vimwiki/tech/malware.wiki

= Malware =


== Types ==

=== Advanced Persistent Threat ===

Cybercrime directed at a business and political targets,
using variety of intrusion techs and malware, applied persistently
Often state sponsored.

=== Adware ===

Advertising that is integrated into software. Makes popup ads or
redirection of a browser to commercial site

=== Attack kit ===

Set of tools for generating new malware automatically using a variety of
supplied propagation and payload mechanisms (metasploit)

=== Auto-rooter ===

Malicous tools to break into new machines remotely

=== Backdoor (trapdoor) ===

Any mechanism that bypasses a normal security check; it may allow unauthorized
access to functionality in a program, or onto a compromised system.

=== Downloaders ===

Code that installs other items on a machine that is under attack. Included in
malware code first inserted onto a compromised system to import a larger
malware system.

=== Drive by download ===

Attack using code on a comprisimised website that exploits a browser
vulnerability to attack a client system when the site is viewed.

=== Exploits ===

Code sepcific to a single vulnerability

=== Flooders ===

Generate a large volume of data to attack a networked computer system, carrying
out some DOS attack

=== Keyloggers ===

Capture keystrokes on a compromised system

=== Logic Bomb ===

Code inserted into malware by intruder. Lies dormant until a condition is met,
then code triggers some payload.

=== Macro virus ===

Virus using macro scripting code, typically embedded in a document or document
template, and triggered when the document is viewed/edited, to run and
replicate into other documents.

=== Mobile code ===

Software that can be shipped unchanged to a htereogenous colelctions of
platforms and execute with identical semantics.

=== Rootkit ===

Tools used after a system has been compromised to gain root level access

=== Spyware ===

Software that monitors keystrokes, screen data, and/or network traffic, or
scans files for sensitive information, and sends it back to some Controler
server.

=== Trojan horse ===

Appears to have useful function, but has hidden and malicous purpose and evades
security machanisms, sometimes by exploiting legit authorizations of system
entity that invoked it

=== Virus ===

Malware that when executed, attempts to replicate itself and propigate itself.

=== Worm ===

Malware that can run independently and can propagate a complete working version
of itself onto other hosts on a network, by exploiting software vulns in the
target system, or using capture credentials
Update for 08-03-22 14:30 2022-03-08 19:30:01 +00:00			`= Malware =`


			`== Types ==`

Update for 09-03-22 12:45 2022-03-09 17:45:01 +00:00			`=== Advanced Persistent Threat ===`
Update for 08-03-22 14:30 2022-03-08 19:30:01 +00:00
			`Cybercrime directed at a business and political targets,`
			`using variety of intrusion techs and malware, applied persistently`
			`Often state sponsored.`

Update for 09-03-22 12:45 2022-03-09 17:45:01 +00:00			`=== Adware ===`
Update for 08-03-22 14:30 2022-03-08 19:30:01 +00:00
			`Advertising that is integrated into software. Makes popup ads or`
			`redirection of a browser to commercial site`

Update for 09-03-22 12:45 2022-03-09 17:45:01 +00:00			`=== Attack kit ===`
Update for 08-03-22 14:30 2022-03-08 19:30:01 +00:00
			`Set of tools for generating new malware automatically using a variety of`
			`supplied propagation and payload mechanisms (metasploit)`

Update for 09-03-22 12:45 2022-03-09 17:45:01 +00:00			`=== Auto-rooter ===`
Update for 08-03-22 14:30 2022-03-08 19:30:01 +00:00
			`Malicous tools to break into new machines remotely`

Update for 09-03-22 12:45 2022-03-09 17:45:01 +00:00			`=== Backdoor (trapdoor) ===`
Update for 08-03-22 14:30 2022-03-08 19:30:01 +00:00
			`Any mechanism that bypasses a normal security check; it may allow unauthorized`
			`access to functionality in a program, or onto a compromised system.`

Update for 09-03-22 12:45 2022-03-09 17:45:01 +00:00			`=== Downloaders ===`
Update for 08-03-22 14:30 2022-03-08 19:30:01 +00:00
			`Code that installs other items on a machine that is under attack. Included in`
			`malware code first inserted onto a compromised system to import a larger`
			`malware system.`

Update for 09-03-22 12:45 2022-03-09 17:45:01 +00:00			`=== Drive by download ===`
Update for 08-03-22 14:30 2022-03-08 19:30:01 +00:00
			`Attack using code on a comprisimised website that exploits a browser`
			`vulnerability to attack a client system when the site is viewed.`

Update for 09-03-22 12:45 2022-03-09 17:45:01 +00:00			`=== Exploits ===`
Update for 08-03-22 14:30 2022-03-08 19:30:01 +00:00
			`Code sepcific to a single vulnerability`

Update for 09-03-22 12:45 2022-03-09 17:45:01 +00:00			`=== Flooders ===`
Update for 08-03-22 14:30 2022-03-08 19:30:01 +00:00
			`Generate a large volume of data to attack a networked computer system, carrying`
			`out some DOS attack`

Update for 09-03-22 12:45 2022-03-09 17:45:01 +00:00			`=== Keyloggers ===`
Update for 08-03-22 14:30 2022-03-08 19:30:01 +00:00
			`Capture keystrokes on a compromised system`

Update for 09-03-22 12:45 2022-03-09 17:45:01 +00:00			`=== Logic Bomb ===`
Update for 08-03-22 14:30 2022-03-08 19:30:01 +00:00
			`Code inserted into malware by intruder. Lies dormant until a condition is met,`
			`then code triggers some payload.`
Update for 08-03-22 14:45 2022-03-08 19:45:01 +00:00
Update for 09-03-22 12:45 2022-03-09 17:45:01 +00:00			`=== Macro virus ===`
Update for 08-03-22 14:45 2022-03-08 19:45:01 +00:00
			`Virus using macro scripting code, typically embedded in a document or document`
			`template, and triggered when the document is viewed/edited, to run and`
			`replicate into other documents.`

Update for 09-03-22 12:45 2022-03-09 17:45:01 +00:00			`=== Mobile code ===`
Update for 08-03-22 14:45 2022-03-08 19:45:01 +00:00
			`Software that can be shipped unchanged to a htereogenous colelctions of`
			`platforms and execute with identical semantics.`

Update for 09-03-22 12:45 2022-03-09 17:45:01 +00:00			`=== Rootkit ===`
Update for 08-03-22 14:45 2022-03-08 19:45:01 +00:00
			`Tools used after a system has been compromised to gain root level access`

Update for 09-03-22 12:45 2022-03-09 17:45:01 +00:00			`=== Spyware ===`
Update for 08-03-22 14:45 2022-03-08 19:45:01 +00:00
			`Software that monitors keystrokes, screen data, and/or network traffic, or`
			`scans files for sensitive information, and sends it back to some Controler`
			`server.`

Update for 09-03-22 12:45 2022-03-09 17:45:01 +00:00			`=== Trojan horse ===`
Update for 08-03-22 14:45 2022-03-08 19:45:01 +00:00
			`Appears to have useful function, but has hidden and malicous purpose and evades`
			`security machanisms, sometimes by exploiting legit authorizations of system`
			`entity that invoked it`

Update for 09-03-22 12:45 2022-03-09 17:45:01 +00:00			`=== Virus ===`
Update for 08-03-22 14:45 2022-03-08 19:45:01 +00:00
			`Malware that when executed, attempts to replicate itself and propigate itself.`

Update for 09-03-22 12:45 2022-03-09 17:45:01 +00:00			`=== Worm ===`
Update for 08-03-22 14:45 2022-03-08 19:45:01 +00:00
			`Malware that can run independently and can propagate a complete working version`
			`of itself onto other hosts on a network, by exploiting software vulns in the`
			`target system, or using capture credentials`