MODULE 5 Flashcards
Malware:
A program that intends to compromise confidentiality, integrity, or availability system assets
Backdoor (Trapdoor):
Secret entry point that bypasses security
Mobile code:
Programs that move between heterogeneous devices
Auto-rooter kit:
Malware that generates virus codes
Crimeware:
Kits for building malware
Rootkit:
Set of hidden programs that acquire administrative access
Zombie (Bot):
Software on internet attached computers that launch attacks on others
APT stands for _____
Advanced Persistent Threats
APT:
Sophisticated attacks over an extended period on selected targets
Classification of malware:
- Needs host
- Independent
- Doesn’t replicate
- Replicates
Attack sources:
- Politically motivated
- Criminals
- Organized crime
- International consultancy organizations
- National government agencies
APT techniques:
- Social engineering
- Spear-phishing
- Drive-by-downloads
APT’s intent:
- Infect the target
- Extend access
Phases of a typical virus:
- Dormant (Idle)
- Propagation (Copying)
- Triggering (Activating)
- Execution (Performing functions)
Mobile phone worms:
Worms that communicate via Bluetooth
Threat mitigation options:
- Detection
- Identification
- Removal
Virus components:
- Infection mechanism
- Trigger
- Payload
Drive-by-download:
Exploiting browser vulnerabilities when a user visits a compromised website
Water-hole attack:
Studying victim behavior to know what websites they use and then scanning said websites for vulnerabilities to compromise it
Malvertising:
Paying for ads with malware in them on websites that the victim visits
Clickjacking (UI redress attack):
Leading the user to believe that they’re typing their password to their bank account when instead, they’re typing it into an invisible frame
Payload types:
- Causing system corruption
- Attack agent bots
- Information theft
- Rootkits and backdoors
Klez payload:
Stops anti-virus programs
Chernobyl payload:
Infects files when they’re opened
