The Smart Little Glossary of Malware

admin | Nov 20, 2009 | 0 comments

malware

The smartphone set has so far been smugly confident that they're staying ahead of malware. But desktop and laptop users know what's coming: there is no such thing as a completely secure computing system, and smartphones are no exception. Already, a few smartphone viruses have been spotted in the wild; they use SMS and Bluetooth to propagate, sending themselves to other devices automatically. They're still very rare, but could be a sign of things to come.

The fact that users increasingly use smartphones to store anything and everything, including their emails, business contacts, and personal data, makes for an attractive target for malware hackers that will only increase in interest in the future. So, just for the mobile device users, here's a handy clip 'n' save list for knowing your malware. Forewarned is forearmed!

First, let's break malware down into three main categories: viruses, worms, and trojans. What are they and what's the difference?

- Virus A computer virus is malware which uses another innocent program to spread itself. An example would be unknowingly uploading an infected video game to BitTorrent, which is then downloaded by hundreds of users who will get the virus on their own machines if they run it. Once installed, the virus will then look for other programs to infect.

- Worm A computer worm is malware which spreads itself without the use of another program. An example would be the worms which spread themselves through email, automatically sending themselves to every address listed in the infected user's address book. Recent examples would be the Storm worm of 2007, the Nyxem worm of 2006, and the Zotob worm of 2005.

- Trojan A computer trojan is a deliberately malicious program which disguises itself as a useful program. An example would be a freely-downloadable email enhancer which adds smilies to your email, but in the background harvests your address book contacts and sends them spam. Toolbars for web browsers are the most common form of trojan. Another common form is a virus-scanner.

These are the three basic categories, which describes the three methods by which malware spreads. But all malware has what we call a payload. Just like an airplane which might be carrying paratroopers, missiles, or bombs, malware may carry any kind of payload which will be the whole point of its existence. These constitute a whole weapons arsenal:

-Backdoor - These install a hidden account and password, or a hidden work-around to the root password on the system.

-Botnet - A "bot" is the slang for a computer which has been compromised into being controlled by the attacker. The attacker - called a "botherder" - then organizes the botted computers into a botnet, which they can then use to carry out other attacks. Most of the spam you get comes from bots.

 -Data Miner - This ransacks your computer for data such as your name, address, and credit card number, which it then sends back to the attacker. A common method of identity theft and fraudulent charges.

-DDoS - Stands for "Distributed Denial-of-Service" attack. A DDoS uses many computers, such as a botnet,
to disable a server or target system by overwhelming it with traffic.

-Key Loggers - A silent program which sits on the target system and records keystrokes. Such as when you type in your password.

 -Hijacker - This takes over settings on your system, replacing them with other settings for a malicious purpose. Examples would be setting your browser's home page to a spam site, or associating all documents with a trojan as the default program to open when you click them.

-Rootkit - The ultimate backdoor. Writes to the boot sector of your computing device, effectively making itself the operating system, and then starting the usual operating system itself.

-Time bomb - Will wait until a specified date, then do something malicious like deleting the whole hard drive.

Hideous, aren't they? There's probably more out there that we haven't even discovered yet; there's certainly some more we haven't covered, since for brevity we're sticking to the most common forms.

The good news is, the arms race between malware and security is so far going in favor of the security sector. Antivirus software makers have had decades of experience in hunting out malware, while malware attackers are still learning their way around the mobile platform. To keep yourself safe, use system security software and follow standard computer security practices. There's really not too much to it. The common myth is that malware attackers are these stealthy, smart "hackers" with elite skills; the reality is that 99% of malware attackers are dumb as a box of rocks, but they get by by exploiting those users who are clueless and naive.

antispywarebox

Filed Under: Security TechnologyThe Internetz

About the Author

AndyC is a well known Mobility Industry veteran with a penchant for Gadgets of every kind - Generally the Geekier the better. Working with a small band of Geeks, GadgetAccess aims to bring you some entertaining, informative and sometimes actually useful content on a weekly basis. All we ask is that you support us by using our shopping and ad links to support our writers.

Leave a Reply




If you want a picture to show with your comment, go get a Gravatar.