Section 3 Malware Infections Flashcards
Method used by an attacker to access a victim’s machine.
Threat Vector
Method used by an attacker to gain access to a victim’s machine in order to infect it with malware.
Attack Vector
Malware is placed on a website that you know your potential victims will access.
Watering Holes
A collection of compromised computers under the control of a master node.
Botnet
Occurs when many machines target a single victim and attack them at the exact same time.
Distributed Denial of Service (DDoS)
Occurs when a computer is placed between the sender and receiver and is able to capture or modify the traffic between them.
Active Interception
Occurs when you are able to exploit a design flaw or bug in a system to gain access to resources that a normal user isn’t able to access.
Privilege Escalation
Non-malicious code that when invoked, displays an insider joke, hidden messages, or secret feature.
Easter Egg
Malicious code that has been inserted inside a program and will execute only when certain conditions have been met.
Logic Bomb
Most commonly detected using a good antivirus software. Third party solutions like Norton or McAfee or using windows defender. Most viruses will take advantage of a user of a known exploit.
Virsues
Installed on a users machine that snoops on you. It collects data and sends it back to the owner. The user must maintain up to date security updates, windows defender has this capability.
Spyware
Malware designed to install or run other types of malware embedded din a payload on an infected host.
Dropper
A piece of code that connects to the internet of retrieve additional tools after the initial infection by a dropper.
Downloader
Any lightweight code designed to run an exploit on the target, which may include any type of code format from scripting languages to binary code.
Shellcode
Exploit technique that runs malicious code with the identification number of a legitimate process.
Code Injectioin
