Brush Up on Your Malware Knowledge

malware brush up Brush Up on Your Malware KnowledgeEver heard the terms Trojan horse, or keylogging? I thought so, here are two lists of malware, one of the more commonly known types and one of not so commonly known types.

Commonly known malware

Worm – these are the little viruses that get into your computer and change or delete the data. These are usually responsible for slowing down your computer. Origin of term: Xerox Palo Alto Research Center 1979

Trojan Horse – These guys disguise themselves as harmless files to infiltrate your PC. The idea of a Trojan Horse is to open a side door in your PC to let in viral infections or to allow a second party to control your PC without your knowledge. Origin of term: MIT hacker Dan Edwards.

Phishing – This is one of the really nasty online crimes. The end game of phishing is identity theft the ones doing the phishing are after your personal details especially your bank account number. They reach out to people through fraudulent emails or bogus websites. Origin: scammers looking to steal AOL account.

Script Kiddies – This is a term used by experienced hackers to describe amateur hackers (who are usually young). A script kiddy will use hacking techniques that are considered cheap and easy to hack vulnerable networks. The outcomes of this type of hacking can often be more dangerous than was planned. Origin of term: Marcus Ranum

Keylogging – The malignant use of this software is to log the keys you press on your keyboard, obviously to record passwords and other sensitive data. Origin: Perry Kivolowitz, 1983.

Social Engineering – If you can get someone to give you security information (such as an employee ID and password to a company network) you can then roam deep into the network, manipulating and stealing what you want.

Crapware – Basically crap software that takes up space on your hard drive. Have you bought a new PC recently? Did it come with some crap programs that you will never use? These programs are Crapware. Origin of term: Marc Orchant.

The malware mentioned above is just some of the malicious software you have to dodge, below are some more. The Internet can really be a mine field.

Not so commonly known malware

Smishing – It’s the same as phishing but through SMS. In a phishing scam you would receive an email with a hyperlink linked to some malware that corrupts your phone. Origin of term: David Rayhawk.

Botnet (Zombie PCs) – If you followed the recent hacking news you would know that the hacker group ‘the anonymous’ used this technique in support of Julian Assange and Wikileaks. This software is used to control a PC in order to send emails containing malware or to, as in the case of ‘the anonymous’ to make DoS attacks. The owner will see no obvious effects of the malware (i.e. slowing of computer speed), the computer acts like a sort of zombie.

BlueBugging – This is simply sucking up data through bluetooth on mobile phones. Some people leave on their bluetooth which means a hacker can access their text, make calls and pretty much do what they want inside the phone. This is however, not something that is done online and the hacker must be within 10 meters of the victim.

Pod Slurping – If a hacker wanted to grab data from a PC quickly and easily they could use this technique. All you simply do is plug in an iPod or other portable USB device and it will automatically download data from the PC onto its hard drive even if that data is behind a firewall. This is definitely a growing risk for companies, portable USB devices are getting physically smaller and are able to hold more data all the time.

Ransomware – I was victim to this once. This is when a virus gets inside your computer and makes it unusable. The virus will then pop up a message asking you to pay to get the use of your computer back. Origin: Dr. Joseph Popp.

Scareware – I’m sure most people have seen this at some time. This is when a website pops up a window that is running a fake scan. The scan will finish (the results of the scan will show that you computer is highly infected) and will inform you that you need to purchase the full program in order to fix all the issues on your PC. Look out for System Secuirty, Anti-Virus 2010 and Registry Cleaner XP, these are all scareware.

Sidejacking – Every time you access one of your online accounts (such as email, social network etc) a session-id is created. This session-id is stored in a URL or more often in a HTTP cookie. A hacker can access this session-id and thus access the specific account. Origin: Robert Graham.

Black Hat – A black hat hacker can break computer security without authorisation and then uses his/her access for reasons such as vandalism, credit card fraud, identity theft and piracy.

White Hat – If the black hat hacker is the baddie then the white hat hacker is the goodie. The white hat hacker attempts to hack into a network, if they succeed they will make a report and present it to network owners. The network owners can then go about fixing that problem.