Malware
- is a nosy software that is designed to damage and destroy computers and computers systems
Widely used toolkits include:
- Zeus
-Blackhole - Sakura
-Phoenix
Examples of organized Attack sources
- politically motivated attackers
- Criminals
- Organized crime
- Organizations that sell their services to companies and nations
- National government agencies
Worm
Without user action, the Worm program that propagates copies of itself to other computers.
Logic bomb
triggers action when condition occurs
Trojan horse
program that contains unexpected additional functionality.
Backdoor
- modification that allows unauthorized access to functionality
Clickjacking
Vulnerability used by an attacker to collect an infected user’s clicks
Virus lifecycle
propagation , what order and functions
- second step
- The virus places a copy of itself into other programs
Virus lifecycle
Dormant , what order and functions
- First step
- the virus is idle and waiting
Virus lifecycle
Execution , what order and functions
- forth and last step
- Virus function is performed
Virus lifecycle
Trigger , what order and functions
- Third step
- Virus is activated to perform function for which it was intended.
Virus classification
by Target
- boot sector virus
- macro virus
- file infector
- multipartite virus
Virus classification
by concealment / hiding
- Encrypted virus
- stealth virus
- polymorphic virus
- metamorphic virus
transport vehicles
- Can rapidly compromise a large number of system
Spam (uninvited)
- Unsolicited bulk email
- signification carrier of malware
- Used for phishing attacks
Botnet
A collection of bots capable of acting in a coordinated manner
Zombies can be used to make:
- Dos
- Spamming
- sniffing traffic
- keylogging
- spreading new malware
Keylogger
To allow monitor sensitive information
Spyware
Compromised machine to allow monitor a wide range of activity on the system
Rootkit classification:
- persistent , memory base , user mode , kernel mode , virtual machine base , external mode
