...Malware CMGT/230 January 11, 2016 Malware Today’s computer systems are exposed to numerous kinds of malware threats. The goal of malware is to enter the computer system in a hidden way. The main purpose of malware is achieving monetary gain at the expense of the victims. There are a few categories of malware: Adware, Bot, Bug, Ransomware, Rootkit, Spyware, Trojan Horse, Virus, and Worm. Each one of these types of malware has a specific function and effect on the end user’s computer system. Adware is an application that usually comes bundled with an application downloaded from the internet, in which it monitors the internet activity and provides advertisement according to the internet browsing behaviors. Bots are programs designed to run automated tasks. Bots gain popularity in being used on systems to run DDoS attacks. Bugs are flaws within the applications that an attacker can take advantage to exploit the computer system. Ransomware is an application that infects the computer system and encrypts files and holds the system hostage until the end user pays a fee for the unlocking mechanism. Rootkit is a malicious piece of software that is very stealth and allows the attacker to collect all kinds of information from the system and even remote control it. Spyware is related to Adware in which spies on the user’s activity without their knowledge and collects data such as keystrokes, logins, monitoring internet activity, etc. Trojan Horse is an application that disguises itself...
Words: 1143 - Pages: 5
...Malware 1. Trojan Horses For a malicious program to accomplish its goals, it must be able to run without being detected, shut down, or deleted. When a malicious program is disguised as something normal or desirable, users may unwittingly install it. This is the technique of the Trojan horse or Trojan. In broad terms, a Trojan horse is any program that invites the user to run it, concealing harmful or malicious executable code of any description. The code may take effect immediately and can lead to many undesirable effects, such as encrypting the user's files or downloading and implementing further malicious functionality. 2. Rootkits Once a malicious program is installed on a system, it is essential that it stays concealed, to avoid detection. Software packages known as rootkits allow this concealment, by modifying the host's operating system so that the malware is hidden from the user. Rootkits can prevent a malicious process from being visible in the system's list of processes, or keep its files from being read. Some malicious programs contain routines to defend against removal, not merely to hide them. 3. Adware Adware is a form of malware which presents unwanted advertisements to the user of a computer. The advertisements produced by adware are sometimes in the form of a pop-up. While some sources rate adware only as an "irritant" others classify it as an "online threat" or even rate it as seriously as computer viruses and Trojans. The precise definition of the term...
Words: 292 - Pages: 2
...Aaron McGrew Malware Malware is any software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems. It can appear in the form of executable code, scripts, active content, and other software. Malware is a general term used to refer to a variety of forms of hostile or intrusive software. Malware includes computer viruses, worms, Trojan horses, ransom ware, spyware, adware, scare ware, and other malicious programs. As of 2012 approximately 60 to 70 percent of all active malware used some kind of click fraud to monetize their activity. A computer virus is a malware program that, when executed, replicates by inserting copies of itself (possibly modified) into other computer programs, data files, or the boot sector of the hard drive; when this replication succeeds, the affected areas are then said to be "infected". Viruses often perform some type of harmful activity on infected hosts, such as stealing hard disk space or CPU time, accessing private information, corrupting data, displaying political or humorous messages on the user's screen, spamming their contacts, or logging their keystrokes. However, not all viruses carry a destructive payload or attempt to hide themselves—the defining characteristic of viruses is that they are self-replicating computer programs which install themselves without the user's consent. For a malicious program to accomplish its goals, it must be able to run without being detected, shut down, or...
Words: 638 - Pages: 3
...MALWARE PROJECT ROOT KIT A root kit refers to a specialized set of programs normally used by crackers in order to subvert control of an operating system of a computer system. A rootkit enables breaking in security of a computer system and gaining root access for various operating systems such as Unix, Linux, Solaris, Microsoft Windows, Mac OS etc. A root kit is a set of tools used by a hacker to infiltrate a computer system without the knowledge or consent of the system's owner. These tools help the intruder gain access to the system in order to perform malicious activities at a later date without being detected. WHAT MAKES IT DIFFERENT FROM A VIRUS? Most often, rootkits are used to control and not to destroy. Of course, this control could be used to delete data files, but it can also be used for more nefarious purposes. More importantly, rootkits run at the same privilege levels as most antivirus programs. This makes them that much harder to remove as the computer cannot decide on which program has a greater authority to shut down the other. DETECTING AND PREVENTING ROOTKITS One issue with rootkits is that they are constantly updated; even with all sorts of computer security protocols programmed every day to specifically eliminate rootkits, people who program them continue to develop and update the rootkit, or make new ones. It doesn’t mean, though, that they cannot be prevented. Methods through which RootKits can be prevented are: * Anti-virus software. While...
Words: 1362 - Pages: 6
...Today we will come to understand how to find, interpret, and explain the materials released by major antivirus vendors about new malware threats. In addition we will show how you will be able to document the malware lifecycle; in addition to explaining the threats that the malware creates both at the current time and how they may change. One of the sites that we have taken a look at is McAfee.com, the portion of information we are looking at today is the virus definition, what it is a how it will affect you the consumer. One virus we will be looking at will be RDN/BackDoor-FBSA!a!EFA0D651938C. This is a Trojan detection. Unlike viruses, Trojans do not self-replicate. They are spread manually, often under the premise that they are beneficial or wanted. The most common installation methods involve system or security exploitation, and unsuspecting users manually executing unknown programs. Distribution channels include e-mail, malicious or hacked Web pages, Internet Relay Chat (IRC), peer-to-peer networks, etc. The indication of having this infection would mean your machine would have the files, registry, and network communication referenced in the characteristics section. However not to worry the following is a plan of attack as per instructions of McAfee: Please use the following instructions for all supported versions of Windows: 1. Disable Windows System Restore. For instructions, please refer to: http://www.mcafee.com/us/downloads/free-tools/disabling-system-restore...
Words: 772 - Pages: 4
...Table of Contents What Is Malware? ..………………………………………………………… 3 History of Malware …………………………………………………………. 4 Types of Malware …………………………………………………………… 5 How to Prevent Malware …………………………………………………… 7 Attacks on Mobile Devices …………………………………………………. 9 Conclusion …………………………………………………………………. 11 References ……………………………………………………………………. 14 What is malware Malware, short for malicious software, is any type of software that is used in order to disrupt regular computer operations, gather sensitive information, or gain access to private computer systems. Malware is not something new to computers; it is as old as software itself. Programmers have been creating it for as long as they have been creating legitimate software. There are many different reasons as to why a programmer would create such malware. Some programmers create malware for reasons as simple as pranks and experiments or more serious and organized Internet crime malware. There are many different types of malware that will be explained later but one must know that each type of malware attacks a computer in a different way and causes different levels of damage. (What is Malware, 2014) Creating malware is a very vicious thing to do. It attacks an individual’s computer without the knowledge of the user and before they know it, personal information is stolen and the computer is damaged. What would make someone want to create such a thing? In the earlier stages of software...
Words: 3391 - Pages: 14
...Security Updates for Malware and Anti-virus Protection Security for the remote sites needs to be a top priority, due to the recent Malware infection at one of the sites this is an area that needs to be addressed. The Anti-virus software on the client computers is another issue that needs to be updated. After discussing the situation with the different employees, the following recommendations should be implemented to ensure the future security of each of the sites. Recommendations include firewalls, software security for viruses and malware, and remote access for automatic updates. Firewalls are programs that keep out hackers, viruses, and worms from reaching the computers of employees. There are 2 types of firewalls, a hardware firewall and a software firewall. Commercial software firewalls are usually more powerful than those that come with the operating system. These are installed on each computer from a CD or by downloading it from the internet. Hardware firewalls is a physical device that attaches to the computer and is configured through a cable connection. A hardware router installed between client computers and the internet will help with external security issues. A software firewall should also be installed on each computer to prevent the spread of viruses that might infect the network if a computer becomes infected. Firewalls work by closing ports that are unused by the computers and regulating the traffic in ports that are used by the computer. Several firewalls...
Words: 1342 - Pages: 6
...IS3110 Risk Management in Info Tech Security Malware and Viruses: Probability = 8, Impact = 9 Malware is short for malicious software. It is used to disrupt normal computer operation, gather sensitive information, or gain access to private computer systems. Viruses are a type of malware. Other types include, ransom ware, worms, trojan horses, key loggers, spyware, adware, and rogue security software. Malware impacts productivity, increases support costs, and can result in the compromise or loss of data and reputation. It can originate from a range of sources, spread quickly, and require an extensive approach to ensure the risk it poses is effectively managed. The most common approach to combating malware is firewalls and anti-virus software. Policies should also be put in place to make the Staff and Students aware of the potential threat and ways to keep it at bay. This approach requires the full co-operation of all college Staff, Faculty, and Students to make it work. Spam: Probability = 3, Impact = 2 Spamming is the use of electronic messaging systems to send unsolicited bulk messages (spam), especially advertising, at random. While the most commonly used form of spam is e-mail spam, it has also been appearing in other forms of media such as: instant messaging, Web search engine, spam in blogs, wiki spam, online classified ads, mobile phone messaging spam, (phone) call spam, social networking spam, and file sharing spam. The name is believed to come from a Monty...
Words: 375 - Pages: 2
...Malware: Evil Software Malicious software, or Malware for short, is designed to access computer systems secretly without the owner’s knowledge or consent. Malware is a general term used by professionals in the computer industry to describe a variety of hostile, invasive, or aggravating software programs. Software is considered to be malware based on the suspected intentions of the designer rather than any particular features the software may or may not have. Malware, also known as computer containment, has grown to include computer viruses, worms, Trojan horses, spyware, dishonest adware, crimeware, and other malicious and unwanted software programs. Symantec published in 2008 that “the release rate of malicious codes and other unwanted programs may be exceeding that of legitimate software applications”. According to F-Secure, “As much malware was produced during 2007 as in the previous 20 years altogether.” Malware has become the most common pathway on the Internet for criminals to access users: especially through e-mail and the World Wide Web. The frequency of malware use for organized Internet crime, along with the inability of anti-malware protection products to protect against the incessant stream of newly produced malware, has encouraged a new mind-frame for business owners who operate on the Internet. Business owners acknowledge that a large percent of Internet customers will always be infected for one reason or another, and they need to continue doing business...
Words: 1653 - Pages: 7
...La mayoría de nosotros dependemos más cada día de las computadoras y de Internet para realizar nuestro trabajo; las empresas y la sociedad están más informatizadas y la complejidad de los sistemas aumenta. A esta mayor dependencia de las redes de computadoras y sistemas informáticos hay que añadir el hecho de que cada vez los hackers malignos aumentan tanto en número como en sofisticación, haciendo de la seguridad informática un área cada vez más importante en nuestras vidas. En la actualidad, la tecnología se vuelve cada día más esencial en nuestras vidas ya que la mayoría de los dispositivos electrónicos que utilizamos requieren de una computadora para funcionar. Dependemos de dispositivos como laptops, celulares, entre otros, para comunicarnos, trabajar y almacenar información que no podemos perder. Sin embargo, el aumento en el uso de estos dispositivos también significa que la cantidad de datos sensibles en la red (nombres, direcciones, cuentas bancarias, contraseñas, contactos, números telefónicos, transacciones), tanto de usuarios como de empresas, va creciendo significativamente. En los últimos años las bandas del cibercriminal han evolucionado en la forma de robar información; cada día estas organizaciones se están industrializando y profesionalizando, evolucionando junto con el mundo real. A causa de dinamismo que estas amenazas están adoptando las usuales herramientas de protección básicas fracasan, cada vez más la capacidad de proteger del todo a las organizaciones...
Words: 662 - Pages: 3
...South Korean Malware Attack Reporting and technical details surrounding the malware used in the March 20, 2013, attack on South Korean assets have been varied and inconsistent. However, there are some commonalities reported across multiple organizations that provide some level of insight into the malware, dubbed ‘DarkSeoul’. The common attributes of the attack campaign are the following: * The malicious file wipes the master boot record (MBR) and other files. * The malware was hard coded with a specific execution date and time and searches machines for credentials with administrative/root access to servers. * The malware is written to specifically target South Korean victims. * The attack is effective on multiple operating systems. * The design is low sophistication – high damage. When assessing the potential risk to U.S. Critical Infrastructure and Key Resources (CIKR), it is important to understand that DarkSeoul appears to have been coded for a specific target in this case and designed to evade typical South Korean antivirus processes. As this malware is currently packaged, it is a low risk to U.S. CIKR, however, the concepts underpinning this attack would likely succeed in many common enterprise environments. For this reason, U.S. CIKR owners and operators should continue the best standard security practices to avoid infection and propagation of a wiper or other type of malware that may impact their systems. Defensive Measures ...
Words: 688 - Pages: 3
...Active Malware Threats Malware is the abbreviation for malicious software. This term covers a wide array of software that aims to disrupt, gather information, or control the contents of computer systems. Malware comes in many forms and includes ransom ware, spyware, virus, Trojan horses, adware, scare ware, and embeds within non-malicious files. The form of malware exists as executable files, scripts, active content, and other software. Below we cover three active types of malware. Specifically, how it is used, how it hides, and what organizations can do to protect against it. Number 1 Ransom ware is a particularly prevalent form of ransom ware active today. As of the first half of 2015, Microsoft (via their security website “over half a million PCs running Microsoft security software have detected a form of ransom ware.” The month of May saw an increase in Tescrypt (a form of ransom ware) by Ransom ware works by running scripts located in pop up ads and links inside of emails. Once the user receives the malware, the code either locks the computer down or encrypts predetermined files. In both cases, the user receives instructions on how to make a payment to get access back to their machine and files. I f the ransom is not paid the attacker usually destroys the data or refuses to unlock the computer. Ransom ware is reliant on user carelessness to spread. The most common form of initiation is through clicking from untrusted sources. The actual code is detectable by up to...
Words: 795 - Pages: 4
...David S Lindsay Jr. IS4560 Unit1assignment Developments in hacking, cybercrime and malware Hydraq Trojan (a.k.a., Aurora) uses a basic approach on how to attack a enterprise, it starts with a little snooping and a little deeper research in the public domain to decover information about the company and its personnel which usally comes from social networking sites and create special phishing email. SQL-injection attack.- malicious code designed to gather sensitive information from the network, easy access to the network and is web based Fragus,18 Eleonore,19 and Neosploit.20. come bundled with a variety of different exploits, including some exploits for older vulnerabilities. Because an older vulnerability is likely to be included, older vulnerabilities see a vast amount of exploitation, These exploit and attack kits are often frequently used in conjunction with some of the crimeware kits available in the underground, that don’t make it very hard to obtain mostly free of charge. Zeus kit use spam to lure users to a website that uses social engineering or that exploits a Web browser vulnerability to install the bot on a victim’s computer, mosly through remote access. Summary The above mentioned threats are important issues, the fact of the matter is people have their personal information in everything they do from education to bill paying. Everything is connected to our lives one way or another and must be protected at all cost, social networking sites like facebook...
Words: 314 - Pages: 2
...Zeus is just one of many malware toolkits available for purchase in the cybercriminal underground. This accessibility, combined with the ease at which even novice cyber criminals can use these tools, are key reasons for the massive increase in reported malware samples (to say nothing of the millions of samples that go unreported) over the last number of years – and there’s no slowdown in sight. Zeus controllers can fine tune the copy of Zeus they are using to steal only information they are interested in; typically login credentials for online social networks, e-mail accounts, online banking or other online financial services I don’t believe that the proliferation of malware toolkits and their unique malware samples – however easily and rapidly they’re being created – foreshadows “the decline” for anti-virus products, or for the vendors to create and sell them. There is an important place for anti-virus products as part of an enterprise’s network defense system, they just need to be augmented with a comprehensive — yet cost-effective and scalable — cloud-based APT detection and protection system that provides coverage beyond their physical network. However, what this clearly demonstrates is that enterprises cannot rely entirely on anti-virus products detecting malware to keep it at bay. The blazing velocity at which new malware is being created, combined with the increasing sophistication of APTs that are designed to deftly probe, analyze, and ultimately circumvent anti-virus...
Words: 451 - Pages: 2
...top smart phone platform with 52.5% of the market share ("iOS Continues Gaining U.S. Smartphone Share"). As these numbers continue to grow cybercriminals have taken notice and there has been an increase in the number of malware programs developed for the Android operating system. These malware programs can present a variety of threats from allowing criminals access to important personal information to intercepting private text messages and emails as well as even allowing someone to remotely turn on the phone’s mic. These threats can present a problem to both private individuals and businesses alike. It is important that steps be taken to prevent cybercriminals from accessing this information by preventing malware from being installed on these devices. If I was responsible for strengthening this area of IT security, I would recommend several steps. For starters, I would provide education to personal and business users to instruct them on the proper software to have installed in order to protect their devices as well as things to look out for and avoid. For businesses, I would recommend they employ strict guidelines for users of company equipment and dictate polices for users that bring their own devices. An important step in protecting against Android malware is educating device owners. According to research firm IDC only 5 percent of smartphones and tablets have some sort of antivirus program installed (Graziano). Users need to understand that smartphones are less “phones” and...
Words: 803 - Pages: 4