Malware and What is it?

  • Malware: Malware is malicious software the attacker tricks the user into installing or installs without the user's knowledge. The following types of malware are used:
    • Spyware: Software automatically installed on the system to monitor the user's activity and send the information back to the attacker.
    • Virus: A piece of software attached to a file that activates when the file opens. The virus typically causes harm to the system by causing it not to boot, or it may delete files.
    • Worm virus: A virus that self-replicates from one system to another. With a worm virus, the attacker doesn't have to wait for the user to open the file; it automatically attacks the system from another system.
    • Trojan horse: A virus that the user installs, thinking that it performs some useful function. It actually opens a port on the system to allow an attacker access to the system at a later time.
    • Rootkit: For a virus or Trojan horse to succeed, it needs to come up with some method to hide itself. As awareness of malware has grown, antimalware programs make it harder to find new locations on a computer to hide. A rootkit is usually a Trojan horse that takes advantage of very low-level operating system functions to hide itself from all but the most aggressive of antimalware tools. Worse, a rootkit, by definition, gains privileged access to the computer. Rootkits can strike operating systems, hypervisors, and even firmware.
    • Man in the middle: This attack occurs when the hacker is between two parties sending data back and forth. What the two parties don't know is that the first person sends the data to the hacker, and then the hacker forwards the information to the second person. This gives the hacker the opportunity to get a copy of the data and alter it if he wishes.
    • Buffer overflow: In this attack, a hacker sends too much input to an application, which results in the information flowing past the reserved area of memory for the application. Once the attacker has gone beyond the area of memory reserved for the application, the attacker can execute any code he or she wants.
    • Rogue access points: A hacker sets up his or her own wireless access point and allows people to connect to it. However, users may not know that they connect to a different access point and may send confidential information over the network, allowing the attacker to capture it. Also, once users are on the rogue network, the hacker may attack them.