Chapter 3- Malware Infections Flashcards
What are the different tpyes of Malware Infections?
- Threat Vector
- Attack Vector
Method used by an attacker to access a victim’s machine.
Threat Vector
Method used by an attacker to gain access to a victim’s machine in order to infect it with malware.
Attack Vector
Malware is placed on a website that you know your potential victims will access.
Watering Holes
A collection of compromised computers under the control of a master node.
Botnet
Occurs when a computer is placed between the sender and receiver and is able to capture or modify the traffic between them.
Active Interception
Occurs when you are able to exploit a design flaw or bug in a system to gain access to resources that a normal user isn’t able to access.
PRivilege Escalation
are used to bypass normal security and authentication functions.
Backdoors
Malicious code that has been inserted inside a program and will execute only when certain conditions have been met.
Logic Bomb
Non-malicious code that when invoked, displays an insider joke, hidden message, or secret feature.
Easter Egg
What are some symptoms of infection?
- Hard drives, files, or applications are not accessible anymore
- Strange noises occur
- Unusual error messages
- Display looks strange
- Jumbled printouts
- Double file extensions are being displayed, such as textfile.txt.exe
- New files and folders have been created or files and folders are missing/corrupted
- System Restore will not function
What are some ways to remove malware?
- Identify symptoms of a malware infection
- Quarantine the infected systems
- Disable System Restore (if using a Windows machine)
- Remediate the infected system
- Schedule automatic updates and scans
- Enable System Restore and create a new restore point
- Provide end user security awareness training
- If a boot sector virus is suspected, reboot the computer from an external device and scan it
