3. What is Malware?
Type of threats
“mal” refer to malicious and “ware’ refer to
Software
Malicious computer software or piece of
software
Damage or disturb system
Before 1990 malicious software was referred
to as computer viruses
Book : “art of computer virus research and
defense” by “Peter Szor”
6. Adware
Adware's have some purpose :
Advertising
Steal browser information
Adware example :
AbetterInternet
CoolWebSearch
ShopAtHomeSelect
7. Virus
Malicious computer program.
Without permission or knowledge of the user.
Attach to files.
Need to execute by user.
Some latest virus : I Love you, Melissa, Code Red, …
8. Worm
Standalone Malicious computer program.
All device that understand TCP/IP like router can infected.
Don’t need a host file for attach.
Self Replication.
Don’t need to execute by user.
Move over the network.
10. Spyware
Malicious computer program
Gather information and send for others
Tracking and storing Internet users' movements
Software / Hardware (key logger)
11. Trojan
Trojan refer to wooden horse that the Greeks used to enter the city of Troy
Malicious computer program
hide within seemingly harmless programs
Don’t be replicate by other files and computer
Trojan doing this :
Creating backdoors
Spying
Turn your computer into a Zombie
Delete / modify / block / copy Data
12. Rootkit
Malicious computer software or set of software
Rootkits are generally associated with other malwares (Trojans, worms, viruses).
Using some of the lower layers of the operating system than very difficult to detect
A rootkit active when a system boots up
Rootkits are most dangerous malware.
Don’t replicate to other file or computer
13. Backdoor
Access to a computer program that bypasses security mechanisms
Backdoor is :
A hidden part of program
A separate program
A hardware feature
Some of famous vendor use backdoor :
Fortinet, 2016
Juniper, 2015
Cisco et al, 2013
Borland InterBase backdoor, 2001
Barracuda
15. Ransomware
takes files on a PC or storage by encrypts them, and then extorts money to unlock the files.
Type of ransomware :
Encrypting ransomware (CryptoLocker, CryptoWall, …)
Locker ransomware (WinLocker, …)