Malware and Rootkits

Malware and Rootkits

Introduction

Internet Malware is software designed to harm a computer system or directly to its owner. It may also be a legitimate program as such, whose use is diverted for malicious purposes (Christodorescu, 2007). The term malware is a contraction of malicious software, meaning malicious software. A malware usually does the following destruction:

Infect files and make them unusable (not including the use of software for disinfection)

To hinder or prevent certain applications from the target computer to run (or even completely block the operating system)

Disable security software to better target the infecting files

Delete or encrypt files created by the user (text documents, spreadsheets, pictures, music, etc.)

Intercept accounts and passwords to impersonate the victim on the Web, or even steal money from a financial website.

Vulnerabilities used by malware

There are several factors that make the system more vulnerable to malware; homogeneity, bugs, code unconfirmed, over-privileged user and over-privileged code (Skoudis and Zeltser, 2003). One cause of the vulnerability of networks is homogeneity of multiuser software. For example, when all the computers on a network run the same operating system if that system can be compromised, it might affect any computer you use. In particular, Microsoft Windows has the most operating systems market; this allows malware to infect a large number of computers without having to adapt malicious software to different operating systems (Erbschloe, 2004).

Types of Malicious Program-Malware

According to Panda Security, the first months of 2011 have created 73,000 new samples of malware per day, 10,000 more than the average for all of 2010. Of these, 70 percent are Trojans, and grow so exponentially the subtype downloader (Kolbitsch et al., 2009). There are main types of malware mentioned as follows:

Computer virus and Worm

Trojan

Backdoor (backdoor)

Keylogger

Rootkit (hidden program)

Spyware

Rogue (fake antivirus or rogue anti-spyware)

Dialer (phone dialer)

Ransomware

Drive-by-Downloads

Malware Protection

You can protect yourself against viruses and spyware with a Client Security policy. When you create or edit a policy, use the Security tab to define whether the protection should be activated for either or both types of malware (Kolbitsch, 2009).

When you enable protection against malware, you have two options. You can protect yourself against viruses and spyware for all client computers to which you deploy the policy is created or modified, or you can let users choose to use protection against viruses and spyware.

Rootkit

A Rootkit is a program that hides another in the eyes of the user's computer. It is not harmful as such, but often ...