Chapter 6 Flashcards
advertising that is integrated into software. it can result in pop-up ads or redirection of a browser to a commercial site
adware
set of tools for generating new malware automatically using a variety of supplied propagation and payload mechanisms
attack kit
Malicious hacker tools used to break into new machines remotely
auto-rooter
any mechanism that bypasses a normal security check; it may allow unauthorized access to functionality in a program, or onto a compromised system.
backdoor (trapdoor)
Code that installs other items on a machine that is under attack. it is normally included in the malware code first inserted on to a compromised system to then import a larger malware package.
downloaders
An attack using code in a compromised web site that exploits a browser vulnerability to attack a client system when the site is viewed.
drive-by-download
code specific to a single vulnerability or set of vulnerabilities.
exploits
Used to generate a large columns of data to attack networked computer systems, by carrying out some form of denial-of-service DoS attacks
Flooders (DoS client)
captures keystrokes on a compromised system
keyloggers
Code inserted into malware by an intruder. a _____ lies dormant until a predefined condition is met; the code then triggers an unauthorized act
logic bomb
a type of virus the uses macro or scripting code, typically embedded in a document, and triggered when the document is viewed or edited, to run and replicate itself into other such documents
macro virus
software that can be shipped unchanged to a heterogeneous collection of platforms and execute with identical semantics
mobile code
Set of hacker tools used after attacker has broken into a computer system and gained root-level access
Rootkit
used to send large volumes of unwanted e-mail
Spammer programs
Software that collects information from a computer and transmits it to another system by monitoring keystrokes, screen data, and or network traffic; or by scanning files on the system for sensitive information.
spyware
A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the ______ program
Trojan horse
Malware that, when executed, tries to replicate itself into other executable machine or script code; when it succeeds, the code is said to be infected. when the infected code is executed, the _____ also executes.
Virus
A computer program that can run independently and can propagate a complete working version of itself onto other hosts on a network, usually by exploiting software vulnerabilities in the target system.
worm
Program activated on an infected machine that is activated to launch attacks on other machines.
Zombie/bot
___ ____ uses multiple methods of infection or propagation, to maximize the speed of contagion and the severity of the attack
blended attack
These toolkits, ____, now include a variety of propagation mechanisms and payload modules that even novices can combine, select, and deploy.
Crimeware
A typical virus goes through which four phases
1) Dormant Phase
2) Propagation Phase
3) Triggering Phase
4) Execution Phase
The means by which a virus spreads or propagates, enabling it to replicate. the mechanism is also referred to as the infection vector
infection mechanism
the event or condition that determines when the payload is activated or delivered, sometimes known as a logic bomb
trigger.
What the virus does, besides spreading. the ____ may involve damage or may involve benign but noticeable activity.
Payload
Creates copies during replication that are functionally equivalent but have distinctly different bit patterns, in order to defeat programs that scan for viruses. in this case, the “signature” of the virus will vary with each copy.
Polymorphic virus
A search to find other systems to infect
scanning or fingerprinting
When some malware encrypts the user’s data, and demands payment in order to access the key needed to recover this information.
ransomware.
an attacks on a computer system or network that acauses loss of service to users.
DDoS (Distributed denial-of-service attack)
With the help of a botnet and thousands of bots, an attacker is able to send massive amounts of bulk e-mail
spamming
bots can also use a packet sniffer to watch for interesting clear-text data passing by a compromised machine. the sniffers are mostly used to retrieve sensitive information like usernames and passwords.
sniffing traffic
