Common malware and countermeasures

Editor's Notes

• #3: MALWARE is basically a merge of two words. Malicious and Software.
• #4: Initially the term “Malware was used in the sense of computers” but as technology progressed , malwares made their way into the realms of cell phones and any other computing device , with a standard OS running into it . For example an interesting fact is that certain devices like a GPS mapping device , or a house security devices are also prone to specialized malware attacks , but are less common than the standard computer counterparts.
• #5: Malware is a broad term used for a Malicious Software and is as old as the Software itself. Without any technical details, any harmful piece of program is a malware. The way that particular malicious software / malware is designed to cause damage and spread into the system or network defines the type of malware. Much in same way as we define a Software as desktop based application, web application, web service, code executable etc. Similarly, malwares; based on their nature and affects, are defined into
• #6: VirusWormTrojan horseSpywarePhishingApart from the difference in these types, all malwares cause harm in one way or another.
• #7: Although the functionalities that a virus has were discovered way before ELK Cloner , these were never meant to harm data on a device , and were either appeared by an accident or were by-products of experimentations.An interesting fact about the ELK Cloner is that it was not actually intended to harm any computer , rather it was termed to be prank among students.
• #8: The main intention of the malware was to replace the booting label of a floppy disk , to replace by a message of their own.Just like Vandalism , they set the tracks for electronic vandalism. The brothers now run a legal and fruitful internet Service provider business , ironically called the “BRAIN TELECOMMUNICATION LIMITED”.Their message that they replaced with the booting message of a floppy device was “Welcome to the Dungeon (c) 1986 Basit & Amjads (pvt) Ltd VIRUS_SHOE RECORD V9.0 Dedicated to the dynamic memories of millions of viruses who are no longer with us today - Thanks GOODNESS!! BEWARE OF THE er..VIRUS : this program is catching program follows after these messages....$#@%$@!!”
• #9: As time progressed , the aggressiveness of these malwares increased. Up until 1990s the malwares were restricted to college and university as pranks and jokes.The middle of the twentieth century , the malwares started affecting businesses and even damaged the hardware of the devices.After the millennium , Many websites were also attacked , hindering damage on the users of these webpages.Fraud and online hacking using malware for the purpose of financial theft boomed in the decade.Online Bank Hacking and Social engineering also increased.
• #10: Most experts termed the timeline as ERAs of Malware Evolutions.From 2000 till 2003 is termed as the era of the “WORM OUTBREAK” Focusing mostly on spreading Malwares.From 2004 till 2008 is termed as the era of the “WEB THREAT”. Focusing mostly on online financial thefts and frauds.Currently in 2013 , this era is considered to be the “SOCIAL ATTACKS ERA”
• #11: This era is based on the platform based malware attacks , as the social networks have provided the option of go-ready sensitive information of an unexperienced user online .
• #12: Simba.B : Root virus Responsible for gathering users financial Information and sabotaging data.Fake Alert.D. Trojan Malware responsible for data theft and data destruction.Ranson.BE78: Virus responsible for giving illegal access to a users database , to a hacker.Zbot.ANQ: Deadly virus responsible for corrupting important OS related registry files. This virus is specifically hard to detect.
• #13: Depicting the exponential increase in the evolution in malware from the years 2008 to 2010.<add some stats for 2013 OR just add a line here to state what is the %age increase of malware from 2010 to 2013 >
• #14: Without the proper knowledge , internet is not actually a safe place for a casual surfer.
• #15: The distinguishing feature of Virus is that it is programmed to replicate itself and spread in the computer and network by copying itself into neighboring files. It is not a standalone malware and needs to reside in computer files to replicateVirus usually affects the CPU cycles, corrupts the infected files, logs keystrokes , display error / spam messages on the computer screens or when you open a file and most harmful of all, it resides in the boot sector (called root kit virus) and never goes away unless a fresh copy of OS is installed. The Melissa virus, written by David L Smith in homage to a Florida stripper, was the first successful email-aware virus and inserted a quote from The Simpsons in to Word documents. Smith was later sentenced to jail for causing over $80 million worth of damage
• #16: Distinguishing feature of worm is that it is self replicating and does not need to reside in files to spread out. Usually it affects mostly Network services like bandwith by generating extra traffic or exploiting vulnerability of the networkMorris worm was the world’s first big time damaging worm that spread over the internet back in 1988One of the most recent worms is the Stuxtnet worm that started in 2012 to destroy the Iran’s nuclear system and is still to date active. Iran is trying to over come it
• #17: The concept of a trojan malware is stolen from the Trojan horse that was used to gain access into the city of Troy that was otherwise too strong to get into. Same concept applies. Malware is hidden in a ligit software piece or a file with a back door for the virus to attack. Users think it is a valid file and install it. Its main purpose is to gain a privileged access to the OS and then elicit the access into the systems and makes it its slave to do damages to other systems. Netbus was introduced in 1988 and makes windows machines its slaveZues steals information by keystroke logging and was introduced in 2007
• #18: Spyware is a malware program that gets installed on the computer through a file downloaded, game installed, email opened or installed on the computer by an attackerMainly it steals information: It logs all keystrokes, sends activity reports back to the hacker, monitors all traffic, copies data onto a remote computerVery hard to get rid of as they are hidden just like its hard to spot a spy amongst a friendly group of peopleSpyAnytime, CASE, GATOR are spywares that are readilyavaialble
• #19: Phishing is when some one wants to get credit card information or user ID passwords or other such information to gain access into a system, the person will pretend to be a legitimate receiver of that information by faking its identity. E.g a fake call made to the support team to say that “this is Mr smith’ and my password is expired and email is not working so please tell me my new password over phone” Fake emails are also common to trick users into clicking links and supplying user Ids which are cachted by the hackerA Common target today is social networking sites. In 2006 , a phishing emails tricked users of myspace to give out their user IDs and passwords
• #20: The best way to protect from Viruses is to ensure:Install and keep updated a good anti virus like Symmetric, nortronAlways scan USBs, DVDs before, preferably scan on another machine before plugging into your PCNever open emails or attachments that are not from a trusted sourceScan the emails and attachments specially if graphic filesAlways install software from their vendor’s original URLsWhen installing a new software, always scan it for virusesIf you know a usb is infected, or has been repeatedly plugged into a public network like a net cafe, never plug it inRemove unwanted files from computer as dormant files are trojansAlways re confirm source of an email and call asking for information
• #21: Always re confirm source of an email and call asking for informationFor worms affecting networks, have network monitoring and scanning enabledHave system logging enabled to track keyloggers. Although sometimes they delete logs as wellAlways have patched systems as few worms explout known vulerabilities in OSHave good security practices
• #22: As technology has progressed , we receive the ease of managing our finances online , on the go and mobile ; using our cell phones , which have also come under attack of a number of different malwares , specifically designed to spy on the user as he lives his life.
• #23: Trojan horses rank as the most number of malware attacks overall.<remove the date from the pic>
• #24: Install certified anti-virus and anti-spyware software in fresh copies of their OS.Do not accept random files from untrusted sources over the internet.Get the data drive Scan and analyzed by appropriate malware detecting soft-wares.Gaining basic knowledge , about how to operate several portable devices securely. (#Major reason of Malware Spread)Installing Basic internet Security Applications.