channel, you could send the message “BURIED UNDER YARD” if you have agreed in advance that your message is hidden in the first letter of each word, the stock broker picks these letters off and sees “BUY”.
Example: A German spy sent the following “harmless” message in WWII
Apparently neutral’s protest is thoroughly discounted and ignored. Isman hard hit. Blockade issue affects pretext for embargo on by-products, ejecting suets and vegetable oils.
If we extract the 2 nd letter in each word, we get:
A p parently n e utral’s p r otest i s t h oroughly d i scounted a n d i g nored. I s man h a rd h i t. B l ockade i s sue a f fects p r etext f o r e m bargo o n b y -products, e j ecting s u ets a n d v e getable o i ls.