3.1 Analyze and differentiate among types of malware
Malware, short for malicious software, is software used or created to disrupt computer operation, gather sensitive information, or gain access to private computer systems. It can appear in the form of code, scripts, active content, and other software. Some malware products are completely hidden, while others have a dual role, providing some functionality as well as performing covert actions.'Malware' is a general term used to refer to a variety of forms of hostile, intrusive, or annoying software.
Adware is a form of spyware that collects information about the user in order to display advertisements in the Web browser. Some applications that contain adware also track your Internet surfing habits in order to serve ads related to you. When the adware is intrusive like this, it becomes something you should avoid for privacy and security reasons.
Viruses are computer programs, usually short pieces of code, that can be spread to other computers through downloaded material, email attachments, or redirected web pages. Many are capable of reproduction, making the removal of these annoyances often quite difficult, and even more are introduced daily. The presence of a virus may often be indicated by browser redirects, unwanted pop-ups, sluggish performance, or even system crashes.
A worm is a malicious program, similar to a virus, except for the manner in which it's spread. A worm duplicates itself, unlike a virus which attempts to infect other files.
The most common type of worm is the email worm. Email worms do not infect other files as do viruses, but spread by sending copies of themselves to any email addresses found on the infected system, and in turn, any of the recipient systems that become infected will also spread copies of the worm to any email addresses on their system. Email worms can spread globally within moments by using this simple tactic.
Spyware is a software designed to monitor user activity for advertising purposes. Spyware is similar to a Trojan horse as it is typically bundled as a hidden component of freeware or shareware programs. Spyware can gather e-mail addresses, passwords, or banking information and transmit information in the background to another party. They have the ability to monitor keystrokes, scan files, install other spyware programs, read cookies, or change the default home page on the Web browser and can lead to system crashes or general system instability.
A trojan, or trojan horse virus, is malware that is often transferred through what appears to be a legitimate e-mail or update and will produce a variety of effects. Some are simply a nuisance and do mischief like changing your desktop icons or changing other visual features. Other trojans are designed to destroy computer files, folders and programs. Trojans may also create backdoors allowing access to personal and confidential data. Unlike a worm, trojans do not replicate.
The term rootkit is used to describe the mechanisms and techniques whereby malware, including viruses, spyware, and trojans, attempt to hide their presence from spyware blockers, antivirus, and system management utilities. There are several rootkit classifications depending on whether the malware survives reboot and whether it executes in user mode or kernel mode.
A back door is a means of access to a computer program that bypasses security mechanisms. A programmer may sometimes install a back door so that the program can be accessed for troubleshooting or other purposes. However, attackers often use back doors that they detect or install themselves, as part of an exploit. In some cases, a worm is designed to take advantage of a back door created by an earlier attack. Whether installed as an administrative tool or a means of attack, a back door is a security risk.
- Logic bomb
Also called slag code, programming code added to the software of an application or operating system that lies dormant until a predetermined period of time or event occurs, triggering the code into action. Logic bombs typically are malicious in intent, acting in the same ways as a virus or Trojan horse once activated. Viruses that are set to be released at a certain time are considered logic bombs. They can perform such actions as reformatting a hard drive and/or deleting, altering or corrupting data.
The term bot, short for robot, is malware that can perform automated tasks over the Internet, without you knowing it. Bots that are used to infect large numbers of computers form a network, or a botnet. Botnets are used to send out spam email messages, spread viruses, and attack computers and servers. Infected computers are prone to slow downs.