2. What is Logic Bomb
is a hidden code in software / program that execute itself when pre-defined conditions are met
Also known as a TIME BOMBS as it execute on certain days
Activated when specified conditions are met:
presence / absence of some file
Particular date / time
Particular user
When trigger typically damage system
modify/ deleting file or disk, halt machine and wipe everything off the computer.
Example of a time bomb is the infamous ‘Friday the 13th’ virus.
3. Logic Bombs Protection
Do not download pirated software – Logic bombs can by distributed by exploits that promote
software piracy
Do not click on suspicious web links –clicking on an unsafe link may direct you to an infected
website that may host the logic bomb malware
Apply patches to other software installed on your computer like such as:
Microsoft Office software
adobe products
5. SPOOFING ATTACK
A spoofing attack is when a malicious party
impersonates (menyamar) another device or user on a
network in order to launch attacks against network hosts,
steal data, spread malware or bypass access controls.
6. TYPE OF SPOOFING
ATTACKS
IP address spoofing
ARP Spoofing Attacks
DNS Server Spoofing Attacks
Web spoofing
-E-mail spoofing
-Non technical spoofing
7. IP ADDRESS SPOOFING /
IP SPOOFING
Creation of Internet Protocol (IP)
packets with a forged source IP
address
Purpose to conceal the sender
identity or impersonating another
computing system
8. ARP Spoofing Attacks
Attacker sends falsified ARP(Address Resolution Protocol)
messages over a local area network that linking of an
attacker’s MAC address with the IP address of a legitimate
computer or server on the network.
Once the attacker’s MAC ( Media Access Control )address is
connected to an authentic IP address the attacker will begin
receiving any data that is intended for that IP address.
ARP spoofing can enable malicious parties to intercept,
modify, or even stop data in-transit.
ARP spoofing attacks can only occur on local area networks
that utilize the Address Resolution Protocol.
9. Domain Name Server (DNS)
Spoofing Attacks
A system that associates domain names with IP addresses.
Devices that connect to the internet or other private
networks rely on the DNS for resolving URLs, email
addresses and other human-readable domain names into
their corresponding IP addresses.
Malicious party modifies the DNS server in order to reroute
a specific domain name to a different IP address.
In many cases, the new IP address will be for a server that
is actually controlled by the attacker and contains files
infected with malware.
DNS server spoofing attacks are often used to spread
computer worms and viruses.
10. Web spoofing
Attacker observe and modify all web pages sent to the victim's
machine, and observe all information entered into forms by the
victim. even when the browser's show "secure connection" . The user
sees no indication that anything is wrong.
After browser has been fooled, the spoofed web server can send fake
web pages or prompt victim to provide personal information such as
login Id, password, or even credit card or bank account numbers.
11. E-mail spoofing
Email spoofing may occur in different forms, but
all have a similar target/result:
is the forgery of an e-mail header
user receives email that appears to have
originated from one source but it was actually
sent from another source.
Purpose to cover up an attempt to trick the user
into going to the wrong site and releasing
sensitive information (such as passwords).
12. Non Technical Spoofing
non-computer based
techniques commonly
referred to as social
engineering.
Attacker calling someone
on the phone saying that
he is a certain person.
Purpose to obtain vital
information such as ic no.
account no., credit card
no.etc.
13. PHISHING
Phishing is a type of
deception(penipuan) designed
to steal your valuable personal
data, such as credit card
numbers, passwords, account
data, or other information.
14. HISTORY OF PHISHING
Phishing in 1995
Target: American on line users
Purpose: getting account passwords for
free time
Threat level: low
Techniques: Similar names (
www.ao1.com for www.aol.com ),
social engineering
Phishing in 2001
Target: Ebayers and major banks
Purpose: getting credit card numbers, accounts
Threat level: medium
Techniques: Same in 1995, keylogger
Phishing in 2007
Target: Paypal, banks, ebay
Purpose: bank accounts
Threat level: high
Techniques: browser vulnerabilities,
link obfuscation (Keliruan)