Friday, August 6, 2010


Malware, short for malicious software, is software designed to infiltrate a computer system without the owner's informed consent. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code. The term "computer virus" is sometimes used as a catch-all phrase to include all types of malware, including true viruses.

Software is considered to be malware based on the perceived intent of the creator rather than any particular features.

Malware includes computer viruses, worms, Trojan, spyware, dishonest adware, crimeware, most rootkits, and other malicious and unwanted software.

Malware is not the same as defective software, that is, software that has a legitimate purpose but contains harmful bugs.

Viruses, worms, Trojan, spyware, adware, crimeware & rootkits!

A computer virus is a computer program that can copy itself and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, including but not limited to adware and spyware programs that do not have the reproductive ability.
A true virus can spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a CD, DVD, or USB drive.
Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer. Some viruses do nothing beyond reproducing themselves.
Viruses are sometimes confused with worms and Trojan horses, which are technically different.
A worm can exploit security vulnerabilities to spread itself automatically to other computers through networks, while a Trojan horse is a program that appears harmless but hides malicious functions. Worms and Trojan horses, like viruses, may harm a computer system's data or performance. Some viruses and other malware have symptoms noticeable to the computer user, but many are surreptitious or simply do nothing to call attention to themselves.

Spyware is any technology that aids in gathering information about a person or organization without their knowledge.

On the Internet (where it is sometimes called a spybot or tracking software), spyware is programming that is put in someone's computer to secretly gather information about the user and relay it to advertisers or other interested parties. Spyware can get in a computer as a software virus or as the result of installing a new program.

Data collecting programs that are installed with the user's knowledge are not, properly speaking, spyware, if the user fully understands what data is being collected and with whom it is being shared. However, spyware is often installed without the user's consent, as a drive-by download, or as the result of clicking some option in a deceptive pop-up window.

The cookie is a well-known mechanism for storing information about an Internet user on their own computer. If a Web site stores information about you in a cookie that you don't know about, the cookie can be considered a form of spyware. Spyware is part of an overall public concern about privacy on the Internet.


 1) Generically, adware  is any software application in which advertising banners are displayed while the program is running. The authors of these applications include additional code that delivers the ads, which can be viewed through pop-up windows or through a bar that appears on a computer screen. The justification for adware is that it helps recover programming development cost and helps to hold down the cost for the user.

Adware has been criticized because it usually includes code that tracks a user's personal information and passes it on to third parties, without the user's authorization or knowledge.

2) AdWare is also a registered trademark that belongs to AdWare Systems, Inc. AdWare Systems builds accounting and media buying systems for the advertising industry and has no connection to pop-up advertising, spyware, or other invasive forms of online advertising.

Crimeware is any computer program or set of programs designed expressly to facilitate illegal activity online. Many spyware programs, browser hijackers, and keyloggers can be considered crimeware, although only those used illicitly.

One common type of crimeware is the phishing kit, a collection of tools assembled to make it easier for people with little technical skill to launch a phishing exploit. A phishing kit typically includes Web site development software, complete with graphics, coding, and content that can be used to create convincing imitations of legitimate sites, and spamming software to automate the mass mailing process. Phishing kits and other types of crimeware are readily available on the Internet.

In a phishing exploit, the perpetrator sends spam purporting to be from a valid Web site, such as PayPal or eBay, asking the recipient to visit the site and update personal information. The e-mail may bear exciting or disturbing text in the subject line, maximizing the likelihood that the victim will open the message. When the victim clicks on a link in the message, they are taken to a fraudulent site that, typically, appears quite legitimate. There, the user is asked to provide sensitive information, such as credit card and bank account numbers and passwords, that can then be misused.

Other types of crimeware gather information illegally by surreptitiously installing a keylogger in your computer that will then record everything that is entered at the keyboard, including passwords and other privileged information. Periodically an associated Trojan horse program installed on your computer without your knowledge will send this privileged information to the crimeware originator.

The more sophisticated crimeware programs evade detection by most spyware scanning programs and will not be detected by most firewalls. Once stolen, the information can be accessed and exploited from anywhere in the world.

A rootkit is a collection of tools (programs) that enable administrator-level access to a computer or computer network. Typically, a cracker installs a rootkit on a computer after first obtaining user-level access, either by exploiting a known vulnerability or cracking a password. Once the rootkit is installed, it allows the attacker to mask intrusion and gain root or privileged access to the computer and, possibly, other machines on the network.

A rootkit may consist of spyware and other programs that: monitor traffic and keystrokes; create a "backdoor" into the system for the hacker's use; alter log files; attack other machines on the network; and alter existing system tools to escape detection.

A number of vendors, including Microsoft, F-Secure, and Sysinternals, offer applications that can detect the presence of rootkits. If a rootkit is detected, however, the only sure way to get rid of it is to completely erase the computer's hard drive and reinstall the operating system.

No comments:

Post a Comment