Malicious Software Drill Flashcards
trojan:
Malicious software that seems to perform a desirable function for the user but instead facilitates unauthorized access to the user’s computer system. The term is derived from the Trojan Horse story in Greek mythology.
Example: An email with a link to a news article about a disastrous storm or major political news that installs software to slow the computer down and any other computers it connects with.
worm:
A self-replicating computer program. It sends copies of itself to other computers, and may do so without any user intervention. Unlike a virus, it doesn’t need to attach itself to an existing file. Worms almost always cause at least some harm to the network.
Example: An email that has a love letter attached, which when opened changes files on a computer and sends itself to all the email addresses in the user’s contact list.
virus:
A malicious computer program that infects a file. A true virus can only spread from one computer to another when its host (infected file) is sent to the target computer.
The word “virus” is incorrectly used as an umbrella term for many flavors of viruses, worms and trojans, etc.
Example: A virus gets installed on a laptop. It then inserts itself into several operating system files, causing the computer to restart automatically every 10 minutes.
antivirus:
Software that monitors a computer or network to identify all major types of malware and prevent or contain malware incidents. Sometimes referred to as AV, which is short for antivirus.
Example: Software that scans email attachments for viruses when they’re downloaded.
malware:
Short for the term “malicious software.” It’s an umbrella term used to refer the various types of viruses, worms and trojans, etc. Most malware is installed without the infected person ever realizing it.
ransomware:
Vicious malware that locks users out of their devices or blocks access to files until a sum of money or ransom is paid. Attacks cause downtime, data loss, possible intellectual property theft, and data breaches. Ransomware is also referred to as “cryptoware.”
How it works: Once the malware is on the machine, it starts to encrypt all the data files it can find on the computer and on any computers it can access within the network. When a user attempts to access one of these files, they’re locked out. Then two files are found in that same folder, indicating the files have been taken ransom. The two files inform the user of the ransom and instructs them on how to pay it.
rootkit:
Malicious code that loads into the early loading stages of a computer. The code hides itself from the operating system and other applications that load in the later stages, like antivirus and system utilities. This gives the bad guy full access to alter the system.
Note: Root is the basic source of something, and kit is a set of tools, hence the name “rootkit.”
Example: Code that changes a configuration file when the computer starts up. It then alters the file so the user’s antivirus software won’t detect additional malware that tracks the user’s keyboard inputs (to steal passwords).
botnet:
Short for “robot network,” it’s a collection of software robots, or “bots,” that live on infected computers, and are controlled by bad guys. Botnets do many bad things like spew out spam, attack other computers, or send back confidential data to the botnet controller.