1. TYPES OF ATTACK …(PART 3)
MALWARE –PART 2
Prof. Neeraj Bhargava
Mrs. Shubha Chaturvedi
Department of Computer Science, School of Engineering & System Sciences
MDS University Ajmer, Rajasthan
2. CRIMEWARE
• It’s a Software that helps someone perform an unwanted or
illegal act via the computer.
• Crimeware programs and documentation enable non-
technical people to set up their own spam, virus or phishing
attacks, essentially a software development kit .
• Crimeware is a general term for software used to perpetrate
crime, such as stealing personal identities, money or
proprietary information.
• Crimeware can spread by way of viruses, Trojan horse
programs, worms, spyware, or adware.
3. Spamming
• Spam is any kind of unwanted, unsolicited digital
communication, often an email, that gets sent out in bulk.
Spam is a huge waste of time and resources. The Internet
service providers (ISP) carry and store the data. When hackers
can’t steal data bandwidth from the ISPs, they steal it from
individual users, hacking computers and enslaving them in a
zombie botnet. Types of spam : Email spam, mobile spam,
social networking spam, messaging spam.
4. TRAPDOOR/BACKDOOR
• A trap door is kind of a secret entry point into a program that
allows anyone gain access to any system without going
through the usual security access procedures. Other definition
of trap door is it is a method of bypassing normal
authentication methods. Therefore it is also known as back
door.
• Programmers use Trap door legally to debug and test
programs. Trap doors turns to threats when any dishonest
programmers to gain illegal access. Program development and
software update activities should be first focus of security
measures. Operating system that controls the trap doors is
difficult to implementation.
5. KEYLOGGERS
• Keyloggers are a type of monitoring software designed to
record keystrokes made by a user. One of the oldest forms of
cyber threat, these keystroke loggers record the information
you type into a website or application and send to back to a
third party.
• Criminals use keyloggers to steal personal or financial
information such as banking details, which they can then sell
or use for profit.
6. SPOOFING
Spoofing is a specific type of cyber-attack in which someone
attempts to use a computer, device, or network to trick other
computer networks by masquerading as a legitimate entity. It's
one of many tools hackers use to gain access to computers to
mine them for sensitive data, turn them into zombies (computers
taken over for malicious use), or launch Denial-of-Service (DoS)
attacks. Of the several types of spoofing, IP spoofing is the most
common.
7. Phishing
Phishing attacks are the practice of sending fraudulent
communications that appear to come from a reputable source.
It is usually done through email. The goal is to steal sensitive
data like credit card and login information, or to
install malware on the victim’s machine. Phishing is a common
type of cyber attack that everyone should learn about in order
to protect themselves.
• Phishing starts with a fraudulent email or other communication
that is designed to lure a victim. The message is made to look
as though it comes from a trusted sender. If it fools the victim,
he or she is coaxed into providing confidential information,
often on a scam website. Sometimes malware is also
downloaded onto the target’s computer.
8. Sniffing
• is the process of monitoring and capturing all data packets
that are passing through a computer network using packet
sniffers. Packet Sniffers are used by network administrators to
keep track of data traffic passing through their network. These
are called network protocol analyzers. In the same way,
malicious attackers employ the use of these packet sniffing
tools to capture data packets in a network.
• Data packets captured from a network are used to extract and
steal sensitive information such as passwords, usernames,
credit card information, etc. Attackers install these sniffers in
the system in the form of software or hardware.
9. Port Scanning
• Port scanning is a method of determining which ports on a network
are open and could be receiving or sending data. It is also a process
for sending packets to specific ports on a host and analyzing
responses to identify vulnerabilities.
• The goal behind port and network scanning is to identify the
organization of IP addresses, hosts, and ports to properly determine
open or vulnerable server locations and diagnose security levels.
• After a thorough network scan is complete and a list of active hosts
is compiled, port scanning can take place to identify open ports on
a network that may enable unauthorized access.
• It’s important to note that network and port scanning can be used
by both IT administrators and cybercriminals to verify or check the
security policies of a network and identify vulnerabilities — and in
the attackers’ case, to exploit any potential weak entry points.
10. SQL injection (SQLi)
• SQL injection is a web security vulnerability that allows an
attacker to interfere with the queries that an application
makes to its database. It generally allows an attacker to view
data that they are not normally able to retrieve. This might
include data belonging to other users, or any other data that
the application itself is able to access. In many cases, an
attacker can modify or delete this data, causing persistent
changes to the application's content or behaviour.
• In some situations, an attacker can escalate an SQL injection
attack to compromise the underlying server or other back-end
infrastructure, or perform a denial-of-service attack.
11. Assignment
Q1 .Differentiate between Computer Virus, Worms and Trojan
Horse?
Q2. Difference Between Sniffing and Spoofing ?
Q3. What are ports and port numbers?
Q4. What is the impact of a successful SQL injection attack?