Hans
Security
Magazine
Vol I

Grab It Now

Article

COUNT
317

Malware basics and classification

Posted On : Feb 20th 2017 by Mahendra Kshirsagar

Malware is malicious software developed to gain the unauthorized access, damage the computer or network. It can populate as a virus, spyware, Trojan, worm, Root kits etc. However, analysis of such malwares can be done with the few open source tools. Online sandboxes and multi-Antivirus platforms are good platforms for analysis and detection of such malware samples after detection. Virus total is open source service to scan malicious content. Advantage of scanning such file is to scan with the multiple antivirus products. Along with Virus total, Jotti and Novirusthanks are such antivirus platforms with the multi engine scanning platform. Attacks on the client applications are on the rise such as document viewers, web browsers, browser plugins, executables, shell codes, malicious URL’S. So, Detection & Remediation of such attacks needs specialized knowledge and additional tools is required along with the user awareness.

 

 

 

 

Below is the Classification of Few Malware:

 

Malware

Properties

Examples

Virus

Replicate itself to damage, alter / delete the data of your files, gain the access to system.

 Stealth virus , Polymorphic viruses, Multipartite viruses, Boot sector viruses, Master boot record viruses, Macro viruses Etc.

Trojans

Trojans don’t replicate themselves .Trojans open backdoor entry to your computer allowing malicious programs access to the computer

Remote access Trojans ,Proxy Trojans , FTP Trojans , DOS Trojans Etc

Spyware

Spyware gets installed into computer unknowingly while installing freeware program or application. Collect the information about the users ,computers ,browsing habits etc.

Browser Hijack,Adware,Profiling Cookies,Droneware,Web Bugs,Keyboard Loggers and Trackware

Worms

Worms are the malicious programs they copy themselves repeatedly on local drive, shared folders etc. worms spread by exploiting vulnerabilities in the operating systems.

User mode, internet worms, network worms,multivector worms

Logic
Bomb

Triggers a specific code on meeting conditions as per the logic written by owner.

Michelangelo

Backdoor

Backdoor is a security vulnerability that can be used to bypass security policies in the system it often Listens on certain ports so that the attacker can gain access through them later.

Conventional, , unconventional

Rootkit

Malicious programs to gain the administrative access that alters the OS functionality to hide them.

Firmware and hardware ,Hypervisor level,Bootkits,Kernel mode, User mode




courtsey : Amit Darange [ mailtoamit13 (at) Gmail (dot) com ]  


If you like this post, please like us on Facebook  too.

 

 

 

 

Powered By: ArdentInfotech.org