March 11th, 2010
Other Types Of Malware:
- Hijacker: These programs are appropriated for navigation applications in the network (especially browsers) and cause the automatic opening of undesirable web pages.
- Rootkit: Rootkits are usually composed of a driver and, sometimes, from the modified copies of programs normally present in the system. Rootkits are not harmful in itself but whose function is to conceal, both for the user that programs such as antivirus, the presence of particular files or system settings are then used to hide spyware and Trojans.
- Rabbit: The rabbit are programs that exhaust the resources of the computer by creating copies of them (in memory or on disk) at high speed.
- Adware: Software programs that you have advertisements during use, compared with a reduced rate or nil risk which can cause damage and slow down your PC. Privacy risks as communicate surfing habits to a remote server.
- Batch: Batch is the so-called “virus amateur. Files are not always dangerous because there are many far from malicious batch file, the problem comes when a user decides to create one that executes the command to format the PC (or other harmful things) the user that is sent file. Does not open automatically, you must open it, so given that the virus does not find the batch files as dangerous and always helpful to ensure that the source who sent you the file is trusted, or open it with notepad to test whether his dangerousness. But we must also say that there are ways to disguise and make them look Batch exe files, increasing the weight to allay suspicion. The use of this particular “malware” is often recurrent in Cyberbullying.
- Keyloggers: Keyloggers are programs that can record everything a user types on a keyboard or by copying and pasting thus making it possible to steal passwords or data that may be of interest to someone else. The difference with adware is that the computer does not notice the presence of keyloggers and the program does not cause slowdown of the PC, going so totally unnoticed. Generally, the keylogger is installed on your computer from trojans or worms, in other cases, the keylogger is installed on your computer by another person who has access to a PC or via remote access (which allows a person to control another PC from his own PC via a program) or in person, so stealing data and password.
- Rogue Antispyware: Malware pretends that a program for PC security, forcing users to purchase a license of the program.
In common usage the term virus is used as a synonym for malware and the misunderstanding is fueled by the fact that anti-virus to detect and remove other types of malicious software in addition to the virus as such.
Note that a malware is characterized by the misconduct of its creator, so do not fall within the definition programs contain bugs, which are the norm even when it is observed on a best effort in the development of software.
Criminal Activities Related To Malware
The legislation on malware is extremely variable depending on countries and is constantly evolving. In general, if viruses, worms and trojans are illegal in almost every part of the world you can not say the same for other categories. Dialers program in particular is legal in itself, so that any modern operating system contains at least one. The ambiguity is worsened by the fact that most software is located on the boundary that separates a true malware from a program maybe annoying but not harmful.
Currently, malware (including trojans and worms and spyware, and malware) are used to send large amounts of files requested by the user, the latter are usually sold to spammers. There is a real black market linked to malware than the trading of personal information, you can purchase the use of infected computers, which can be used for its own purposes and without the knowledge of owners, a certain amount (in order of thousands) of computers controlled remotely via a backdoor.
Study: From Wikipedia, the free encyclopedia. The text is available under the Creative Commons.
Tags: categories of malware, malware, what is malware
Posted in Web Security | No Comments »
March 11th, 2010
What Is Malware?
Malware is defined as any software created with the sole purpose of causing more or less serious damage to the computer on which it runs. The term comes from the contraction of the words malicious and software, and therefore the literal meaning of “program evil”, is also known as malicious code.
The spread of such software is constantly increasing. It is estimated that in 2008 only one year on the Internet are shot about 15 million of malware, including those circulated between the months of January and August are the sum of the previous 17 years, and these numbers will likely increase.
Categories Of Malware
Are distinguished several categories of malware, though often these programs are composed of several parts interdependent, and therefore belong to more than one class. Furthermore, given the rapid developments in this field, the classification presented below is not to be exhaustive.
- Virus: they are pieces of code that spreads by copying itself into other programs, or in a particular section of the hard drive in order to be executed each time the infected file is opened. A virus program travels from one computer to another via the movement of infected files by users.
- Worm: they do not need malware to infect other files to spread, because changing the operating system of the host machine to be executed automatically, and groped to replicate using mostly the Internet. To induce you to run them using social engineering techniques, or exploiting the defects (bugs) of some programs to spread automatically. Their purpose is to slow down the system with useless or harmful operations.
- Trojan horses: software that besides having the functionality “lawful”, useful to induce you to use, contain malicious instructions that are executed without the user. Not have auto-replication, so spread must be knowingly sent to the victim. The name comes from the famous Trojan horse.
- Backdoor: literally “back door”. Are programs which allow unauthorized access to the system you are running. Typically spread in combination with a trojan or a worm, or are a form of emergency access to a system, for example to cater for the recovery of a forgotten password.
- Spyware: Software that is used to gather information from the system on which they are installed and to transmit to a beneficiary. Information carp may go up from surfing habits to passwords and encryption keys for a user.
- Dialer: these programs are responsible for managing the connection to the Internet via the normal telephone line. Malwares are quite dangerous programs as they are used in fraudulent manners, changing the number dialed by the connection with a default set rates in order to reap illegal profits without your knowledge.
Continued…
Tags: categories of malware, malware, what is malware
Posted in Web Security | No Comments »
March 11th, 2010
What Is “Backdoor” Virus?
In software, a backdoor virus is a feature unknown to the legitimate user, which gives access to the secret software. The introduction of a backdoor in software unknown to the user changes the software in Trojan.
Virus Techniques
A backdoor can be made either by the software developer, or by one third. A person familiar with the backdoor can be used to monitor the activities of the software, or gain control (for authentication bypass). Finally, depending on the extent of rights that provides operating system software contains the backdoor, control may extend to all operations of the computer.
The widespread networking of computers makes back-doors much more useful than when physical access to the computer was the rule. Among the reasons leading software developers to create backdoors, there are:
- The practical easily accessible and always open the software to efficiently conduct maintenance actions;
- The ability to disable the software surreptitiously in case of disagreement with his client (non-payment of license).
Among the reasons leading hackers to install a backdoor:
- The ability to monitor what the legitimate user and copy or destroy data with a value (passwords, private key to decrypt messages private banking information, trade secrets);
- The ability to take control of a computer and can use it to carry out evil actions (sending spam, including phishing, viruses, denial of service);
- Control of a vast network of computers (see botnet) that can be used to blackmail the distributed denial of service (DDoS), or resold to criminals.
To install backdoors mass, hackers are using worms. They spread automatically and install a computer server on each infected computer. Then the attacker can connect to the Internet through a server.
A backdoor can be inserted by way of Easter egg, compiler or may take the form of a program like Back Orifice.
The case of the Unix C compiler: Trusting Trust
In 1984, the American computer scientist Ken Thompson described in his article Reflections on Trusting Trust, how it was possible to insert a backdoor in every compiled C programs on Unix. Moreover, as the updated versions of the compiler, which is nothing more than another program compiled, are compiled from existing C compiler, the algorithm for inserting the backdoor would is transmitted from one update to another. So if this compiler back door had been “released into the wild” at the origin, then any C compiler would insert backdoors possibly today.
Note that this backdoor in every compiled C programs never appear in the source code in C. The term trust (to trust) is that the original C compiler is considered by its user as a black box trustworthy.
For a programmer who does not understand the operation of such a compiler, but he trusted it would be difficult to imagine a program that he himself has written and compiled, contains a backdoor.
Interbase
A backdoor was discovered in the system management database Interbase January 10, 2001 at the opening of source code from the publisher, Borland. It was enough to enter the username “politically” and the password “correct” to connect administrator. The flaw existed since 1994.
GNU / Linux
In November 2003, a backdoor was found in GNU / Linux. It was quickly detected, before a version of GNU / Linux is put into production. The backdoor has been grafted very synthetically: it consists of two lines of C language added to the function sys_wait4 file kernel / exit.ca”
The condition (current-> uid = 0) is supposed to be read by a reader as a particularly naive comparison “if the user ID of the process is 0 (root)” but actually means in C allocation “number User process becomes 0 (root). The result is that if this function sys_wait4 () was called with fake parameters __WCLONE | __WALL, the process took the identity of root, the level of user with maximum access rights.
This change was designed to take advantage of confusion between various programming languages, where the symbol of comparing two values is the sign = (Pascal, Ada, ML etc.) and others where it is the double equal == who plays this role (C, C + +, Java etc.), the equals sign signifying an assignment of a value to a given.
This change was unlikely to pass unnoticed, as this type of error is very compatible with the level of computer programmers working on the Linux kernel. The C language is the programming language most used in the systems of the Unix family, very few users would not let beginners take.
Moreover, the process of collective development of software (especially free software) requires that every change is validated, and it does so have a legitimate justification. Thus, any change, however small it is, appears in the last and raises legitimate questions if she does not have a clear rationale.
“Backdoor” In theaters
The scenario of the film WarGames is a backdoor. The developer of a military computer system inserts a backdoor in the form of a password undocumented leading thereto. This password also allows access to non-documented features of the program, which gives the system of arms control the appearance of a video game simulation war.
Study: From Wikipedia, the free encyclopedia. The text is available under the Creative Commons.
Tags: Virus Techniques, what is backdoor virus
Posted in Web Security | No Comments »
March 11th, 2010
Parades
Checking the web address in the address bar of your browser may not be sufficient to detect the fraud because some browsers do not prevent the address displayed at that location to be counterfeit. It is possible to use the dialog “page properties” provided by the browser to discover the true address of the wrong page.
A person contacted about an account to be “verified” should seek to resolve the problem directly with the company or visit the website by manually typing the address in their browser. Note that the banking companies never use email to fix a security issue with one of its customers. Generally, it is recommended to forward the message to suspected fraud or abuse (e.g., if the phishing concerns societe.com, it will usurpation@societe.com or abuse@societe.com), which will enable the company to investigate.
Be especially vigilant when it encounters an address containing “@” symbol, e.g., @ http://www.mabanque.com members.unsite.com /. This kind of address will attempt to connect the user as the user “www.mabanque.com” on the server “members.unsite.com. It is likely that this occurs even if the specified user does not really exist on the server, but this method the first part of the address seems to be entirely innocent (www.mabanque.com). Similarly, some attackers used the addresses of sites containing a typo, or sub-domains, such http://www.mabanque.com.unsite.net/.
Newer browsers such as Safari, Firefox, Opera and Internet Explorer 7, have a system to alert the user of the danger and ask him if he really wants to use such questionable addresses. Netscape 8 also incorporates technology to maintain a blacklist of dangerous sites of this type.
Anti-Spam filters also help protect the user of computer criminals by reducing the number of emails that users receive and who can be phishing. The software mail client Mozilla Thunderbird has a very efficient Bayesian filter (anti-spam filter auto-adaptive).
Fraud on online banks seek to obtain the login and password of the account holder. It is then possible fraudster to log onto the website of the bank and make transfers of funds to his own account. To guard against this type of fraud, most online banking sites no longer allow the user to enter himself the recipient of the account transfer: we must, in general, call a service the bank is only entitled to enter the payee’s account from a list of accounts. The telephone conversation is often recorded and can then be used as evidence.
Other banks use an enhanced identification, which locks access to transfers if the user does not have the correct key eight-digit applied randomly among the sixty-four he owns. If the key is correct, the user may make transfers online.
Example Of Phishing In The Past
Phishing attacks are usually directed at sensitive sites such as banking sites. The social networking sites are now also the target of these attacks. The profiles of users of social networks contain many private elements that allow hackers to insert themselves into the lives of people targeted and successfully retrieve sensitive information.
Study: From Wikipedia, the free encyclopedia. The text is available under the Creative Commons.
Tags: phishing, phishing on the internet, phishing terminology, what is phishing
Posted in Web Security | No Comments »
March 11th, 2010
What Is Phishing?
Phishing is a technique used by fraudsters to obtain personal information in order to perpetrate identity theft. The technique is to convince the victim that it is for a trusted third party – banking, government, etc. In order to elicit personal information: passwords, credit card number credit, date of birth, etc. It is a form of computer attack based on social engineering (information security). Phishing can be done by e-mail, spoofed Web sites or other electronic means.
Phishing Terminology
The English term phishing is a variant spelling of the word fishing it is a spelling variation of the same type as the term phreaking (replaced by f ph).
The term was coined by the “pirates” who tried to steal AOL accounts. It would be built on the English-speaking password harvesting fishing, be “fishing for passwords. An attacker posing as a member team AOL and send an instant message to one potential victim. The message asked the victim to enter his password to, for example, “Check his AOL account” or “confirm their account information. Once the victim had revealed the password, the attacker could access the account and use it for malicious purposes, such as sending spam.
Phishing on the Internet
Computer criminals typically use phishing to steal money. The most popular targets are banking online, and sites of auctions such as eBay or PayPal. Proponents of the phishing emails usually send a large number of potential victims.
Typically, messages sent and appear to emanate from a society worthy of confidence and are worded so as not to alarm the recipient so that it performs an action accordingly. An approach often used is to tell the victim that their account has been disabled due to a problem and that the reactivation will be possible only when action on his part. The message then provides a link that directs the user to a web page that looks like the real company site trustworthy. Happened on this page misleading, the user is prompted to enter confidential information which are then recorded by the criminal.
In 2007, these computer criminals have changed their technique, using a means of hacking attack called the man in the middle to collect confidential information given by the user on the site visited.
There are different variants to phishing. Note the spear phishing and in-session respectively phishing phishing targeting (including the use of social networks) and phishing session (based on pop-ups while browsing).
Continued…
Tags: phishing, phishing on the internet, phishing terminology, what is phishing
Posted in Web Security | No Comments »
|
|
|
| © 2003 - 2012 Storm Internet Ltd |
|
|
