There are many categories of malware but I will cover only
the popular and common one’s.
So don’t wasting time here are various types of malware:
Trojan
Trojan or Trojan horse name came from ancient Greek history,
Trojan horse allowed an army to sneak into highly guarded gate.
This is most common type of malware. Every malware that
tries to disguise itself as legitimate software can be categorized as Trojan. A
sophisticated Trojan horse can look and even perform like legitimate software
but in the background without user’s knowledge it can do its nasty activity.
For example, when you visit a site to download pirated movie it can ask you to
download latest flash player to play the movie when you download player it may
have player installer icon and may also download and install latest flash
player which usually is not the case. But in the background it downloads and
installed other malwares or steals user’s passwords.
Backdoor
Backdoor as the name implies is a program that provides
backdoor access to attacker. Once attacker compromises a system he usually
installs one or more backdoors to ensure future access to system. It’s a tool
that allows attacker to bypass normal security measures and gain access to
system whenever he wants.
Rootkit
Rootkit name came from UNIX root is used to represent
account at has access to all commands in short administrator account and kit
means bundle of software.
Rootkit is stealthy software designed to conceal presence of
itself and other components on the system. It can hide presence of file on file
system, registry keys, running processes, etc. depending upon its design.
Rootkits alter the execution flow of OS or manipulate its data set that OS uses
to accomplish its task. Most of the times rootkit functionality is used by
malware but it can also be used by legitimate software’s.
Bootkit
Bootkit is very similar to rootkit in functionality. Primary
difference between rootkit and Bootkit is that Bootkit starts early in booting
process of system even before Operating system’s critical components. Bootkit
modifies MBR (Master Boot Record) or VBR (Volume Boot Record) of system to
ensure its startup.
Virus
Virus or file infector is a malware that has the capability
to infect other files and replicate itself on system or shares. Virus requires
human intervention to propagate. Virus can be divided into many categories such
as Appender, Prepender, Cavity, etc. we will discuss in detail later. Some
viruses even overwrite and destroy files. But modern viruses do not corrupt or
destroy files and try to stay hidden as long as possible. First virus named
BRAIN was Written in January 1986 by two brothers, Basit Farooq Alvi and Amjad
Farooq Alvi, from Lahore, Pakistan.
Worm
Worm is capable of replicating across the network using
shares, e-mails, removable media, or internet using exploits. Unlike Virus Worm
does not require human intervention for replication they can replicate on their
own. When it infects a machine it scans other vulnerable systems. Its can scan
for vulnerable system using various custom algorithms. It can scan a specific
range of IP’s or try to generate IP’s for scan using IP of infected system.
Banker
Banker is used to steal users banking credentials or
automatically do fraudulent transactions from user side. As the primary motive
of today’s malware writers is to earn money Bankers are quite popular among
cybercriminals. Banker can target specific bank websites. It can sit in
background and wait for the user to open that banks website when user opens
bank website it starts its activity of capturing user’s banking credentials or
modifies webpage in real time to include other fields in website and ask for
additional information, user does to know and thinks legitimate bank website is
asking for information and fills asked information.
Key-logger
As the name implies key logger logs keyboard input it can
incept every keyword typed by user and sophisticated keyloggers can also log in
which application or window user typed that text, they can also differentiate
usernames and passwords and after capturing information they send this
information to attacker after regular intervals.
Spyware
Used spy on users activity. Can take screenshot of user
activity or may be able to record video. These can log visited site, opened
documents, played videos, etc.
Scareware
These scare the user and make him/her to pay money to
attacker or do something else. Fake security software and Ransomware come in
this category.
Rogue Software
Fake security
software displays fake warnings about viruses or errors in users system and
asks for registry it to clean those threats. Sometimes users pay them and they
just say threats cleaned but there were no threats ever except that rogue
software.
Ransomware/WinLocker
These are nasty ones; these lock the user out of system and
ask ransom to unlock system. Sometimes they even encrypt files or just say
files are encrypted but don’t actually encrypt files. Sometimes they pose to be
FBI or Other Police of some country and say illegal/Porn content found on your
system and ask to pay fine to unlock system. They may say that files will be
deleted within some short time and ask to pay ransom within that time to scare
user even more. Most of the times users having critical data fall for their
trick pay ransom.
Hoax
Hoax is not actually a malware it does not do any nasty
malicious activity it just fools the user to pay money to attacker. Attacker
wraps already freely available software in his installer when user tries to
install using that install that installer asks user to send SMS to premium
number or pay money to attacker to complete the install. Sometimes unaware
users pay for already freely available software.
Adware
Probably you have already guessed Adware’s display ads on
users system. They can display ads in notification area, as popups or insert
ads on websites visited by user and user thinks ads are displayed on website
he/she visited. And the profit of these ads goes to attacker.
Botnet
It’s similar to backdoor but it allows attacker to control
large number of computer from single point known as Command and control server.
Infected systems are known as bots or zombies and network of the systems is
called botnet. When system is infected it contacts Mothership/CnC server to get
commands. Attacker gives commands using CnC and commands are issued to all
bots. These can be used for DDos’ing(Distributed Denial of Service attacks), for
stealing information, for displaying ads, installing additional malware.
This comment has been removed by a blog administrator.
ReplyDeleteporn categories With so many books and articles coming up to give gateway to make-money-online field and confusing reader even more on the actual way of earning money,
ReplyDelete