Malware in the Nutshell
Malware, short for malicious software, is any software used to disrupt computer operations, gather sensitive information, gain access to private computer systems, or display unwanted advertising. Before the term malware was coined by Yisrael Radai in 1990, malicious software fragments that attach themselves to some existing executable content. The fragment may be mchine cod ethat infects some exisitng application, utility, or system program, or even the code used to boot a computer system. Malware is defined by its malicious intent, acting against the requirements of the computer user, and does not include software that causes unintentional harm due to some deficiency.
Malware may be stealthy, intended to steal information or spy on computer users for an extended period without their knowledge as for example Regin, or may be designed to cause harm, often as sabotage (e.g., Stuxnet), or to extort payment (CryptoLocker). ‘Malware’ is an umbrella term used to refer to a variety of forms of hostile or intrusive software, including computer iruses, worms, Trojan horses, ransomware, spyware, adware, scareware, and other malicious programs. It can take the form of executable code, scripts, active content, and other softwware. Malware is often disguised as, or embedded in, non-malicious files. As of 2011 the majority of active malware threats were worms or Trojans rather than viruses.
Spyware or other malware is sometimes found embedded in programs spplied officially by companies, e.g. downloadable from websites, that appear useful or attractive, but may havem for example, additional hidden tracking functionality that gathers marketing statistics. An example of such software, which was described as illegitimate, is the Sony rootkit, a Trojan embedded into CDs sold by Sony, which silently installed and concealed itself on purchasers’ computers with the intention of preventing illicit copying; it also reported on users’ listening habits, and unintentionally created vulnerabilities that were exploited by unrelated malware.
Software such as anti-virus, anti-malware, and firewalls protect against activity identified as malicious, and help recovery from attacks.
Virus vs. Worm
The best-known types of maleware, viruses and worms, are known for the manner in which they spread, rather than any specific types of behavior. THe term computer virus is used for a program that embeds itself in some other executable software (including the operating system itself) on the target system without the user’s consent and when that is run causes the virus to spread to other executables. On the other hand, a worm is a stand-alone malware program that actively transmits itself over a network to infect other computers. These definitions lead to the observation that a virus requires the user to run an infected program or operating system for the virus to spread whereas a worm spreads itself.
Spyware: Spyware can capture Information like Web browsing habits, e-mail messages, usernames and passwords, as well as credit card Information. lf left unchecked, the software can transmit this data to another person’s computer over the Internet.
Adware: Adware, or advertising-supported software, ls any software package which automatically plays, displays, or downloads advertisements to a computer. These advertisements can be in the form of a pop-up. The aim of adware is to generate revenue for lts author.
Keyloggers: A keylogger is a program that records the keystrokes on a computer. lt does this by monitoring a user’s input and keeping a log of all keys that are pressed. The log may be saved to a file or even sent to another machine over a network or the Internet.
Screenscrapers: Screen scraping generally refers to the practice of reading text data from a computer display by making screen shots at programs.
Botnets: A botnet is a network of computers that are controlled from a single source. While some botnets are used for legitimate duster computing purposes, most botnets are created for malicious activity.
Viruses: They are malicious little programs that can create flies, move flies, erase flies, consume your computer’s memory, and cause your computer not to function correctly.
Worms: A computer worm is a type of virus that replicates itself, but does not alter any flies on your machine. However, worms can still cause havoc by multiplying so many times that they take up all your computer’s available memory or hard disk trojan horses:
Trojan-Horses: … are software programs that masquerade as regular programs, such as games, disk utilities, and even antivirus programs. But if they are run, these programs can do malicious things to your computer.
Rootkits: A rootkit is a group of software programs and files designed to gain unauthorized root access to a computer. Root access gives a user full administrative privileges, which includes installing software, running programs, and moving and deleting files. Additionally, rootkits often run scripts designed to hide the unauthorized activity. rootkits are hard to detect