Subject: System Web Security

Topic: Software Security

Difficulty: High

Malware regroups viruses, spyware, Trojans, and all sorts of small programs designed to harm your system, steal information, track your activities etc

The different types of malicious attacks are as follows:

• Virus

1. A virus is a form of malware that is capable of copying itself and spreading to other computers.
2. Viruses often spread to other computers by attaching themselves to various programs and executing code when a user launches one of those infected programs.
3. Viruses can also spread through script files, documents, and cross-site scripting vulnerabilities in web apps.

• Worm

1. Computer worms are among the most common types of malware. They spread over computer networks by exploiting operating system vulnerabilities.
2. Worms typically cause harm to their host networks by consuming bandwidth and overloading web servers.
3. Computer worms can also contain “payloads” that damage host computers.
4. Payloads are pieces of code written to perform actions on affected computers beyond simply spreading the worm. Payloads are commonly designed to steal data, delete files, or create botnets.

• Trojan Horse

1. A Trojan horse, commonly known as a “Trojan,” is a type of malware that disguises itself as a normal file or program to trick users into downloading and installing malware.

2. A Trojan can give a malicious party remote access to an infected computer.

3. Once an attacker has access to an infected computer, it is possible for the attacker to steal data (logins, financial data, even electronic money), install more malware, modify files, monitor user activity (screen watching, key logging, etc), use the computer in botnets, and anonymise internet activity by the attacker.

• Spyware and Adware

1. Spyware is a type of malware that functions by spying on user activity without their knowledge.

2. These spying capabilities can include activity monitoring, collecting keystrokes, data harvesting (account information, logins, financial data), and more.

3. Spyware often has additional capabilities as well, ranging from modifying security settings of software or browsers to interfering with network connections.

4. Spyware spreads by exploiting software vulnerabilities, bundling itself with legitimate software, or in Trojans.

5. Adware (short for advertising-supported software) is a type of malware that automatically delivers advertisements.

6. Common examples of adware include pop-up ads on websites and advertisements that are displayed by software.

• Rootkit

1. A rootkit is a type of malicious software designed to remotely access or control a computer without being detected by users or security programs.

2. Once a rootkit has been installed it is possible for the malicious party behind the rootkit to remotely execute files, access/steal information, modify system configurations, alter software (especially any security software that could detect the rootkit), install concealed malware, or control the computer as part of a botnet.

• Zombies and Botnets

1. A zombie computer, usually known in the short form zombie, is a computer attached to the Internet that has been compromised and manipulated without the knowledge of the computer owner.

2. A botnet refers to a network of zombie computers that have been taken over and put under the remote control of an attacker.

• Logic Bombs

1. A logic bomb is a program code which is embedded in another program, and can be activated when a certain predefined criteria are met.
2. For instance, a time bomb will attack a system and erase all data if a licence key or another program code is not found in the system. In some cases, a logic bomb will inform the attacker via the Internet that the bomb is ready to attack the victim.

• Trap Door

1. A trap door is a secret entry point into a program that is intentionally included in the program code. While it can facilitate debugging during program development, it may be used for malicious purposes as well.