Malware
From Saferpedia
Malware a term derived from malicious software is a software designed to infiltrate or to harm a system without owner's agreement. The term is a generally used by computer professionals with different hostile intentions.
A software is considered to be malware according to its creator intentions and not other characteristics. Malware includes viruses, worms, Trojans, spyware, adware and other harmful and unwanted software.
According to preliminary results published in 2008 showed that the release rate of malicious codes may overcome the release rate of legal software. According to F-Secure in 2007 were produced as many malicious software as in the last 20 years together.
Contents |
Purpose
Many early malware (including the first internet worm and MS-DOS viruses) were written as experimental software or pranks and initially they had the purpose to annoy.
In some cases authors didn't realized as much harm as they could with their creations. Young programmers studying viruses and techniques to design them wrote such software only for the simple fact they could or wanted to see how far they'd spread.
Many DOS viruses and Windows ExploreZip worm were designed to destroy files or to corrupt system files. In the same category are included the network worms like Code Red 2001 or Ramen worm. Designed to vandalize web pages, worms may be likened with online graffiti.
Since the use of internet spread all over the world malware software is written for profit.
Malware infections: worms and viruses
The most known kinds of malware are viruses and worms mostly known for the way they spread than their behavior.
A virus is used to infect an executable application and when the software runs the virus spreads to other executable software.
A worm is an auto-transmitted software inside a network with the purpose to infect other computer.
Concealment: Trojans, rootkits and backdoors
Trojans
When a malware is disguised as something harmless or wanted, users may be tempted to install it without knowing what it really does. This is a Trojan technique or simply a Trojan.
Rootkits
Once a malware is installed on a system is essential to remain hidden to avoid being detected and removed. The same thing happens when a human attacker enters in a computer. Techniques known as rootkits allow malware to hide by modifying the host OS. Rootkits can hide malware in the system's process list. Initially a rootkit was a set of tools installed by a human attacker on a UNIX system. Today the term is used for hiding routines.
Backdoors
A [[backdoor]] is a method to pass the usual authentication procedures. Once a system was compromised it can be installed one or more backdoors to allow in the future an easier access.
Malware for profit: spyware, botnets, keystrpke loggers (journals of key pressing)
[[[Spyware]]] software are commercial products with the purpose to gather information about users, showing pop-up commercials or altering their browser behavior for the financial benefit of its creator.
Malware developers may take advantage of their infections by directly using the infected system to do their work. Infected systems are used as proxy servers to send spam messages. A computer in this stage is known as a zombie computer. An attacker advantage from using this technique is anonymity.
To coordinate the activity of several computers, attackers used coordination systems called botnets. In a botnet malware enters into a Internet Relay Chat (IRC) channel or other chat systems. Afterward the attacker may give instructions to all infected computers simultaneous.
Some malware install keylogger to intercept any keyboard entries (passwords, credit card number or other sensible information). The data are automatically sent to the creator allowing credit card fraud and other thefts.
This term is in development.
Contribute on developing this term.
