6. Malware Flashcards
Virus
Attach to clean files, spread, and corrupt host files without user knowledge
Worms
Standalone program replicating and spreading to other computers
Trojans
Disguise as legitimate software, granting unauthorized access
Ransomware
Encrypts user data, demands ransom for decryption
Zombies and Botnets
Compromised computers remotely controlled in a network for malicious purposes
Rootkits
Hides presence and activities on a computer, and operates at the OS level.
Backdoors and Logic Bombs
Backdoors allow unauthorized access, Logic bombs execute malicious actions when a certain condition is met.
Keyloggers
Record keystrokes, capture passwords or sensitive information
Spyware and Bloatware
Spyware monitors and gathers user/system information.
Bloatware consumes resources without value
Boot Sector (Virus)
Stored in the first sector of a hard drive and is then loaded into memory whenever the computer boots up
Macro (Virus)
A form of code that allows a virus to be embedded inside another document so that when that document is opened by the user, the virus is executed.
Program (Virus)
Tries to find executables or application files to infect with malicious code
Multipartite (Virus)
A combination of a boot sector and a program
Able to load every time the computer boots up
can install itself in a program where it can be run every time the computer starts.
Encrypted (Virus)
Designed to hide itself from being detected by encrypting its malicious code or payloads to avoid detection by any antivirus software
Polymorphic (Virus)
Advanced version of an encrypted virus, but instead of just encrypting the contents it will change the virus code each time it is executed by altering the decryption module for it to evade detection.
Metamorphic (Virus)
Able to rewrite themselves entirely before it attempts to infect a given file
Stealth (Virus)
A technique used to prevent the virus from being detected by the anti-virus software
Armored (Virus)
Have a layer of protection to confuse a program or a person who’s trying to analyze it
Hoax (Virus)
Form of technical social engineering that attempts to scare our end users
Remote Access Trojan (RAT)
Malicious software disguised as a piece of harmless software that provides the attacker with remote control of a victim’s machine.
Ransomware
Type of malicious software that is designed to block access to a computer system or its data by encrypting it until a ransom is paid to the attacker.
Ring 3 (Outermost Ring)
Where user level permissions are used
Ring 0 (Innermost ring)
Kernel mode
Ring 1
Admin or root user of an operating system
