Identify and Malware Flashcards
Identify Malware:
o Malware short for “Malicious Software” is a file, program or code.
o Malware is any program or file that is harmful to a computer user.
o Typically delivered over a network that infects, explores and steals.
o Can be conducts virtually any behavior an attacker wants.
o Malware is an inclusive term for all types of malicious software.
o Malware is terms for all as Viruses, Worms, Trojans, Rootkits, and Spyware.
o Malware is also terms for Adware, Scareware, Botnets, Logic Bombs, Key loggers etc.
o Many tools can identify Malware on the network such as Packet Captures to analyzing.
o In addition, tools Snort, NetFlow, IPS, Advanced Malware Protection, Cisco Fire POWER etc
Virus:
o Malicious code that attached to executable files that are often a regular application.
o Most virus require end-user activation to damage the system or device.
Adware:
o Adware stand for Advertising-Supported Malware.
o Adware works by executing advertisements to generate revenue for the hackers.
o Adware is any type of advertising-supported software.
o Adware will play, display, or download advertisements automatically on a user’s computer.
o Adware will play once the software has been installed or the application is in use.
Ransomware:
o Ransomware works by encrypting the hard drive and all files on a system.
o Ransomware then asks for a payment in exchange for giving the decryption key.
o Major Ransomware like Reveton, CryptoLocker, CryptoWall.
o More recently ransomware 2017 WannaCry attack.
o Ransomware caused no small amount of destruction
Trojan:
o Trojans are malicious programs that appear like regular applications.
o Trojans are malicious programs that appear like media files or other files.
o Trojans contain a malicious payload. The payload can be anything.
o Trojans payload provide backdoor that allows attackers unauthorized access.
Worm:
o Worms are malware that replicate themselves and spread to infect other systems.
o Think of worms as small programs that replicate themselves in a computer.
o Worms destroy the files and data on user’s computer or system.
o They usually target the operating system files to make them empty.
o Worms typically cause harm to the network and consuming bandwidth.
Spyware:
o Spyware is common types of malware.
o Spyware monitors the activities performed by a computer user on PC.
o The main intention of a spyware is to collect the private information of PC user.
o Spyware normally come from internet while user download free software.
Rootkits:
o A rootkit is a collection of software specifically designed to permit malware.
o Rootkits gathers information, into your system.
o These work in the background so that a user may not notice anything suspicious.
o Rootkits in the background permit several types of malware to get into the system.
Keyloggers:
o Software, which records all the information that is typed using a keyboard.
o Keyloggers store the gathered information and send it to the attacker.
o Attacker extract sensitive information like password or credit card details.
Scareware:
o Scareware is a type of malware designed to trick victims.
o Scareware trick victims into purchasing and downloading useless software.
o Scareware trick victims into download potentially dangerous software.
o Scareware, which generates pop-ups that resemble Windows system messages.
o Scareware usually purports to be antivirus or antispyware software.
o Scareware also usually popup a firewall application or a registry cleaner.
o The messages typically say that a large number of problems such as infected files.
o The user is prompted to purchase software to fix the problems.
o In reality, no problems were detected, and the suggested software contain malware.
Logic Bomb:
o A Logic Bomb is malware that is triggered by a response to an event.
o Such as launching an application or when a specific date/time is reached.
o Attackers can use logic bombs in a variety of ways.
o They can embed arbitrary code within a fake application, or Trojan horse.
o Logic Bomb will be executed whenever you launch the fraudulent software.
o Attackers can also use a combination of spyware and logic bombs to steal identit
Botnet:
o The word botnet is made up of two words: bot and net.
o Bot is short for robot. Net comes from network.
o People who write and operate malware cannot manually log onto every computer.
o They have infected, instead they use botnets to manage a large number of systems.
o A botnet is a network of infected computers, used by the malware to spread.
o Cybercriminals use special Trojan viruses to breach the security of several users’ PCs.
o Cybercriminals take control of each computer & organize all of the infected PCs.
o Cybercriminals remotely manage all infected computer bot.