What is Malware?
Malware is a malicious software. This software include the program that exploit the vulnerabilities in computing system. The purpose of malicious software is harm you or steal the information from you.Types of Malicious Softwares:
There are three characteristics of malwares:
1 Self-replicating malware actively attempts to propagate by creating new copies, or instances, of itself. Malware may also be propagated passively,by a user copying it accidentally, for example, but this isn't self-replication.
2 The population growth of malware describes the overall change in the number of malware instances due to self-replication. Malware that doesn't self replicate will always have a zero population growth, but malware with a zero population growth may self-replicate.
3 Parasitic malware requires some other executable code in order to exist."Executable" in this context should be taken very broadly to include anything that can be executed, such as boot block code on a disk, binary code .
Trojan Horse:
Self-replicating: no
Population growth: zero
Parasitic: yes
The most famous malicious software is Trojan Horse.
There was no love lost between the Greeks and the Trojans. The Greeks had besieged the Trojans, holed up in the city of Troy, for ten years. They finally took the city by using a clever ploy: the Greeks built an enormous wooden horse,concealing soldiers inside, and tricked the Trojans into bringing the horse into Troy. When night fell, the soldiers exited the horse and much unpleasantness
ensued.
In computing, a Trojan horse is a program which purports to do some benign task, but secretly performs some additional malicious task. A classic example is a password-grabbing login program which prints authentic-looking "username" and "password" prompts, and waits for a user to type in the information. When
this happens, the password grabber stashes the information away for its creator,then prints out an "invalid password" message before running the real login program. The unsuspecting user thinks they made a typing mistake and reenters
the information, none the wiser.
Logic Bomb:
Self-replicating: no
Population growth: zero
Parasitic: possibly
The oldest type of malicious software. This program is embedded with some other program. When certain condition meets, the logic bomb will destroy your pc. It also crash at particular date which is fixed by attacer. It will be included in legitimate or authorized person like this:
Eg:
if some antivirus trying to delete or clean the logic bomb. The logic bomb will destroy the pc.
Back Door or Trap Door:
Self-replicating: no
Population growth: zero
Parasitic: possibly
A back door is any mechanism which bypasses a normal security check. Programmers sometimes create back doors for legitimate reasons, such as skipping a time-consuming authentication process when debugging a network server.As with logic bombs, back doors can be placed into legitimate code or be standalone programs.
One special kind of back door is a RAT, which stands for Remote Administration Tool or Remote Access Trojan, depending on who's asked. These programs allow a computer to be monitored and controlled remotely;
Virus:
Self-replicating: yes
Population growth: positive
Parasitic: yes
A virus is malware that, when executed, tries to replicate itself into other executable code; when it succeeds, the code is said to be infected. The infected code, when run, can infect new code in turn. This self-replication into existing executable code is the key defining characteristic of a virus.
Types of Virus
1.Parasitic virus:
Traditional and common virus. This will be attached with EXE files and search for other EXE file to infect them.
2. Memory Resident Virus:
Present in your system memory as a system program. From here onwards it will infects all program that executes.
3. Boot Sector Virus:
Infects the boot record and spread when the system is booted from the disk containing the virus.
4. Stealth Virus:
This virus hides itself from detection of antivirus scanning.
Worm:
Self-replicating: yes
Population growth: positive
Parasitic: no
A worm shares several characteristics with a virus. The most important characteristic is that worms are self-replicating too, but self-replication of a worm is distinct in two ways. First, worms are standalone, and do not rely on other executable code. Second, worms spread from machine to machine across networks.
Rabbit:
Self-replicating: yes
Population growth: zero
Parasitic: no
Rabbit is the term used to describe malware that multiplies rapidly. Rabbits may also be called bacteria, for largely the same reason.
There are actually two kinds of rabbit.The first is a program which tries to consume all of some system resource, like disk space. A "fork bomb," a program which creates new processes in an infinite loop, is a classic example of this kind of rabbit. These tend to leave painfully obvious trails pointing to the perpetrator, and are not of particular interest.
The second kind of rabbit, which the characteristics above describe, is a special case of a worm. This kind of rabbit is a standalone program which replicates itself across a network from machine to machine, but deletes the original copy of itself after replication. In other words, there is only one copy of a given rabbit on a network; it just hops from one computer to another.
Rabbits are rarely seen in practice.
Spyware:
Spyware is software which collects information from a computer and transmits it to someone else. The exact information spyware gathers may vary, but can include anything
which potentially has value:
1 Usernames and passwords. These might be harvested from files on the machine, or by recording what the user types using a key logger. A keylogger differs from a Trojan horse in that a keylogger passively captures keystrokes only; no active deception is involved.
2 Email addresses, which would have value to a spammer.
3 Bank account and credit card numbers.
4 Software license keys, to facilitate software pirating.
Definitions
Adware:
Self-replicating: no
Population growth: zero
Parasitic: no
Adware has similarities to spyware in that both are gathering information about the user and their habits. Adware is more marketing-focused, and may pop up advertisements or redirect a user's web browser to certain web sites in the hopes of making a sale. Some adware will attempt to target the advertisement to fit
the context of what the user is doing. For example, a search for "Calgary" may result in an unsolicited pop-up advertisement for "books about Calgary." Adware may also gather and transmit information about users which can be used for marketing purposes. As with spyware, adware does not self-replicate.
Zombies:
Computers that have been compromised can be used by an attacker for a variety of tasks, unbeknownst to the legitimate owner; computers used in this way are called zombies. The most common tasks for zombies are sending spam and participating in coordinated, large-scale denial-of-service attacks.
Signs that your system is Infected by Malware:
Slow down, malfunction, or display repeated error messages
Won't shut down or restart .Serve up a lot of pop-up ads, or display them when you're not surfing the web.
