Skip to main content

Malware

The main objective of this module is to provide you the knowledge about various types of malwares. This topic will covers Trojans, Virus, backdoor, worms and the way they works, spreads to the system from internet, their symptoms and their effects. This section will also guide and tell you how to protect the devices and assets from malware infection.

What is malware?
Malicious Software in short is called as Malware.

Malware is a can be a short program, code, software that has the power to interrupt or to disturb the normal processing of either a standalone computer or a group of computers connected together (Network) with the aim to fetch the important information or to keep the track of your activity or to provide the control of the computer to the attacker hands. The Virus, Backdoor, Trojans, RAT, Spyware, and Adware they all fall under the malware. The malware are designed only to cause harm to the computer. Some of the malware (Virus) are designed in such a way if they entered in the system can corrupt the operating system. 


The malwares are designed specially and used for:
·         Track the browsers activity & the websites visited.
·         Affecting the system performance and making it slow.
·         Corrupting the operating system &hardware.
·         Stealing important information.
·      Making the compromised system as a base for attacking other systems and also to carry the Dos attack.
·         For many more activity.

Different way a malware can get into a system.
·        Removable devices.
·        Attachments.
·       Internet browsing.
·        Visiting the game or porn sites.
·        Downloading freeware software.

How the system get infected by the removable devices.
·     The Autorun & Autostart is another way to infect a system while having physical access. Autorun is windows in build feature that if enable allows the executable (.exe) files to run automatically when a user inserts a DVD/CD in a DVD_ROM tray or when the USB device is inserted. The attacker can make the use of this to run a malware. Many people are not aware of this risk featured that’s why their machines are always vulnerable to Autorun malware.

The following is the content of Autorun.inf:
[autorun]
Open=setup.exe

How to turn off Autorun functionality:
·         Go to run.
·        Type gpedit.msc
·         If prompt for the administrator password provide it and click allow.
·      Under the Computer Configuration, expand Administrative Templates, expand windows Components and then click Turn off Autoplay Policies.
·         On in the right side double click to Turn off Autoplay.
·         Click Enabled and then select all drives in order to disable the Autorun on all drives.
·         Restart the computer.


 What techniques the attackers are using for spreading the malwares?
·         Phishing
Phishing is the popular form of cybercrime. It is the way of mimicking legitimate instruction or a fraudulent practice of sending emails purporting to be from reputable companies or a bank in order to induce individuals to reveal personal information, such as passwords and credit card numbers, online. If the email arrived to the mailbox and you clicked any of the attachment then sure your computer will get infected by malware.

·         Malvertising
Now day’s attackers founded a new way of spreading the malware by Malvertising i.e. advertisement laden with malware and the advertisement are displayed in a large numbers.

Trojans

This section includes the understanding concept of Trojan, Dangers created by Trojans, how they can come to your computer, how do they destroy you and your data. How many types of Trojans are there, how Trojans are attached behind other applications and finally the most important, Detection of Trojan on your computer and their prevention to safeguard your system and your data.

A Trojan is a malicious program. Trojans comes on the backs of other programs and are installed on a system without the User’s knowledge. Trojans are malicious pieces of code used to install hacking software on a target system and aid the Hacker in gaining and retaining access to that system. Trojans and their counterparts are important pieces of the Hacker’s tool-kit. Trojans is a program that appears to perform an undesirable function not needed by the user. These downloads are fake programs which seems to be a original application, it may be a software like monitoring program, system virus scanners, registry cleaners, computer system optimizers, or they may be applications like songs, pictures, screen savers, videos, etc..

You just need to execute that software or application, you will find the application running or you might get an error, but once executed the Trojan will install itself in the system automatically. Once installed on a system, the program then has system-level access on the target system, where it can be destructive. They can cause data theft and loss, and system crashes or slowdowns; they can also be used as launching points for other attacks against your system. Many Trojans are used to manipulate files on the victim computer, manage processes, remotely run commands, intercept keystrokes, watch screen images, and restart or shut down infected hosts.

The Trojan can enter to the system by clicking to the unknown attachments, opening the spam mails, visiting to the game or the porn sites.

The following malfunctions in the system are the symptom of system infected by Trojan:
·         The system will be slow.
·         The antivirus will be disabled.
·         The time & date of computer change.
·         Some time in between the system will freeze.
·         While working over the internet the new browser will open without clicking to it.
·         The mouse curser moves by itself.
·         The start bottom disappears.
·         The CD Rom drawer will open and close automatically.
·         Change in the color setting of operating system 


Comments

Popular posts from this blog

DoS Attack: - Don’t let your network to be a next victim

Understand the Dos Attack, how it can cause damage to the network.  Internet the network of a network was the wonderful result of many geniuses and intelligent guys who has changed the world totally. Now a day everyone is free to access the internet from any corner of the world and with any devices. It is not secure to surf on internet as the internet is now is the hub of infections like: - viruses, worms, attacks, malwares and most important the hackers. No one is secure if you are surfing on internet you must have to keep in mind what to do and what not to do then only you are secure otherwise not. Everything is now digitalized, no need to go anywhere sit at home and do what you want to do, if you want to pay the bills (electricity, telephone, mobile) pay it online, you want to do shopping go to online shopping site do it and get your product delivered at your footstep, you need to buy a electronics purchase online, why to go to bank to transfer money do it through intern...

Take Email Security seriously

Now a days Email or Electronic Mail has become the important part of entire organizations as well as per personal life, now a days 5-10 % are dependent or relays on postal mail. Approximate 1000’s of the mails are send & received by each of the organizations related to work as email has made our life easy, fast and convenient, we are  now able to get response of our mail within a second. Now a day’s as a technology is changing we have to take the security of our IT assets or resources seriously most important is of Email security. Now a days hackers are creative and they can create mail which look life professional mail (either from bank, form other organizations) asking for your personal details. Some hackers make a fraud mail which looks like professionals’ mail having the attachments photos or something else at the backend bind with virus so as soon you open the mail system got infected with virus and can be a risk to entire network. Organizations have to provide the aware...

Best Practice for securing the organization network.

The best and most important practice is the creation and enforcement of I.T security policies, there must also have the system specific rules to address the policies for the individual systems & data. The policies can address or point to any security controls from password to backup, applications to servers. The most important of all is the proper use of the I.T resources. Each and everyone in the organization must have to understand his responsibility, must use the I.T resources in a limit. All the I.T security policies or other policies have to be available in the organizations intranet. The best of all practice is to have DMZ (Demilitarized) zone . DMZ is logical network separating LAN ( Local Area Network ) from the Internet ( Untrusted Network. ). DMZ provides the extra layer of security as it restricts the attackers or someone else to access the internal servers and data via internet. Any service that is being provided to users on the Internet should be placed in the DMZ. T...