= Malware =


== Types ==

== Advanced Persistent Threat ==

Cybercrime directed at a business and political targets,
using variety of intrusion techs and malware, applied persistently
Often state sponsored.

== Adware ==

Advertising that is integrated into software. Makes popup ads or
redirection of a browser to commercial site

== Attack kit ==

Set of tools for generating new malware automatically using a variety of
supplied propagation and payload mechanisms (metasploit)

== Auto-rooter ==

Malicous tools to break into new machines remotely

== Backdoor (trapdoor) ==

Any mechanism that bypasses a normal security check; it may allow unauthorized
access to functionality in a program, or onto a compromised system.

== Downloaders ==

Code that installs other items on a machine that is under attack. Included in
malware code first inserted onto a compromised system to import a larger
malware system.

== Drive by download ==

Attack using code on a comprisimised website that exploits a browser
vulnerability to attack a client system when the site is viewed.

== Exploits ==

Code sepcific to a single vulnerability

== Flooders ==

Generate a large volume of data to attack a networked computer system, carrying
out some DOS attack

== Keyloggers ==

Capture keystrokes on a compromised system

== Logic Bomb ==

Code inserted into malware by intruder. Lies dormant until a condition is met,
then code triggers some payload.

== Macro virus ==

Virus using macro scripting code, typically embedded in a document or document
template, and triggered when the document is viewed/edited, to run and
replicate into other documents.

== Mobile code ==

Software that can be shipped unchanged to a htereogenous colelctions of
platforms and execute with identical semantics.

== Rootkit ==

Tools used after a system has been compromised to gain root level access

== Spyware ==

Software that monitors keystrokes, screen data, and/or network traffic, or
scans files for sensitive information, and sends it back to some Controler
server.

== Trojan horse ==

Appears to have useful function, but has hidden and malicous purpose and evades
security machanisms, sometimes by exploiting legit authorizations of system
entity that invoked it

== Virus ==

Malware that when executed, attempts to replicate itself and propigate itself.

== Worm ==

Malware that can run independently and can propagate a complete working version
of itself onto other hosts on a network, by exploiting software vulns in the
target system, or using capture credentials