hello friends! new(ish)!

Malware: Difference between revisions

From InstallGentoo Wiki v2
Jump to navigation Jump to search
>Se7en1
(Fix formatting)
>Se7en1
m (→‎See also: Change botnet (slang) link to actual botnet)
 
(5 intermediate revisions by the same user not shown)
Line 4: Line 4:
Viruses are programs designed with the singular purpose of giving someone's computer, device or network a bad day. Traditionally they were created with [[Data Destruction]] or Denial of Service attacks on a local network in mind. They would often make themselves known to a victim with boot errors or screen takeovers.
Viruses are programs designed with the singular purpose of giving someone's computer, device or network a bad day. Traditionally they were created with [[Data Destruction]] or Denial of Service attacks on a local network in mind. They would often make themselves known to a victim with boot errors or screen takeovers.


Today they are much more subtle and try to hide themselves completely. They also exhibit much more subtle behaviour such as siphoning login credentials or performing reconnaissance for further attacks. Viruses today often have significant financial backing from either organised crime or [[Wikipedia:Stuxnet |nation states]].
Today they are much more subtle and try to hide themselves completely. They also exhibit much more subtle behavior such as siphoning login credentials or performing reconnaissance for further attacks. Viruses today often have significant financial backing from either organized crime or [[Wikipedia:Stuxnet |nation states]].


Popular infections include Cryptolockers (viruses which encrypt your files and demand a [https://threatpost.com/hollywood-hospital-pays-17k-ransom-to-decrypt-files/116325/ bitcoin ransom] in exchange for the decryption key) and Remote Administration Tools (or RATs, which are commonly used to spy on victims through their own webcam).
Popular infections include Cryptolockers (viruses which encrypt your files and demand a [https://threatpost.com/hollywood-hospital-pays-17k-ransom-to-decrypt-files/116325/ bitcoin ransom] in exchange for the decryption key) and Remote Administration Tools (or RATs, which are commonly used to spy on victims through their own webcam).
Line 11: Line 11:


== Adware ==
== Adware ==
Adware refers to malware which displays advertising to it's victim. These range from "friendlier" things like an on-by-default browser toolbar installation as part of an unrelated piece of software's installation (e.g. Google Search Bar in a WinZip install) to nastier varities which will hijack browsers and popup ads without any mention of them being installed.
Adware refers to malware which displays advertising to it's victim. These range from "friendlier" things like an on-by-default browser toolbar installation as part of an unrelated piece of software's installation (e.g. Google Search Bar in a WinZip install) to nastier varieties which will hijack browsers and popup ads without any mention of them being installed.


Hardcore /g/entoomen and /tech/nicians consider any application which displays ads as adware (e.g. uTorrent).
Hardcore /g/entoomen and /tech/nicians consider any application which displays ads as adware (e.g. uTorrent).
Line 25: Line 25:
Malware removal is often done with an AntiVirus Scanner or Adware Removal tool, however in the post-[[Edward Snowden |snowden]] world these applications have come [http://www.theregister.co.uk/2015/10/06/google_zero_hacker_reports_remote_exec_hole_in_avast_antivirus/ under fire] for being [https://community.f-secure.com/t5/F-Secure-SAFE/14-antivirus-apps-found-to-have/td-p/55317 insecure].
Malware removal is often done with an AntiVirus Scanner or Adware Removal tool, however in the post-[[Edward Snowden |snowden]] world these applications have come [http://www.theregister.co.uk/2015/10/06/google_zero_hacker_reports_remote_exec_hole_in_avast_antivirus/ under fire] for being [https://community.f-secure.com/t5/F-Secure-SAFE/14-antivirus-apps-found-to-have/td-p/55317 insecure].


== See Also ==
===Fake antivirus software===
There is a type of virus that a user can get that emulates an Antivirus Suite. This primarily is designed to trick the gullible and tech-illiterate. If you're reading this site, you're hopefully smart enough to realize it is malware.
 
There are key traits to knowing if the antivirus software is a virus:
 
#Has the Antivirus Software been installed as a result of downloading an unrelated exe?
#Has the Antivirus Software been downloaded from a shady website, such as Brothersoft?
#Has the Antivirus Software prompted the user to upgrade their installed version?
#Has the Antivirus Software been made to emulate commonly-known software such as Windows Defender?
#Does the Antivirus Software claim to be part of your computer's preinstalled programs, and claims to have activated itself in response to a cyber attack?
 
This form of attack became incredibly popular in the mid-2000's, and while it seems to have been phased out it is still an attack vector. Common traits concerning viruses of this nature include changing the wallpaper to "SPYWARE HAS BEEN DETECTED ON THIS COMPUTER: RUN ANTIVIRUS SOFTWARE NOW", or something similar of that nature, disabling all external devices including the CD/DVD Drive and USB, and having numerous links to 1) malware, 2) malicious sites, and 3) malicious installed scripts. The reason for the final is for the virus software suite to pretend that this is the virus, and it exists to remove these things.
 
 
== See also ==
* [[Malware removal]]
* [[Botnet (Computer network)]]
 
== External links==
* The Internet Archive's [https://archive.org/details/malwaremuseum Malware Museum], which runs de-clawwed [[MS-DOS]] viruses in your browser.
* The Internet Archive's [https://archive.org/details/malwaremuseum Malware Museum], which runs de-clawwed [[MS-DOS]] viruses in your browser.
* [https://www.youtube-nocookie.com/watch?v=bKgf5PaBzyg How to remove McAfee Antivirus Software]


[[Category:Security]]
[[Category:Security]]
[[Category:Software]]
[[Category:Software]]
[[Category:Terms]]
[[Category:Terms]]

Latest revision as of 02:34, 23 January 2020

Malware is a catch-all term for unwanted and malicious software. This extends from 1980s viruses to modern day cryptolockers and adware.

Viruses

Viruses are programs designed with the singular purpose of giving someone's computer, device or network a bad day. Traditionally they were created with Data Destruction or Denial of Service attacks on a local network in mind. They would often make themselves known to a victim with boot errors or screen takeovers.

Today they are much more subtle and try to hide themselves completely. They also exhibit much more subtle behavior such as siphoning login credentials or performing reconnaissance for further attacks. Viruses today often have significant financial backing from either organized crime or nation states.

Popular infections include Cryptolockers (viruses which encrypt your files and demand a bitcoin ransom in exchange for the decryption key) and Remote Administration Tools (or RATs, which are commonly used to spy on victims through their own webcam).

In the late 90s/early 2000s widespread viruses would often make the nightly TV news, such as the ILOVEYOU virus. Today they are never mentioned.

Adware

Adware refers to malware which displays advertising to it's victim. These range from "friendlier" things like an on-by-default browser toolbar installation as part of an unrelated piece of software's installation (e.g. Google Search Bar in a WinZip install) to nastier varieties which will hijack browsers and popup ads without any mention of them being installed.

Hardcore /g/entoomen and /tech/nicians consider any application which displays ads as adware (e.g. uTorrent).

Methods of Infection

Most malware infections rely on user PEBKAC. Whether it's an email attachment to the "funniest jokes ever.doc.exe.bat", malicious websites exploiting unpatched browsers or simple user inattention during software installation.

For the discerning /g/entooman, adware infection is more likely to occur because of more general security problems such as out of date software with known exploits.

Malware Removal

Main article: Malware Removal.

Malware removal is often done with an AntiVirus Scanner or Adware Removal tool, however in the post-snowden world these applications have come under fire for being insecure.

Fake antivirus software

There is a type of virus that a user can get that emulates an Antivirus Suite. This primarily is designed to trick the gullible and tech-illiterate. If you're reading this site, you're hopefully smart enough to realize it is malware.

There are key traits to knowing if the antivirus software is a virus:

  1. Has the Antivirus Software been installed as a result of downloading an unrelated exe?
  2. Has the Antivirus Software been downloaded from a shady website, such as Brothersoft?
  3. Has the Antivirus Software prompted the user to upgrade their installed version?
  4. Has the Antivirus Software been made to emulate commonly-known software such as Windows Defender?
  5. Does the Antivirus Software claim to be part of your computer's preinstalled programs, and claims to have activated itself in response to a cyber attack?

This form of attack became incredibly popular in the mid-2000's, and while it seems to have been phased out it is still an attack vector. Common traits concerning viruses of this nature include changing the wallpaper to "SPYWARE HAS BEEN DETECTED ON THIS COMPUTER: RUN ANTIVIRUS SOFTWARE NOW", or something similar of that nature, disabling all external devices including the CD/DVD Drive and USB, and having numerous links to 1) malware, 2) malicious sites, and 3) malicious installed scripts. The reason for the final is for the virus software suite to pretend that this is the virus, and it exists to remove these things.


See also

External links