Free Essay

Malware Lifecycle

In:

Submitted By papalvarado
Words 772
Pages 4
Today we will come to understand how to find, interpret, and explain the materials released by major antivirus vendors about new malware threats. In addition we will show how you will be able to document the malware lifecycle; in addition to explaining the threats that the malware creates both at the current time and how they may change.

One of the sites that we have taken a look at is McAfee.com, the portion of information we are looking at today is the virus definition, what it is a how it will affect you the consumer. One virus we will be looking at will be RDN/BackDoor-FBSA!a!EFA0D651938C. This is a Trojan detection. Unlike viruses, Trojans do not self-replicate. They are spread manually, often under the premise that they are beneficial or wanted. The most common installation methods involve system or security exploitation, and unsuspecting users manually executing unknown programs. Distribution channels include e-mail, malicious or hacked Web pages, Internet Relay Chat (IRC), peer-to-peer networks, etc.

The indication of having this infection would mean your machine would have the files, registry, and network communication referenced in the characteristics section. However not to worry the following is a plan of attack as per instructions of McAfee:
Please use the following instructions for all supported versions of Windows:
1. Disable Windows System Restore. For instructions, please refer to: http://www.mcafee.com/us/downloads/free-tools/disabling-system-restore.aspx
2. Update your McAfee Anti-Virus product to the latest version (when possible), and ensure the latest DAT and Engine and any applicable EXTRA.DATs are installed.
3. Run a full system scan. (On-Demand Scan)
4. Reboot, as soon as it is convenient, to ensure all malicious components are removed.
As you can see there are removal processes however this is not always the case.

Next we will discuss malware what it is and how it affects us. To define what malware is we look to Microsoft to give us a better understanding; Malware is short for "malicious software." Malware is any kind of unwanted software that is installed without your adequate consent. Viruses, worms, and Trojan horses are examples of malicious software that are often grouped together and referred to as malware. Cybercriminals sometimes try to trick you into downloading rogue (fake) security software that claims to protect you against malware. This rogue security software might ask you to pay for a fake product, install malware on your computer, or steal your personal information.

To protect yourself from Malware it is important to do some of the following: There are several free ways to help protect your computer against malware:
• Make sure automatic updating is turned on to get all the latest security updates.
• Keep your firewall turned on.
• Don't open spam email messages or click links on suspicious websites.
• Download Microsoft Security Essentials, which is free, or another reputable antivirus and anti-malware program. If you run Windows 8 or Windows RT, you don’t need Microsoft Security Essentials. (see the warning below).
• Scan your computer with the Microsoft Safety Scanner.

Malware is of the top subjects discussed by many businesses today, there are so many man hours spent in research and development for advance malware that; a surprising number of those surveyed said that they devote more than 20 hours a week detecting and combating advanced malware and a third spend at least a day a week on this problem. And in many conversations, that was a major frustration. Fighting advanced malware is part of a security analyst’s job, but enterprise solutions need to do a better job detecting and eradicating these determined adversaries. It’s time for an advanced threat defense system that helps organizations win the advanced malware arms race.

In closing the importance’s of firewalls data analysis, and the understanding of viruses and the many issues it can cause not just your users but the entire business. In the past, social engineering, common malware and internal theft were the greatest threats to corporate information systems, and they are still significant. But increasingly, we’re seeing more advanced threats with sophisticated evasion capabilities. Some of these threats operate at multiple protocol levels, and are capable of rapidly proliferating throughout the IT infrastructure.

The Next generation firewalls must be fast and flexible enough to operate dynamically, scalable enough to adjust to rapidly changing system and platform requirements, centralized to enable comprehensive management and control, and sufficiently expert to identify and mitigate a wide range of advanced threats and exploits in real time. In other words, they must be capable of creating an informed, interactive security posture

Similar Documents

Premium Essay

The Malware Lifecycle

...The Malware Lifecycle The advancement of technology and the proliferation in the use of the Internet, which offers a variety of products and services to users, provide a pathway to solicit user’s information that can result in identity theft and compromising of sensitive information has increased in the last decade. Cybercrimes have evolved and intensified as hackers develop and supply exploits that can be used as tools for stealing valuable information from financial institution such as banks. Motivations and Evolution Since the evolution of hacking, the skills and creativity of hackers have matured and the motivation behind hacking has been revolutionized from the origins to its current form. Oriyano & Gregg (2011) opines that in the 1960’s, the first generation of hackers that emerged were technology enthusiasts who created the building blocks for technological advancement. These hackers were motivated by intellectual curiosity and entertainment (Oriyano & Gregg, 2011). However, Oriyano & Gregg (2011) argues that the negative connotations that society identifies hackers began in the 1980’s in which they became computer criminals. Hacker’s activities were predominantly theft of services motivated by financial gains or personal gratification (Oriyano & Gregg, 2011). Subsequently, numerous hackers did not seem satisfied with the benign exploration of computer systems simply to learn about their internal operations as the hackers were now interested in individual gains...

Words: 2000 - Pages: 8

Premium Essay

Wk 3 Lab

...Week 3 Lab Part 1: Web and Database Attacks & Malware and Malicious Software Learning Objectives and Outcomes Upon completing this lab, students will be able to: * Identify web application and web server backend database vulnerabilities as viable attack vectors * Develop an attack plan to compromise and exploit a web site using cross-site scripting (XSS) against sample vulnerable web applications * Conduct a manual Cross-site Scripting (XSS) attack against sample vulnerable web applications * Perform SQL injection attacks against sample vulnerable web applications with e-commerce data entry fields * Mitigate known web application and web server vulnerabilities with security countermeasures to eliminate risk from compromise and exploitation Overview This Lab will demonstrate a Cross-site Scripting (XSS) exploit and an SQL Injection attack on the test bed web application and web server using the Damn Vulnerable Web App (DVWA) loaded on an Apache Web Server on “TargetUbuntu01” Linux VM server. They will first identify the IP target host, identify known vulnerabilities and exploits, and then attack the web application and web server using XSS and an SQL Injection to exploit the web application using a web browser and some simple command strings. Assignment Requirements Watch the Demo Lab in Learning Space Unit 5 and then answer questions 1-10 below. Lab Assessment Questions & Answers 1. Why is it critical...

Words: 1054 - Pages: 5

Premium Essay

Stuxnet Virus

...Stuxnet Virus According to counterterrorism czar Richard Clarke, Stuxnet was a weaponized malware computer worm. Stuxnet was launched in mid-2009, it did major damage to Iran’s nuclear program in 2010 and then spread to computers all over the world (Clarke, 2012). Type of Breach The Stuxnet is a computer worm, “it is a digital ghost with countless lines of code… it was able to worm its way into Iran’s nuclear fuel enrichment facility in Natanz, Iran” (Clarke, 2012). A worm is a program that spreads copies of itself through a network and a worm can also spread copies of itself as a stand-alone program (Pfleeger & Pfleeger, 2007). How the Breach Occurred On June 17, 2010, Sergey Ulasen, head of a small computer security firm called VirusBlokAda, was going his through e-mail when a report caught his attention. A computer belonging to an Iranian customer was caught in a reboot loop; it was “shutting down and restarting repeatedly despite efforts by operators to take control of it. It appeared the machine was infected with a virus” (Zetter, 2011). Ulasen’s research team got hold of the virus infecting their client’s computers. They realized it was using a “zero-day” exploit to spread (Zetter, 2011). Zero-days are the hacking world’s most potent weapons: The virus exploits vulnerabilities in software that are not yet known to the software maker or antivirus vendors. They’re also exceedingly rare; it takes considerable skill and persistence to find such vulnerabilities and...

Words: 1195 - Pages: 5

Free Essay

E-Security Review

...E-SECURITY REVIEW 2008 Submission from Microsoft Australia Introduction Microsoft Australia welcomes the opportunity to participate through this Submission in the Whole-of Government Review of E-Security. A periodic review of the E-Security framework, in light of the quickly evolving threat landscape, is both timely and appropriate. Over the last thirty years there have been dramatic advances in information technology - the development of the microprocessor, the rise of the personal computer, the emergence of the Internet - which have revolutionised the way information is created, stored, shared, and used. Today, powerful, affordable and diverse devices, together with expanding broadband networks, create a powerful opportunity for connectivity for individuals and communities. Over the past two decades, rapid advances in software, IT services, and communications have enabled many traditionally separate and disparate infrastructures and business operations to become more connected. Through this connectivity virtually every aspect of society has experienced a transformation. Businesses and governments have been able to manage and streamline their operations. Individuals have been offered ready access to multiple sources of information thereby expanding knowledge and choice. Across every field of endeavour – commercial, social, scientific and philanthropic – the power of information has been increased and the transaction costs of engagement have been lowered. Our broad reliance...

Words: 13936 - Pages: 56

Free Essay

Tips

...How to Disable AutoRun in Windows 8 ------------------------------------------------- April 23, 2013 in Featured, How To's, Microsoft Surface How To's, Windows General How To's, Windows How To's While AutoRun lets you play your favorite digital media automatically, it opens up vulnerable doors on your PC at the same time. Any malicious code can easily be injected to your PC using the AutoRun feature, so it’s a good idea to keep it turned OFF. Here’s how you can disable the AutoRun feature in Windows 8 and keep your PC safe from virus and other threats. I. Disabling AutoRun in Windows 8: 1. Open the Run Box by pressing Windows Logo+R keys together. 2. Type in gpedit.msc and hit ENTER. Type in gpedit.msc and hit ENTER 3. The Group Policy Editor will open. Navigate to the following location in the Editor: Computer Configuration>>Administrative Templates>>Windows Components>>AutoPlay Policies 4. Once there, double-click on the entry in the right-hand side that says Turn off Autoplay. Click on Turn off Autoplay 5. Select Enabled and All drives as shown in the screenshot below: Select Enable and All drives 6. Hit Apply and you’re good to go! Cool! The AutoRun feature has been disabled on your Windows 8 and this will certainly help you keep your PC safe from any malicious codes that come attached with USB and other digital media devices. TheUnlockr.com, your source for how to root, hack, and mod to unlock your device's true potential. Look...

Words: 299 - Pages: 2

Premium Essay

Computers

...Computer Mario Noriega CIS 103 Abstract Computers are one of the greatest inventions in the 20th century, and they used in many fields with a lot of benefits. There are many types of computers, huge and powerful computer are employed by governments and business to perform complex tasks and store data. Computers are particular good at performing repetitive tasks at speeds far faster than any human or team of humans can. Small computers like home and personal computers can also perform domestic tasks. We will see the benefits, risk in those times, 20 years ago, and also a projection 20 years later. Computer Computer is an electronic device used in almost every field even where it is most unexpected. That is why this age is called as the as the era of information technology. And we cannot imagine a world without computers. It is made up of two things one is the hardware and other is software. All physical components of computer like keyboard, mouse, monitor etc. comes under the hardware whereas all the programs and language used by the computer are called software. These days computers are the tools for not only IT professionals, engineers and scientists but also they are being used by millions of people around the world. Computers has become very important at present because it is very much accurate, fast and can accomplish many tasks easily otherwise to complete those tasks manually much more...

Words: 1401 - Pages: 6

Free Essay

Top Security Threats

...enterprises in 2010. To increase the likelihood of successful, undetected infiltration into the enterprise, an increasing number of these targeted attacks leveraged zero-day vulnerabilities to break into computer systems. Stuxnet and Hydraq teach future attackers that the easiest vulnerability to exploit is our trust of friends and colleagues. Stuxnet could not have breached its target without someone being given trusted access with a USB key. Meanwhile, Hydraq would not have been successful without convincing users that the links and attachments they received in an email were from a trusted source. Social Networks Social network platforms continue to grow in popularity and this popularity has not surprisingly attracted a large volume of malware. One of the primary attack techniques used on social networking sites involved the use of shortened URLs. Under typical, legitimate, circumstances, these abbreviated URLs are used to efficiently share a link in an email or on a web page to an otherwise complicated web address. The report found that attackers overwhelmingly leveraged the news-feed capabilities provided by popular social networking sites to mass-distribute attacks. In a typical scenario, the attacker logs into a compromised...

Words: 727 - Pages: 3

Free Essay

Hack

...EXECUTIVE SUMMARY The term ‘keylogger’ itself is neutral, and the word describes the program’s function. Most sources define a keylogger as a software program designed to secretly monitor and log all keystrokes. There is a lot of legitimate software which is designed to allow administrators to track what employees do throughout the day, or to allow users to track the activity of third parties on their computers. However, the ethical boundary between justified monitoring and espionage is a fine line. Legitimate software is often used deliberately to steal confidential user information such as passwords. Most modern keyloggers are considered to be legitimate software or hardware and are sold on the open market. Developers and vendors offer a long list of cases in which it would be legal and appropriate to use keyloggers, including: Parental control, Company security, law enforcement,Jealous spouses or partners can use a keylogger and many more reasons. But today, keyloggers are mainly used to steal user data relating to various online payment systems, and virus writers are constantly writing new keylogger Trojans for this very purpose.Furthermore, many keyloggers hide themselves in the system (i.e. they have rootkit functionality), which makes them fully-fledged Trojan programs. Although keylogger programs are promoted for benign purposes like allowing parents to monitor their children's whereabouts on the Internet, most privacy advocates agree that the potential for abuse...

Words: 1408 - Pages: 6

Free Essay

Week 3 Paper

...computers, cell phones, GPS’s, and internet are a lot more common. Now that today’s technology is expanding and growing which means that the reliance and dependence of these products is also growing. The dependence and the reliance are not the only two things that technology brings. The more reliance of these things causes cyber attacks which are gradually increasing the occurrence. It is harder to stop these attacks before they occur is more difficult than what can be expected but however it is not impossible. There is a trick to catching these attacks which is within programs and applications that the users uses which detects as well as notifies the user that there is an attack. This could be something like an anti-virus and/or a malware program or even a firewall. The purpose within this paper is to discuss cyber attacks as well as the steps involved and how to prevent them which was discussed in the article by Tony M. Damico entitled Cyber Attack Prevention for the Home User: How to Prevent a Cyber Attack (2009) and other sources Cyber Attack: What It Is A cyber attack is “an attempt to undermine or compromise the function of a computer-based system, or an attempt to track the online movements of individuals without their permission” (WiseGeek, 2011). The easier way to describe a cyber attack would be the targeting something electronic to make it malfunction so that someone is able to collect what it is they need. The cyber attacks that specifically...

Words: 880 - Pages: 4

Free Essay

Cybercrime

...Nowadays, E-commerce is a fundamental part of marketing activity. Most of e-commerce proceeds on the websites of publicly traded companies. A challenge that e-business face is that vulnerably experience e-crime, also known as cybercrime. As Internet technology continues to rise throughout the world, the threat of cyber crime also grows. While some of these crimes are relatively harmless and commonplace, others are very serious and carry with them felony charges. Various types of Cyber crimes that can be encountered over the net are spam, fraud, cyber terrorism and so on. Whether for individuals, companies or governments, cybercrime has become a big problem. Spam is defined as unsolicited junk e-mail. It is used by chain mailers, forger and some others who selling dubious products.  “The Federal Trade Commission (FTC) has identified 12 types of scams that are most likely to arrive in consumers’ e-mail boxes. The “dirty dozen” are: business opportunities, bulk e-mail, work at home schemes, health and diet scams, effortless income, free goods, investment opportunities, cable descrambler kits, guaranteed loans or credit on easy terms, credit repair, and vacation prize promotions”(Phommalinh). Meanwhile, the most common type of cybercrimes occurred in spam is virus which spread by e-mails. When one receive an e-mail with a virus, the default settings of your computer do not have any action required to resist virus. At that point, virus can follow instructions and does anything whatever...

Words: 1173 - Pages: 5

Premium Essay

Review of Cyber Attacks

...Help Net Security is a site (www.net-security.org) run specifically in order to help disseminate information about current security problems and concerns across the full spectrum of computing systems. According to “About” page, Help Net covers “news around the globe… technical articles and papers, vulnerabilities, various vendor advisories, latest viruses, malware and hosts the largest security software download area with software for Windows, Linux, Mac OS X and Windows Mobile.” The paper under review today is titled “Targeted Cyber Attacks”, written by the site GFI.com and published as an eBook available at Help net Security. Targeted Cyber Attacks is an extensive, 25-page review of cyber attacks in a general sense, exposing the impact, extent of the problem, effectiveness of attacks, solutions and attack avoidance. It explains that the definition of a cyber attack is specifically when a company is attacked electronically for the purposes of gaining access to data or compromising functionality and causing denials of service. The paper starts off with a definition of those who are actually at thread for attack – EVERY organization. The paper’s position is that all organizations are vulnerable, whether they believe it or not, and that there is no target too large or too small that can be attacked. Visibility of the company, perception of the ease of attack, and hiding their vulnerability from the public all have nothing to do with whether or not an attack will take place...

Words: 1450 - Pages: 6

Free Essay

Dsadsa

...Introduction and Abstract Copyright(c), 1984, Fred Cohen - All Rights Reserved This paper defines a major computer security problem called a virus. The virus is interesting because of its ability to attach itself to other programs and cause them to become viruses as well. There are two spellings for the plural of virus; 'virusses', and 'viruses'. We use the one found in Webster's 3rd International Unabridged Dictionary Given the wide spread use of sharing in current computer systems, the threat of a virus carrying a Trojan horse [Anderson72] [Linde75] is significant. Although a considerable amount of work has been done in implementing policies to protect from the illicit dissemination of information [Bell73] [Denning82], and many systems have been implemented to provide protection from this sort of attack [McCauley79] [Popek79] [Gold79] [Landwehr83], little work has been done in the area of keeping information entering an area from causing damage [Lampson73] [Biba77]. There are many types of information paths possible in systems, some legitimate and authorized, and others that may be covert [Lampson73], the most commonly ignored one being through the user. We will ignore covert information paths throughout this paper. The general facilities exist for providing provably correct protection schemes [Feiertag79], but they depend on a security policy that is effective against the types of attacks being carried out. Even some quite simple protection systems cannot be proven 'safe' [Harrison76]...

Words: 8970 - Pages: 36

Free Essay

How Two Banks Stopped Scams, Spams and Cybercriminals

...CNB are as follows • Malware • Malicious software • Unprecedented of Spam Malware, short for malicious software, is software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems. It can appear in the form of code, scripts, active content, and other software. 'Malware' is a general term used to refer to a variety of forms of hostile or intrusive software. Malware includes computer viruses, ransomware, worms, trojan horses, rootkits, keyloggers, dialers, spyware, adware, malicious BHOs, rogue security software, and other malicious programs; the majority of active malware threats are usually worms or trojans rather than viruses. In law, malware is sometimes known as a computer contaminant, as in the legal codes of several U.S. States. Malware is different from defective software, which is a legitimate software but contains harmful bugs that were not corrected before release. However, some malware is disguised as genuine software, and may come from an official company website in the form of a useful or attractive program which has the harmful malware embedded in it along with additional tracking software that gathers marketing statistics. Software such as anti-virus, anti-malware, and firewalls are relied upon by users at home, small and large organizations around the globe to safeguard against malware attacks which helps in identifying and preventing the further spread of malware in the network. 2) In...

Words: 830 - Pages: 4

Premium Essay

Introduction to Cyber Crime

...------------------------------------------------- CYBER CRIME IN ITS VARIOUS FORMS ------------------------------------------------- Amneet Bedi ------------------------------------------------- CSE-Dept, RBCENTW Hoshiarpur ------------------------------------------------- e-mail.: amneetb2@gmail.com ------------------------------------------------- ------------------------------------------------- ------------------------------------------------- Abstract: This Paper is a review paper on the topic of Cybercrime and its forms. The paper describes very basic information about cybercrime. It includes introduction to cyber crime, its brief history, its types along with their brief description, today’s scenario regarding cybercrime and an introduction to cyber security as a weapon against cybercrime . The paper is best suited for those who want to understand what cybercrime exactly is at the beginners’ level and what are the prevailing cybercrimes. ------------------------------------------------- Keywords: Cybercrime, cyber security, Hacking, spoofing, Cyber stalking, DOS Attack, Computer Vandalism, Cyber terrorism, Softaware Piracy, Phishing, Data diddling, Virus/ Worms, Trojan ,Cyber Laundering, Cyber contraband. ------------------------------------------------- Introduction: Today , the world is moving towards a point where everything from banking, stock exchanges, traffic control, telephones to electric power, health care, welfare and education depends on software. Undoubtedly...

Words: 1944 - Pages: 8

Premium Essay

Technology

...current and up-to-date. Have you downloaded the latest virus definitions? If not, do so and note which ones you downloaded. Run a virus scan on your computer and note your results.

 As a Mac user, I didn’t worry about malware like Windows users do. But I still install virus software for my computer called ClamXav. It’s a free program that will scan your Mac to determine if you have a virus, but won’t pre-emptively protect you from getting one. It’s an “on-demand” versus an active scanner. I update and run it every so often after I hear of some new threat. The results of my virus scan show my computer is healthy and safety. 3) Does your software have a personal Firewall and is it active? If you don't know what a Firewall is or what it does, research it and explain. Yes, I have a personal Firewall on my Mac. I use NetMine for several years. It is one of the most popular third-party firewall for Mac book. This firewall controls and monitors the entire network and Internet activity of your Mac. The NetMine safeguards the Mac book against prohibit entry to and from your computer together with other activities initiated by an external source or software programs. 

4) Do you have software in your computer to protect you and clean your computer of Spyware and Malware? If so what software?...

Words: 815 - Pages: 4