Internet THREATS

Internet THREATS!!!

Most people don't know what internet threats are, it is really is strange thing. There are a lot of malware that we usually call virus available today.so I'll take one by one, huh what really that will be quite interesting right. Let’s Start"

MALWARE – Malware Is short for “malicious software, “also known as malicious code or "mal-code. It is code or Software that is specifically designed to damage, disrupt, steal, or in general inflict some other “bad" or illegitimate action on data, hosts, or networks .There are many different classes of malware that have varying way so infecting systems and Propagating themselves. Malware can infect systems by being bundled with other programs or
Attached as macros to files e.g. Melisa virus. Others are installed by exploiting a known vulnerability in an Operating system (OS), network device, or other software, such as a hole in a browser that only Requires users to visit a website to infect their computers. The vast majority  however, are Installed by some action from a user, such as clicking an email attachment or downloading a File from the Internet. They may include; viruses, worms, Trojans, bots, Ransomware, back-doors, spyware, and adware. Malware should all so not be confused with Defective software, which is intended for legitimate purposes but contains errors or “bugs."
Classes of malware:
The most common types of malware are: viruses, Trojan horse and worms.
A. Virus - it is a program made to double or replicate a file and switch between the different system unit with removable drives like USB / flash drives and CDs. A virus depends on a host program to spread itself; it propagates by inserting a copy of itself into and becoming part of another program. It spreads from one computer to another, leaving infections as it travels. Viruses can range in severity rom causing mildly annoying effects to damaging Data or software and causing denial of service (DoS)conditions. Almost all viruses are attached to an executable file, which means the virus may exist on a system but will not be active or able to spread until a user opens the malicious host file or program. In other ways, viruses need human help to propagate while worms not
B. Worm - worms are standalone software and do not require a host program or human help to propagate. This style of malicious program can is spread through computer network or internet .To be spread, worms either exploit a vulnerability on the target system or use some kind of social engineering to trick users into executing them, when in system, it takes advantage of file-transport or information-transport features on the system, allowing it to travel un-aided an example here is the most popular love bug or love you worm.
C.A Trojan a is a malicious program than convinces the victim to run it, but when launched, it attacks the system or is another type of malware program that mislead users for its true intent. It was named after wooden horse that the Greeks used to Infiltrate Troy. Trojans can also be used by hackers to accomplish their mission; they create back doors to give them access to the System. They do not reproduce by infecting other files nor do they self-replicate. Trojans must spread through user interaction such as opening an email attachment or downloading and running a file from the Internet.The Trojan is a malware which uses social engineering attack to inflict your computer, the hacker / attacker will have to access into your system. The Trojans are hiding in those free download games, apps, music and video (so take care website to download what what) What a Trojans can do:

Backdoor Trojan: can create a backdoor into the system which the attacker / hacker will have control of the entire system. Can hack / attack, delete, send, receive and launch files.

Spy: Spyware (Trojan) - the program that can run on your devices without you knowing or a Spyware (Trojan) is unwanted software that infiltrates your computing device, stealing your internet usage data and sensitive information. The Trojan can make spy, an attacker / hacker in the computer system can see the works of his victim. Spyware is classified as a type of malware software designed to gain access to or damage your computer, often without your knowledge. Spyware gathers your personal information and relays it to advertisers, data firms, or external users.
Spyware is used for many purposes. Usually it aims to track and sell your internet usage data, capture your credit card or bank account information, or steal your personal identity. How? Spyware monitors your internet activity, tracking your login and password information, and spying on your sensitive information.
Some types of spyware can install additional software and change the settings on your device, so it’s important to use secure passwords and keep your devices updated. For examples is message sniffer
Perform a DDOS(Distribute Denial of Service--distributed denial-of-service attack ) is a malicious attempt to disrupt normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.): The attacker / hacker uses the infected machine or computer to attack other computers.
Download other malware and virus: because the hacker has whole access attacker / hacker in a system he still able download other viruses and malware in the system of the victim.

Steal Information: The hacker / attacker Trojan can steal information on your system so they can get your social media accounts (such as Facebook, Twitter, Instagram, google account. Etc.) or your banking such as a debit card and credit card.
Other classes of malicious software are:
A. Adware - it when you see annoying pop-up on your computer when connected to the internet. Actually, it is a Software that generates revenue for its developer by automatically generating online Advertisements in the user interface of the software or on a screen presented on the user during the installation process. The software may generate two types of revenue: one is for the display of the advertisement and another on a "pay-per-click" basis if the user clicks on the advertisement.


B. Ransomware -This is a type of malware that prevent or limits users from accessing their file system, either by locking the system screen or by locking user’s files unless a ransom is paid.

C. Bots- "Bot " is derived from the word "robot" and is an automated process that interacts with other
Network services. Bots often automate tasks and provide information or services that would Otherwise be conducted by a human being. A typical use of bots is to gather information, such As web crawlers, or interact automatically with Instant Messaging (IM), Internet Relay Chat (IRC), Or other web interfaces. They may also be used to interact dynamically with websites.
Bots can be used for either good or malicious intent. A malicious bot is self-propagating Malware designed to infect a host and connect back to a central server or servers that act as a Command and control(C&C) center or an entire network of compromised devices, or “botnet." With a botnet, attackers can launch broad-based, “remote-control, “flood-type attacks against their target(s).
In addition to the worm-like ability to self-propagate, bots can include the ability to log Key strokes, gather passwords, capture and analyze packets, gather financial information, launch Denial of Service (DOS)Attacks, relay spam, and open back-doors on the infected host. Bots Have all the advantages of worms, but are generally much more over stile in their infection vector And are often modified within hours of publication of a new exploit. They have been known to Exploit back-doors opened by worms and viruses, which allows them to access networks that have good perimeter control. Bots rarely announce their presence with high scan rates that damage network infrastructure; instead, they infect networks in a way that escapes immediate notice. Advanced botnets may take advantage of common internet of things(IOT)devices such as home electronics or appliances to increase automated attacks. Crypto mining is a common use of these bots for nefarious purposes. Malicious Crypto Miners Are Software that uses system resources to solve large mathematical calculations that result in Some amount of crypto currency being awarded to the solvers. There are two ways that mining Can be performed: either with a standalone miner or by lever aging mining pools. Mining Software relies on both CPU resources and electricity. Once a system has a miner dropped on it and it starts mining, nothing else is needed from an adversary perspective. The miner generates Revenue consistently until it is removed.
D. Boot-kit-A malware variant that modifies the boot sectors of a hard drive, including the Master Boot Record(MBR)and Volume Boot Record(VBR).Adversaries may use boot-kits to persist on systems at a layer below the operating system, which may make it difficult to perform full remediation unless an organization suspects one was used and can act accordingly.
E. Browser Hijacker-Software that modifies a web browser's settings without a user's permission as to inject unwanted advertising into the user's browser. A browser hijacker may replace the existing homepage, error page, or search engine with its own. These are generally used to force history a particular website, increasing its advertising revenue. This software often comes in the form of a browser tool bar and is received through an email attachment or file download.
F. Crime ware-A class of malware designed specifically to automate cybercrime. Crime ware (distinct from spyware and adware) is designed to perpetrate identity theft through social engineering or technical stealth in order to access a computer user's financial and retail accounts for the
purpose of taking funds from those accounts or completing unauthorized transactions that
enrich the cyber thief. Alternatively, crime ware may steal confidential or sensitive corporate
information.
G. Denial of Service (DOS)Attacks-Malicious attempts by one or more people to cause the victim, site, or node to deny service to its customers.
H. Executable File-A computer file that contains a sequence of instructions to run an automatic task when the user clicks the file icon or when it is launched via a command

I. Exploit- is A piece of software, a command, or a methodology that attacks a particular security vulnerability. Exploits are not always malicious intent; they are sometimes used only as a way of demonstrating that a vulnerability exists. However, they are a common component of malware.
J. Instant Messaging-Applications for personal or business communication that are built around the concept of online detection to determine when an entity can communicate. These applications allow for collaboration via text chat, audio, video or file transfer.
K. Internet Relay Chat-A system for chatting that involves a set of rules and conventions and client/server software
L. Key loggers- The action of recording(logging) the keys struck on a keyboard, typically covertly, so that the person using the keyboard is unaware that their actions are being monitored. Data can then be retrieved by the person operating the logging program. A key logger can be either software or hardware.
M. Malicious Mobile Code Malicious mobile code (MMC)- is any software program designed to move from computer to computer and network to network, in order to intentionally modify computer systems without the consent of the owner or operator. MMC includes viruses, Trojan horses, worms, script attacks, and rogue Internet code. Popular languages for malicious mobile code include Java, ActiveX, JavaScript  ,and VB Script.
N. Payload- The part of the data transmission that could also contain malware such as worm. so viruses that perform the malicious action: deleting data, sending spam, or encrypting data. While packet headers indicate source and destination, actual packet data is referred to as the “payload."

O. Point of Sale(POS)-Malware A type of malicious software that is used by cyber criminals to target point of sale(POS) terminals with the intent to obtain credit card and debit card information by reading the device memory from there tail check out point of sale system .POS malware is released by hackers to process and steal transaction payment data .The card information, which is usually encrypted and sent to the payment authorization, is not encrypted by POS malware but sent to the cyber-criminal.

 P. Potentially Unwanted Programs or Applications -  are Software that a user may perceive as unwanted. This may include adware, spyware, or browser hijackers. Such software may use an implementation that can compromise privacy or weaken the computer's security. Companies often bundle a wanted program download with a wrapper application and may offer to install an unwanted application, in some cases without providing a clear opt-out method.

 Q. Rootkit-  Are Programs that hide the existence of malware by intercepting (i.e., “Hooking”) and modifying. operating system. API calls that supply system information. Root kits or root kit enabling functionality may reside at the user or kernel even in the operating system or lower to include a hyper visor, master boot record, or the system firmware. Adversaries may use root kits to hide the presence of programs, files, network connections, services, drivers, and other system components. Root kits have been seen for Windows, Linux, and Mac OS X systems

. R. Social Engineering - Is Any time perceived trust is used to elicit information from groups or individuals, it is referred to as “social engineering. “Examples include individuals who call or email a company to gain unauthorized access to system information.

 S. Web Crawlers- Programs that systematically browse the internet and index data, including page content and links. These web crawlers help to validate HTML code and search engine queries to identify new web pages or dead links.
U. Wipers- A type of destructive malware that contains a disk wiping mechanism such as the ability to infect the master boot record with a payload that encrypts the internal file table. Wipers render the attacked process or component useless to the end user.

Related Posts

Share this post

Subscribe Our Newsletter