Skip to main content

MALWARES

Malware, short for malicious software, is an umbrella term used to refer to a variety of forms of hostile or intrusive software, including computer viruses, worms, trojan horses, ransomware, spyware, adware, scareware, and other malicious programs. It can take the form of executable code, scripts, active content, and other software.

Malware is defined by its malicious intent, acting against the requirements of the computer user - and so does not include software that causes unintentional harm due to some deficiency. 

Programs supplied officially by companies, can be considered malware if they secretly act against the interests of the computer user.

An example is the Sony rootkit, a Trojan embedded into CDs sold by Sony, which silently installed and concealed itself on purchasers' computers with the intention of preventing illicit copying; it also reported on users' listening habits, and unintentionally created vulnerabilities that were exploited by unrelated malware.

Software such as anti-virus and firewalls are used to protect against activity identified as malicious, and to recover from attacks. The best-known types of malware, viruses and worms, are known for the manner in which they spread, rather than any specific types of behavior.

The term computer virus is used for a program that embeds itself in some other executable software (including the operating system itself) on the target system without the user's consent and when that is run causes the virus to spread to other executables.

On the other hand, a worm is a stand-alone malware program that actively transmits itself over a network to infect other computers. These definitions lead to the observation that a virus requires the user to run an infected program or operating system for the virus to spread, whereas a worm spreads itself.

Malware exploits security defects (security bugs or vulnerabilities) in the design of the operating system, in applications (such as browsers, e.g. older versions of Microsoft Internet Explorer supported by Windows XP), or in vulnerable versions of browser plugins such as Adobe Flash Player, Adobe Acrobat or Reader, or Java SE. Sometimes even installing new versions of such plugins does not automatically uninstall old versions. Security advisories from plug-in providers announce security-related updates. 

Common vulnerabilities are assigned CVE IDs and listed in the US National Vulnerability Database.

Malware authors target bugs, or loopholes, to exploit. A common method is exploitation of a buffer overrun vulnerability, where software designed to store data in a specified region of memory does not prevent more data than the buffer can accommodate being supplied. Malware may provide data that overflows the buffer, with malicious executable code or data after the end; when this payload is accessed it does what the attacker, not the legitimate software, determines. 

Early PCs had to be booted from floppy disks. When built-in hard drives became common, the operating system was normally started from them, but it was possible to boot from another boot device if available, such as a floppy disk, CD-ROM, DVDROM, USB flash drive or network. It was common to configure the computer to boot from one of these devices when available. Normally none would be available; the user would intentionally insert, say, a CD into the optical drive to boot the computer in some special way, for example, to install an operating system. Even without booting, computers can be configured to execute software on some media as soon as they become available, e.g. to autorun a CD or USB device when inserted.

Malicious software distributors would trick the user into booting or running from an infected device or medium. For example, a virus could make an infected computer add auto runnable code to any USB stick plugged into it. 

Anyone who then attached the stick to another computer set to autorun from USB would in turn become infected, and also pass on the infection in the same way. More generally, any device that plugs into a USB port - even lights, fans, speakers, toys, or peripherals such as a digital microscope - can be used to spread malware. Devices can be infected during manufacturing or supply if quality control is inadequate.

This form of infection can largely be avoided by setting up computers by default to boot from the internal hard drive, if available, and not to autorun from devices. Intentional booting from another device is always possible by pressing certain keys during boot.

Older email software would automatically open HTML email containing potentially malicious JavaScript code. Users may also execute disguised malicious email attachments and infected executable files supplied in other ways. 
Labels:

Comments

Post a Comment

Popular posts from this blog

Google - 7 Wonderful Apps.

1. Android Device Manager: If your Android smartphone is lost somewhere then Android Device Manager will help you find it. This app tracks your phone and can help you recover lost or stolen phones. Not only can this, through this you remotely reset your handset to factory even if you have already configured this functionality.  2. Google Authenticator: If you use Two-Factor Authentication, then this app is essential for you. Through this app two accounts with accounting authentication can be easily applied. The most important thing about this is that it also works offline for many Google devices. 3. Gesture Search: With this app, you can access apps from settings to skin gestures. Your search will be refined and you will add more gestures. So if you hate typing then the gesture will work.  4. Google Keep: Through this app, you can create notes on the go anywhere. There's a lot of color-coded notes, quick to-do lists, reminders ... a lot. And since all of these
Post a Comment
Read more

HIGHLIGHTED NEWS

1. Made in India micro circuit boards     The centre for Materials for Electronic Technology (C-MET) Thrissur, has developed low cost microwave printed circuit boards.The boards are required in strategic applications such as space, defence, and atomic energy.    2. SC allows centre to replace MCI The Supreme Court allowed the centre to replace the oversight committee set up to supervise the functioning of the medical council of India with a fresh panel of 5 eminent doctor. A 5 judge constitution bench headed by chief justice J S hehar said that the centre had proposed the name of five eminent doctors to replace the oversight committee. 3. Website for home buyers SBI has launched SBI Realty a one stop integrated website www.sbirealty.in for home buyers. It will help customers to choose their dreams home form 3,000 SBI approved projects across the country. 4. Future of Indian Universities President Pranab Mukherjee was handed over the copy of the book'Future o
Post a Comment
Read more