1.2 Flashcards
Malware
Malicious software –
These can be very bad
* Gather information
–Keystrokes
* Participate in a group
–Controlled over the ‘net
* Show you advertising
–Big money
* Viruses and worms
–Encrypt your data
–Ruin your da
Ransomware
- The attackers want your money
–They’ll take your computer in the meantime - May be a fake ransom
–Locks your computer “by the police” - The ransom may be avoided
–A security professional may be able to removethese kinds of malware
Trojan
Doesn’t really care much about replicating
* Circumvents your existing security
–Anti-virus may catch it when it runs
–The better Trojans are built to avoid and disable AV
* Once it’s inside it has free reign
–And it may open the gates for other programs
Worms
Malware that self-replicates–Doesn’t need you to do anything
–Uses the network as a transmission medium–Self-propagates and spreads quickly
* Worms are pretty bad things
–Can take over many systems very quickly
* Firewalls and IDS/IPS can mitigate many worm infestations
–Doesn’t help much once the worm gets inside
PUP
A Potentially Unwanted Program (PUP) is identified by antivirus/anti-malware as potentially undesirable software, often installed along with other software. Examples include an overly aggressive browser toolbar, a backup utility displaying ads, and a browser search engine hijacker. Detection and removal of PUPs are crucial for maintaining a secure computing environment. Users should rely on reputable security software and exercise caution during software installations to mitigate the risks associated with PUPs.
Fileless virus:
A type of malware that operates without leaving traditional files on a system, making it challenging to detect using standard antivirus methods. It leverages scripts and memory-resident components to carry out malicious activities.
Command and control
: A mechanism used by malware to communicate with a remote server or entity, allowing attackers to issue commands, receive instructions, and control compromised systems.
Bots:
Software applications that run automated tasks over the internet. In the context of cybersecurity, bots can be malicious and operate as part of a botnet, controlled by a command and control server.
Cryptomalware:
Malicious software that encrypts files on a victim’s system, rendering them inaccessible until a ransom is paid. It is a type of ransomware that focuses on encrypting rather than stealing data.
Logic bombs:
Malicious code intentionally inserted into software or systems to execute a harmful action when specific conditions are met, such as a particular date or event.
Spyware:
Software designed to secretly gather information about a user’s activities and transmit it to a third party without the user’s knowledge or consent.
Keyloggers:
Malicious programs that record keystrokes on a computer, capturing sensitive information such as passwords and credit card numbers.
Remote access Trojan (RAT)
: A type of malware that allows unauthorized access and control of a victim’s computer from a remote location. It enables attackers to perform various malicious activities.
Rootkit:
Malicious software that provides privileged access to a computer while hiding its presence from detection. Rootkits often modify the operating system to maintain persistent control.
Backdoor:
A hidden or unauthorized access point in a computer system that allows remote control or unauthorized access. Backdoors can be exploited by attackers to gain entry without detection.