Mal Ware
Mal Ware
Mal Ware
or poor design are not classied as malware; for example some legitimate software written before the year 2000
had errors that caused serious malfunctions when the year
changed from 1999 to 2000 - these programs are not considered malware.
Software such as anti-virus, anti-malware, and rewalls
are used by home users and organizations to try to safeguard against malware attacks.[9]
As of 2012 approximately 60 to 70 percent of all active
malware used some kind of click fraud to monetize their
activity.[10]
1 Purposes
Beast, a Windows-based backdoor Trojan horse.
Backdoor 1.89%
Adware 2.27%
Spyware 0.08%
Others 1.18%
Worms 7.77%
Viruses 16.82%
Trojan horses
69.99%
Malware by categories
Many early infectious programs, including the rst Internet Worm, were written as experiments or pranks.
Today, malware is used by both black hat hackers
and governments, to steal personal, nancial, or business information[11][12] and sometimes for sabotage (e.g.,
Stuxnet).
risk against these threats. (These are most frequently de- and the Madrid Institute for Advanced Studies published
fended against by various types of rewall, anti-virus soft- an article in Software Development Technologies, examware, and network hardware).[14]
ining how entrepreneurial hackers are helping enable the
Since the rise of widespread broadband Internet ac- spread of malware by oering access to computers for a
cess, malicious software has more frequently been de- price. Microsoft reported in May 2011 that one in every
signed for prot. Since 2003, the majority of widespread 14 downloads from the Internet may now contain malviruses and worms have been designed to take control of ware code. Social media, and Facebook in particular, are
of tactics used to spread malusers computers for illicit purposes.[15] Infected "zombie seeing a rise in the number
ware to computers.[25]
computers" are used to send email spam, to host contraband data such as child pornography,[16] or to en- A 2014 study found that malware was increasingly
gage in distributed denial-of-service attacks as a form of aimed at the ever more popular mobile devices such as
smartphones.[26]
extortion.[17]
Programs designed to monitor users web browsing, display unsolicited advertisements, or redirect aliate marketing revenues are called spyware. Spyware programs 3 Infectious malware: viruses and
do not spread like viruses; instead they are generally inworms
stalled by exploiting security holes. They can also be
packaged together with user-installed software, such as
Main articles: Computer virus and Computer worm
peer-to-peer applications.[18]
Ransomware aects an infected computer in some way,
and demands payment to reverse the damage. For example, programs such as CryptoLocker encrypt les securely, and only decrypt them on payment of a substantial
sum of money.
4.1 Viruses
Main article: Computer virus
3
eect immediately and can lead to many undesirable ef- 5 Vulnerability to malware
fects, such as encrypting the users les or downloading
and implementing further malicious functionality.
Main article: Vulnerability (computing)
In the case of some spyware, adware, etc. the supplier
may require the user to acknowledge or accept its installation, describing its behavior in loose terms that may
In this context, and throughout, what is called the
easily be misunderstood or ignored, with the intention of
system under attack may be anything from a sindeceiving the user into installing it without the supplier
gle application, through a complete computer and
technically in breach of the law.
operating system, to a large network.
Various factors make a system more vulnerable to
malware:
4.3
Rootkits
4.4
Backdoors
ANTI-MALWARE STRATEGIES
Malicious software distributors would trick the user into 5.4 Use of the same operating system
booting or running from an infected device or medium;
Homogeneity: e.g. when all computers in a network
for example, a virus could make an infected computer add
run the same operating system; upon exploiting one,
autorunnable code to any USB stick plugged into it; anyone worm can exploit them all:[41] For example,
one who then attached the stick to another computer set
Microsoft Windows or Mac OS X have such a large
to autorun from USB would in turn become infected, and
share of the market that concentrating on either
also pass on the infection in the same way.[40] More gencould enable an exploited vulnerability to subvert
erally, any device that plugs into a USB port-"including
a large number of systems. Instead, introducing
gadgets like lights, fans, speakers, toys, even a digital
diversity, purely for the sake of robustness, could
microscopecan be used to spread malware. Devices
increase short-term costs for training and maintecan be infected during manufacturing or supply if quality
nance. However, having a few diverse nodes would
control is inadequate.[40]
deter total shutdown of the network, and allow those
This form of infection can largely be avoided by setting
nodes to help with recovery of the infected nodes.
up computers by default to boot from the internal hard
Such separate, functional redundancy could avoid
drive, if available, and not to autorun from devices.[40]
the cost of a total shutdown.
Intentional booting from another device is always possible
by pressing certain keys during boot.
Older email software would automatically open HTML 6 Anti-malware strategies
email containing potentially malicious JavaScript code;
users may also execute disguised malicious email attachments and infected executable les supplied in other Main article: Antivirus software
ways.
As malware attacks become more frequent, attention has
begun to shift from viruses and spyware protection, to
malware protection, and programs that have been specif5.3 Over-privileged users and over- ically developed to combat malware. (Other prevenprivileged code
tive and recovery measures, such as backup and recovery
methods, are mentioned in the computer virus article).
Main article: principle of least privilege
6.2
software scans all incoming network data for mal- is known to be good from schema denitions of the le
ware and blocks any threats it comes across.
(a patent for this approach exists).[50]
2. Anti-malware software programs can be used solely
for detection and removal of malware software that
has already been installed onto a computer. This
type of anti-malware software scans the contents of
the Windows registry, operating system les, and installed programs on a computer and will provide a
list of any threats found, allowing the user to choose
which les to delete or keep, or to compare this list
to a list of known malware components, removing
les that match.
As a last resort, computers can be protected from malware, and infected computers can be prevented from
disseminating trusted information, by imposing an air
gap (i.e. completely disconnecting them from all networks). However, in December 2013, scientists in Germany demonstrated that even this measure can be defeated.[55]
7 Grayware
See also: Privacy-invasive software
Grayware is a term applied to unwanted applications or
les that are not classied as malware, but can worsen
the performance of computers and may cause security
risks.[56]
It describes applications that behave in an annoying or
undesirable manner, and yet are less serious or troublesome than malware. Grayware encompasses spyware,
adware, fraudulent dialers, joke programs, remote access
tools and other unwanted programs that harm the performance of computers or cause inconvenience. The term
came into use around 2004.[57]
Another term, PUP, which stands for Potentially Unwanted Program (or PUA Potentially Unwanted Application),[58] refers to applications that would be considered unwanted despite often having been downloaded by
the user, possibly after failing to read a download agreement. PUPs include spyware, adware, fraudulent dialers.
Many virus checkers classify unauthorised key generators
Currently, no method is known for detecting hardware as grayware, although they frequently carry true malware
implants.
in addition to their ostensible purpose.
Some viruses disable System Restore and other important Windows tools such as Task Manager and
Command Prompt. Many such viruses can be removed by rebooting the computer, entering Windows
safe mode with networking,[46] and then using system
tools or Microsoft Safety Scanner.[47]
6.1.1
Known good
Typical malware products detect issues based on heuristics or signatures i.e., based on information that can be
assessed to be bad. Some products[48][49] take an alternative approach when scanning documents such as Word
and PDF, by regenerating a new, clean le, based on what
11
Malvertising
Academic research
REFERENCES
Computer insecurity
Cyber spying
Identity theft
Industrial espionage
Riskware
Security in Web applications
Social engineering (security)
Targeted threat
Web server overload causes
11 References
[1] Malware denition. techterms.com. Retrieved 26 August 2013.
[2] An Undirected Attack Against Critical Infrastructure
(PDF). United States Computer Emergency Readiness
Team(Us-cert.gov). Retrieved 28 September 2014.
[3] Dening Malware: FAQ. technet.microsoft.com. Retrieved 10 September 2009.
[4] stop badware Web site: What is badware?
[5] Evolution of Malware-Malware Trends. Microsoft Security Intelligence Report-Featured Articles. Microsoft.com.
Retrieved 28 April 2013.
[6] Virus/Contaminant/Destructive Transmission Statutes
by State. National Conference of State Legislatures.
2012-02-14. Retrieved 26 August 2013.
[7] "18.2-152.4:1 Penalty for Computer Contamination
See also
[11] Malware. FEDERAL TRADE COMMISSION- CONSUMER INFORMATION. Retrieved 27 March 2014.
Browser hijacking
[12] Hernandez, Pedro. Microsoft Vows to Combat Government Cyber-Spying. eWeek. Retrieved 15 December
2013.
10
[13] Kovacs, Eduard. MiniDuke Malware Used Against European Government Organizations. Softpedia. Retrieved 27 February 2013.
[34] Appelbaum, Jacob. Shopping for Spy Gear:Catalog Advertises NSA Toolbox. SPIEGEL. Retrieved 29 December 2013.
[37] Danchev, Dancho (18 August 2011). Kaspersky: 12 different vulnerabilities detected on every PC. pcmag.com.
[40] CNet: USB devices spreading viruses - Defense Department suspends use of USB drives as experts warn of USBrelated virus outbreaks, 21 November 2008
[26] Suarez-Tangil, Guillermo; Juan E. Tapiador, Pedro PerisLopez, Arturo Ribagorda (2014). Evolution, Detection
and Analysis of Malware in Smart Devices. IEEE Communications Surveys & Tutorials.
Britan-
12
12
External links
EXTERNAL LINKS
13
13.1
Malware Source: http://en.wikipedia.org/wiki/Malware?oldid=632585655 Contributors: LC, Mav, The Anome, PierreAbbat, Paul, Fubar
Obfusco, Heron, Edward, Michael Hardy, David Martland, Pnm, Liftarn, Wwwwolf, Shoaler, (, CesarB, Ellywa, DavidWBrooks, CatherineMunro, Angela, Darkwind, Ciphergoth, Stefan, Evercat, GCarty, Etaoin, RodC, WhisperToMe, Radiojon, Tpbradbury, Bevo, Spikey,
Khym Chanur, Finlay McWalter, Rossumcapek, Huangdi, Riddley, Donarreiskoer, Pigsonthewing, Fredrik, Vespristiano, JosephBarillari, Postdlf, Rfc1394, KellyCoinGuy, DHN, Mandel, Lzur, David Gerard, Centrx, Fennec, Laudaka, Akadruid, Jtg, CarloZottmann,
Mintleaf, Everyking, Dratman, Mboverload, AlistairMcMillan, Matt Crypto, ChicXulub, Noe, Salasks, Piotrus, Quarl, Rdsmith4, Mikko
Paananen, Kevin B12, Icairns, TonyW, Clemwang, Trafton, D6, Monkeyman, Discospinster, Rich Farmbrough, Guanabot, Vague Rant,
Vsmith, Sperling, Night Gyr, Sc147, JoeSmack, Elwikipedista, Sietse Snel, EurekaLott, One-dimensional Tangent, Xgravity23, Bobo192,
Longhair, Billymac00, Smalljim, Cwolfsheep, KBi, VBGFscJUn3, Visualize, Minghong, Hfguide, Espoo, Alansohn, Mickeyreiss, Tek022,
Patrick Bernier, Arthena, T-1000, !melquiades, JereyAtW, Stephen Turner, Snowolf, Velella, GL, Uucp, Danhash, Evil Monkey, RainbowOfLight, Xixtas, Dtobias, Richard Arthur Norton (1958- ), OwenX, Mindmatrix, Camw, Pol098, Zhen-Xjell, Palica, Allen3, Cuvtixo, Elvey, Chun-hian, Jclemens, Reisio, Dpv, Ketiltrout, Rjwilmsi, Collins.mc, Vary, Bruce1ee, Frenchman113, PrivaSeeCrusade,
Connorhd, Yamamoto Ichiro, Andrzej P. Wozniak, RainR, FlaBot, Fragglet, Chobot, Bornhj, Bdelisle, Cshay, Gwernol, RogerK, Siddhant, YurikBot, Wavelength, RattusMaximus, Aussie Evil, Phantomsteve, Ikester, RussBot, DMahalko, TheDoober, Coyote376, Ptomes,
Wimt, Thane, NawlinWiki, Hm2k, Krystyn Dominik, Trovatore, Cleared as led, Coderzombie, Kingpomba, Ugnius, Amcfreely, Voidxor,
Tony1, Alex43223, FlyingPenguins, Chriscoolc, Bota47, Groink, Yudiweb, User27091, Tigalch, Flipjargendy, Romal, American2, Nikkimaria, Theda, Closedmouth, Abune, PrivaSeeCrusader, GraemeL, Crost, RealityCheck, Jaranda, Allens, Jasn, NeilN, Mhardcastle,
MacsBug, SmackBot, ManaUser, Mmernex, Hal Canary, Hydrogen Iodide, Bigbluesh, WookieInHeat, Stie, KelleyCook, Bobzchemist,
Ericwest, Ccole, Gilliam, Ohnoitsjamie, Skizzik, PJTraill, Larsroe, Appelshine, Father McKenzie, Jopsen, Thumperward, Pylori, Mitko,
Fluri, SalemY, Ikiroid, Whispering, Ted87, Janipewter, Audriusa, Furby100, Berland, JonHarder, Rrburke, DR04, Mr.Z-man, Radagast83, Cybercobra, Warren, HarisM, URLwatcher02, Drphilharmonic, DMacks, Fredgoat, Salamurai, Kajk, Pilotguy, Clicketyclack, Ged
UK, MaliNorway, CFLeon, Howdoesthiswo, Vanished user 9i39j3, Gobonobo, Robosh, Xaldafax, Nagle, Fernando S. Aldado, 16@r,
Andypandy.UK, Slakr, NcSchu, Ehheh, , Vernalex, Dl2000, Andreworkney, Fan-1967, Tomwood0, Iridescent, Dreftymac, NativeForeigner, Mere Mortal, UncleDouggie, Cbrown1023, Jitendrasinghjat, Astral9, Mzub, JForget, DJPhazer, Durito, FleetCommand,
Americasroof, Powerpugg, Wikkid, Hezzy, JohnCD, Kris Schnee, Jesse Viviano, Xxovercastxx, Kejoxen, Augrunt, Nnp, TheBigA, Cydebot, MC10, Besieged, Gogo Dodo, Pascal.Tesson, Medovina, Shirulashem, DumbBOT, Chrislk02, Optimist on the run, Kozuch, Drewjames, Jguard18, Tunheim, Legotech, Thijs!bot, Epbr123, Crockspot, Wikid77, Pstanton, Oldiowl, Technogreek43, Kharitonov, A3RO,
Screen317, James086, SusanLesch, Dawnseeker2000, Escarbot, AntiVandalBot, Widefox, Seaphoto, , SummerPhD, Quintote, Mack2, Golgofrinchian, JAnDbot, Mac Lover, Andonic, Entgroupzd, MSBOT, Geniac, Bongwarrior, VoABot II, Kinston
eagle, Tedickey, Sugarboogy phalanx, Nyttend, Rich257, Alekjds, 28421u2232nfenfcenc, LorenzoB, DerHexer, MKS, Calltech, XandroZ, Gwern, Kiminatheguardian, Atulsnischal, ClubOranje, MartinBot, CliC, Ct280, BetBot, R'n'B, LedgendGamer, J.delanoy, Svetovid, Phoenix1177, Herbythyme, A Nobody, Jaydge, Compman12, Fomalhaut71, Freejason, Demizh, HiLo48, Chiswick Chap, Kraftlos,
Largoplazo, Cometstyles, Tiggerjay, Robert Adrian Dizon, Tiangua1830, Bonadea, Jarry1250, RiseAgainst01, Sacada2, Tfraserteacher,
VolkovBot, Je G., Nburden, Wes Pacek, Philip Trueman, Teacherdude56, TXiKiBoT, Floddinn, Muro de Aguas, Zifert, PoM187, Reibot, Retiono Virginian, Jackfork, LeaveSleaves, Optigan13, Miketsa, BotKung, Wewillmeetagain, Tmalcomv, Blurpeace, RandomXYZb,
Digita, LittleBenW, Logan, Fredtheyingfrog, Adaviel, Copana2002, Tom NM, Nubiatech, LarsHolmberg, Sephiroth storm, Yintan, Calabraxthis, Xelgen, Arda Xi, Happysailor, Flyer22, Jojalozzo, Nnkx00, Nosferatus2007, Evaluist, Miniapolis, Lightmouse, Helikophis,
Correogsk, Stieg, Samker, Jacob.jose, BfMGH, Dabomb87, Ratemonth, Martarius, ClueBot, Muhammadsb1, NickCT, Vtor Cassol, The
Thing That Should Not Be, VsBot, Lawrence Cohen, Wysprgr2005, Frmorrison, Jwihbey, Sam Barsoom, Ottava Rima, Paulcmnt, Excirial, Jusdafax, Dcampbell30, Rhododendrites, Ejsilver26, WalterGR, Maniago, Jaizovic, Dekisugi, Xme, DanielPharos, Versus22, Johnuniq, Rossen4, DumZiBoT, Darkicebot, XLinkBot, BodhisattvaBot, DaL33T, Avoided, Sogle, Mifter, Noctibus, CalumH93, Kei Jo,
Addbot, Xp54321, Cxz111, Arcolz, Mortense, A.qarta, Otisjimmy1, Crazysane, TutterMouse, Ashton1983, CanadianLinuxUser, Leszek
Jaczuk, T38291, Noozgroop, CactusWriter, MrOllie, Download, LaaknorBot, Glane23, Ld100, AndersBot, Jasper Deng, Tassedethe,
Evildeathmath, Tide rolls, Teles, Gail, Jarble, Quantumobserver, Crt, Legobot, , Publicly Visible, Luckas-bot, Yobot,
Philmikeyz, WikiDan61, Tohd8BohaithuGh1, Ptbotgourou, Fraggle81, Evans1982, Gjohnson9894, Dmarquard, AnomieBOT, DemocraticLuntz, Rubinbot, Roman candles, IRP, Galoubet, RandomAct, Materialscientist, CoMePrAdZ, Crimsonmargarine, Frankenpuppy,
ArthurBot, Quebec99, Cameron Scott, Xqbot, TheAMmollusc, Mgaskins1207, Capricorn42, 12056, Avastik, Christopher Forster, Masonaxcte, S0aasdf2sf, Almabot, GrouchoBot, Monaarora84, Shirik, RibotBOT, PM800, Dougofborg, Luminique, Afromayun, Fingerz,
FrescoBot, Vikasahil, Mitravaruna, Wikipe-tan, Sky Attacker, PickingGold12, Wouldshed, TurningWork, Jonathansuh, Romangralewicz,
HamburgerRadio, Citation bot 1, SL93, Uberian22, Bobmack89x, Pinethicket, Idemnow, Vicenarian, Rameshngbot, RedBot, Overkill82,
Chan mike, Fumitol, Graham france, Javanx3d, FoxBot, Tgv8925, TobeBot, SchreyP, FFM784, Jesus Presley, Thestraycat57, Neutronrocks, Techienow, Lotje, Wikipandaeng, Dinamik-bot, Vrenator, Mirko051, Aoidh, KP000, Simonkramer, Tbhotch, Lord of the Pit,
DARTH SIDIOUS 2, Whisky drinker, Moshe1962, RjwilmsiBot, Colindier, Panda Madrid, Thunder238, Salvio giuliano, Enauspeaker,
EmausBot, John of Reading, WikitanvirBot, The Mysterious El Willstro, Porque123, Elison2007, SocialAlex, Connoe, AvicBot, Bollyje,
Dgd, Azuris, H3llBot, EneMsty12, Simorjay, Paramecium13, Tyuioop, Tolly4bolly, Cit helper, Coasterlover1994, Techpraveen, Shrigley,
Capnjim123, Ankitcktd, Ego White Tray, Mv Cristi, Pastore Italy, Corb555, Mark Martinec, ClueBot NG, Cwmhiraeth, Rich Smith, PizzaMuncherMan, Lzeltser, PwnFlakes, Matthiaspaul, MelbourneStar, Satellizer, Piast93, Steve dexon, MarsTheGrayAdept, Mesoderm, Widr,
Brandobraganza, Rubybarett, Calabe1992, BG19bot, Krenair, Harmonicsonic, Vagobot, Sailing to Byzantium, Maln98, PatrickCarbone,
Hopsmatch, MusikAnimal, Mark Arsten, Michael Barera, JZCL, 220 of Borg, BattyBot, JC.Torpey, Spazz rabbit, Cimorcus, Zhaofeng Li,
MahdiBot, Paully72, BYagour, Verzer, Antonio.chuh, ChrisGualtieri, Tech77, Hassim1983, Hnetsec, JYBot, Ghostman1947, Toeepot,
EagerToddler39, Dexbot, FTLK, Joshy5.crane, Dothack111, Skullmak, Webbanana1, Rajalakshmi S Kothandaraman, Salwanmohsen,
Lugia2453, Himanshu Jha 07, Frosty, SirkusSystems, Sourov0000, Corn cheese, Palmbeachguy, Gtangil, Dr Dinosaur IV, JimsWorld,
Flashgamer001, Camayoc, Msumedh, Kap 7, Nonsenseferret, Bio pox, Madsteve 9, Kogmaw, Tankman98, Olivernina, ExtraBart, 38zu.cn,
Mooman4158, DavidLeighEllis, Warl0ck, Ugog Nizdast, Melody Lavender, Swiftsectioner, Ginsuloft, Chris231989, Wi router rootkits, Ban embedded cpus for networks, JohnMadden2009, Someone not using his real name, Wi wiretapping, BornFearz, Dannyruthe,
Ajitkumar.pu, JaconaFrere, Vandraag, SnoozeKing, Newlywoos, Gatundr Burkllg, Alan24308, Worzzy, Lucius.the, MLP Eclipse, Stevebrown164, Andrdema, A4frees, 1anamada, AnastasiiaGS, Maxwell Verbeek, Shovelhead54, Spamero, Friendshipbracelet and Anonymous:
812
10
13
13.2
Images
File:Beast_RAT_client.jpg Source: http://upload.wikimedia.org/wikipedia/commons/9/9a/Beast_RAT_client.jpg License: Public domain Contributors: Own work Original artist: V.H.
File:Computer-aj_aj_ashton_01.svg Source: http://upload.wikimedia.org/wikipedia/commons/c/c1/Computer-aj_aj_ashton_01.svg
License: CC0 Contributors: ? Original artist: ?
File:Crystal_Clear_app_browser.png Source: http://upload.wikimedia.org/wikipedia/commons/f/fe/Crystal_Clear_app_browser.png
License: LGPL Contributors: All Crystal icons were posted by the author as LGPL on kde-look Original artist: Everaldo Coelho and
YellowIcon
File:Malware_statics_2011-03-16-en.svg
Source:
http://upload.wikimedia.org/wikipedia/commons/e/ec/Malware_statics_
2011-03-16-en.svg License: CC-BY-SA-3.0-2.5-2.0-1.0 Contributors:
Malware_statics_2011-03-16-es.svg Original artist: Malware_statics_2011-03-16-es.svg: Kizar
File:Monitor_padlock.svg Source: http://upload.wikimedia.org/wikipedia/commons/7/73/Monitor_padlock.svg License: CC-BY-SA3.0 Contributors: Transferred from en.wikipedia; transferred to Commons by User:Logan using CommonsHelper.
Original artist: Lunarbunny (talk). Original uploader was Lunarbunny at en.wikipedia
File:Question_book-new.svg Source: http://upload.wikimedia.org/wikipedia/en/9/99/Question_book-new.svg License: ? Contributors:
Created from scratch in Adobe Illustrator. Based on Image:Question book.png created by User:Equazcion Original artist:
Tkgd2007
File:Wiktionary-logo-en.svg Source: http://upload.wikimedia.org/wikipedia/commons/f/f8/Wiktionary-logo-en.svg License: Public domain Contributors: Vector version of Image:Wiktionary-logo-en.png. Original artist: Vectorized by Fvasconcellos (talk contribs), based
on original logo tossed together by Brion Vibber
13.3
Content license