The Grey Chronicles

2008.June.26

Understanding Malwares: Trojan Horses, Worms, Virus

Filed under: Information,Internet,Malwares,Readings,Security — reyadel @ 21:25
Tags: , , ,


Malware (malicious software) is a collective noun to refer to viruses, worms, and Trojan horses that intentionally perform malicious tasks on a computer system. Three malware [1] categories are:
A malicious code decision tree
Trojan horse appears to be a useful or harmless program but contains hidden code designed to exploit or damage the system. These programs are most commonly delivered to users through e-mail messages that misrepresent the program’s purpose and function. A Trojan horse is not considered a computer virus or worm because it does not propagate itself.

Worms use self-propagating malicious code that can automatically distribute itself from one computer then use the computer’s communication channels to replicate. A worm can take harmful action, such as consuming network or local system resources, possibly causing a denial of service attack. Some worms can execute and spread without user intervention, while others require users to execute the worm code directly in order to spread. Worms may also deliver a payload in addition to replicating.

Viruses use code written with the express intention of replicating itself. It attempts to spread from computer to computer by attaching itself to a host program. It may damage hardware, software, or data. When the host is executed, the virus code also runs, infecting new hosts and sometimes delivering an additional payload. Previously, viruses focused on boot sectors, and then began to infect executable files. In 1986, the computer world was introduced to the first of these viruses: the (c) Brain virus. In 1988, the first Internet worm appeared. The Morris Worm caused Internet communications to slow substantially. In 1990, the first polymorphic virus (commonly referred to as Chameleon or Casper) was developed. Shortly thereafter, Tequila, the first major polymorphic virus attack, was released. Since then, viruses have become more sophisticated: viruses started accessing e-mail address books and sending themselves to contacts; macro viruses attached themselves to various office-type application files; and viruses written specifically to exploit operating system and application vulnerabilities were released. E-mail, peer-to-peer (P2P) file-sharing networks, Web sites, shared drives, and product vulnerabilities are all currently exploited for virus replication and attack.

Next: Understanding Malwares: Characteristics


Notes:

[1] Harrison, Richard (2004), The Antivirus: Defense-in-Depth Guide, Microsoft Corporation, pp. 9-10.

Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 LicenseDisclaimer: The posts on this site do not necessarily represent any organization’s positions, strategies or opinions; and unless otherwise expressly stated, are licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 License.

Advertisements

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: