Malware: Worms, Trojans, and Viruses
Malware is an abbreviated term for "malicious software". It refers to any software that is designed to specifically disrupt or damage a system. Malware includes such things as worms, Trojan horse, and viruses.
A Trojan horse is a program that appears to be useful or at the very least harmless. However, it has been designed to contain hidden code to exploit or damage a computer system. A Trojan horse neither replicates nor copies itself, but performs some illicit activity when it is run. It stays in the computer doing its damage or allows somebody from a remote site to take control of the computer.
There are other terms that are associated with Trojan Horses: Remote Access Trojans, and Rootkits. Remote Access Trojans are commonly referred as backdoors. They allow someone else to control your computer from a remote location. A rootkit is a collection of software programs that once installed allow someone to gain unauthorized remote access to your computer
A self-contained program (or set of programs) that is able to spread copies of itself to other computer systems. A worm can consume network or local system resources. They can cause a denial of service attack. A worm may also deliver other malware such as keyloggers in addition to spreading itself.
A virus is a program code that can cause damage to hardware, software or data. Virus code is usually buried within the code of another program (file, document or boot sector of a disk) and once executed it will attempt to replicate itself by infecting other hosts across the network. Some times viruses are used to deliver other types of malware such as a Trojan horse.
How Malware spreads
There are many different methods that malware will attempt to use to infect computer systems:
Remote vulnerability exploit:
This occurs when a piece of malware attempts to gain access to a computer system by exploiting vulnerability in a service or an application. This is seen in worms.
Email is an easy way for attackers to transport Malware to hundreds of thousands of people. It is very easy to trick users into opening e-mails or opening e-mail attachments using social engineering techniques.
Network files systems with poorly implemented security produces an environment where malware can spread to a large number of computer.
This means of transport started with floppy disk and has spread to such devices as Universal Serial Bus(USB) and Firewire devices.
: Malware writer use this mechanism to scan networks for vulnerable computers that are susceptible to remote exploits.
Peer-to-peer (P2P) networks
- Users install a client component that makes their file system accessible to other computers across the network.