No announcement yet.

Malware - Categories

  • Filter
  • Time
  • Show
Clear All
new posts

  • Malware - Categories

    Malware is a broad term that blankets a range of software categories.

    Below are the major types of malware...

    Viruses are by far the best-known form of malware. This type of malware iis designed to replicate and attach itself to other files resident on the target system. Typically, viruses require some sort of user action to initiate their infectious activities.

    Worms are a successor to viruses. Worms have the ability to replicate on their own very quickly with out any interaction with the system owner.

    Trojan Horses
    Trojan horses are a special type of malware that relies in large part on social engineering to start infecting the target system. Similar to a virus in many respects, this malware relies on the user being somehow enticed into launching the infected program or wrapper, which in turn starts the trojan. Trojans pretend to be something else - say a legit piece of software to lure the user into executing the application.

    Rootkits are a modern form of malware that can hide within the core components of the target operating system and stay undetected by modern scanners. This is what makes rootkits so devastating; it can be extremely difficult to detect and even more difficult to remove.
    • Hypervisor Level Rootkits - Acts as a hypervisor and modifies the boot sequence of the computer system to load the host operating system as a virtual machine.
    • Hardware/Firmware Rootkits - Hides in hardware devices or firmware which is not inspected for code integrity.
    • Kernel Level Rootkits - Adds malicious code or replaces original kernel and device driver code.
    • Boot Loader Level Rootkits - Replaces the original boot loader with one controlled by a remote attacker.
    • Application Level Rootkits - Replaces regular application binaries with fake ones or modifies the behavior of existing applications by injecting malicious code.
    • Library Level Rootkits - Replaces original system calls with fake ones to hide information about the attacker.

    Spyware is malware designed to gather information about a system or a user's activities in a stealthy manner. Spyware comes in many forms; among the most common are keyloggers.

    Adware is malware that may replace home pages in browsers, place pop-up ads on a user's desktop, or install items on a victim's system that are designed to advertise products or services.

    Ransomware is a type of malware which restricts access to the computer system's files and folders and demands an online ransom payment to the malware creator in order to remove the restrictions.

    A bot is client software that is executed on the victim computer and then connects to a Command-and-Control (CnC) server such as an IRC server. The CnC server will likely control a botnet consisting of numerous bots running on computers previously attacked and infected. The attacker can then command the bot to do various tasks from the CnC server, such as download additional software or participate in a DDoD attack.
    Certified Security Geek