Downloaded 61 times
More Related Content
Similar to MALWARE AND ITS TYPES
MALWARE AND ITS TYPES
- 1. MALWARES BY:SAGILA 3RD YEAR BSc.FORENSIC SCIENCE ANNAI FATHIMA COLLEGE OF ARTS AND SCIENCE
- 2. WHAT IS MALWARE? Malware is the collective name for a number of malicious software variants, including viruses, ransomware and spyware. Malware typically consists of code developed by cyber attackers, designed to cause extensive damage to data and systems or to gain unauthorized access to a network. Malware is typically delivered in the form of a link or file over email and requires the user to click on the link or open the file to execute the malware.
- 3.
- 4. VIRUS Primitive typesof malware. Possibly the most common type of malware, viruses attach their malicious code to clean code and wait for an unsuspecting user or an automated process to execute them. They are usually contained within an executable file. They are self- replicating programs that usually have a malicious intent. Instead it copies itself using a human assistance, such as using an infected floppy disk at another machine. Some viruses are harmful and delete information or corrupt the operating system.
- 5. TYPES OF VIRUSES Bootviruses: establish their code in the disk sector. The machine automatically executes the code of the boot virus when booting. Thus, when an infected machine boots, the virus loads and runs it. After completion of booting of viruses they usually load the original boot code of the machine which they have previously moved to another location in the disk or take other measures to ensure the machine appears to boot normally. File viruses: Get attached to program files (files containing executable). When the infected program runs, the virus code executes. Very often the virus code is added in such a way that it executes first, then the program itself. After the virus code has finished loading and executing, it will normally load and execute the original program it has infected, or call the function it intercepted, so as to not arouse the user’s suspicion.
- 6. Companion viruses:Exploit the characteristics of the operating system to execute it, rather than directly targeting programs or boot sectors. Under DOS and Windows, when executing the command „ABC‟, the method is that ABC.COM executes before ABC.EXE (in the rare cases where both files exist). Thus, a companion virus could place its code in a COM file with its first name similar to that of an existing EXE file. When executing the „ABC‟ command, the virus‟ ABC.COM program runs (usually the virus would launch ABC.EXE once its function has been completed so as not to alert the user. This is known as the execution preference companion method. Script viruses: became quite a hit with the hackers. The basic reason for this virus being successful is machines started operating on Windows. Writers of Script viruses used mass mailing to target machines installed with Windows 98 and 2000 with Internet Explorer 5.0 and following versions. Program files like VBS, JS & icons that of safe text files became quite vulnerable to such attacks.
- 7. WORMS Worms are similarto viruses as they replicate themselves in the same manner. Although self cloning in nature it is different from a virus as it does not need to attach itself to a file or a disk sector. Just like the picture depcits: Starting from one infected machine, they weave their way through the network, connecting to consecutive machines in order to continue the spread of infection. This type of malware can infect entire networks of devices very quickly.
- 8. TROJAN In cyberworld Trojan horses bare one of the deadliest and randomly used malware appearing to be worthy software but instead it infect damages & compromises the security of the system. A Trojan horse tempts a user into opening a program as they are satisfied that it is from a legitimate source. Free softwares available for downloading may be Trojans. Just like the picture depicts: Acting discretely, it will breach security by creating backdoors that give other malware variants easy access.
- 9. SPYWARE Spyware is unwantedsoftware that infiltrates your computing device, stealing your internet usage data and sensitive information. Spyware monitors your internet activity, tracking your login and password information, and spying on your sensitive information. It aims to track and sell your internet usage data, capture your credit card or bank account information, or steal your personal identity.
- 10. ADWARE Adware is anysoftware application in which advertising banners are displayed while a program is running. The ads are delivered through pop-up windows or bars that appear on the program's user interface. Without the consent of the target user, his online habits are sold. The advertisement companies display commercial ads, pop ups & even redirect a user to a website without his willingness or knowledge. These are known as sticky software. It stays in the infected machine without providing the facility to uninstall it.
- 11. RANSOMWARE Ransomware is malicioussoftware that infects your computer and displays messages demanding a fee to be paid in order for your system to work again. This class of malware is a criminal money making scheme that can be installed through deceptive links in an email message, instant message or website. It has the ability to lock a computer screen or encrypt important, predetermined files with a password. Scareware is the simplest type of ransomware. It uses scare tactics or intimidation to trick victims into paying up. It can come in the form of fake antivirus software in which a message suddenly appears claiming your computer has various issues and an online payment is necessary to fix them.
- 12. CRIMEWARE Crimeware is doingillegal online activities with the use of various malware types. More specifically, Crimeware may be a virus, spyware, or other piece of software that can be used to commit identity theft and fraud. Crimeware can take a number of actions, including: Furtively install keystroke loggers to procure sensitive data, such as login and password information for online bank accounts, and report them back to the thief. Redirect a user’s web browser to a counterfeit website controlled by the thief. Enable remote access into applications, allowing criminals to break into networks for malicious purposes. Encrypt all data on a computer and require the user to pay to decrypt it (ransomware). Sending out an email with an attachment to execute a payload to spread the malware.
- 13. ROOTKIT A rootkit isa collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed and often masks its existence or the existence of other software. A rootkit allows someone to maintain command and control over a computer without the computer user/owner knowing about it. Once a rootkit has been installed, the controller of the rootkit has the ability to remotely execute files and change system configurations on the host machine. A rootkit on an infected computer can also access log files and spy on the legitimate computer owner’s usage.
- 14. TYPES OF ROOTKIT KernelRootkits - Hide a backdoor on a computer system by using modified code to add or replace a portion of the system's existing kernel code. Usually the new code is added to the kernel via a device driver or loadable module. Kernel rootkits can be especially dangerous because they can be difficult to detect without appropriate software. Library Rootkits - Hide information about the intruder by manipulating system calls with patches, hooks, or replacements. Application Rootkits - Replace or modify regular application binaries with camouflaged fakes, hooks, patches, or injected code.
- 15. ANTI-MALWARE Antivirus software, oranti-virus software also known as anti-malware, is a computer program used to prevent, detect, and remove malware. With the spread of other kinds of malware, antivirus software started to provide security from other computer threats. Antivirus software can guard users from malicious browser helper objects (BHOs), browser hijackers, ransomware, worms, keyloggers, backdoors, rootkits, Trojan horses, malicious LSPs, dialers, fraudtools, adware and spyware. Some products also include protection from further computer threats, such as infected and malicious URLs, spam, scam and phishing attacks, online identity (privacy), online banking attacks, social engineering techniques, advanced persistent threat (APT) and botnet DDoS attacks.
- 16. PREVENATION Ensure that allsecurity updates and patches are installed. Avoid suspicious links and emails. Avoid suspicious websites. Review software carefully before downloading. Leverage strong, unique passwords. Install Anti-virus software. Turn on your firewall . Limit application privileges. Only buy Apps from trusted sources. Back up data regularly.
- 17. CONCLUSION There area lot of security measures that can be executed to protect computers and networks form malware. Most security measures that are accessible to users are aimed at protecting computers from malware, adware, spam and various types of common viruses. Even though there are a lot of companies providing these services, cyber criminals are always looking for new ways to get around firewalls and anti virus software and on some occasions they are effective because there are numerous hackers and spammers around the globe new ways of getting around these barriers are regularly being developed and catching them can be very difficult. However if users take the suitable steps such as installing firewalls and anti malware/virus software they will be less likely to fall prey to cyber criminals.