|
Types of known threats |
These are malicious programs that exploit operating system vulnerabilities to spread themselves. They are called ôwormsö because of the way they propagate, crawling from computer to computer, using networks, e-mail, and other data channels. This feature gives many worms the capability to spread rapidly.
Worms penetrate a computer, calculate the network addresses of other computers, and send a burst of self-made copies to these addresses. In addition to network addresses, worms often utilize data from e-mail client address books. Some of these malicious programs occasionally create working files on system disks, but they can run without any system resources at all (with the exception of RAM).
These are programs that infect other programs, adding their own code to them to gain control of the infected files when they are opened. This is the basic way viruses infect and damage files and executables.
These are programs that carry out unauthorized actions on computers, such as deleting information on drives, stalling the system, stealing confidential information, etc. This class of malicious program is not a traditional virus because it does not infect other computers or data. However trojans disguise themselves as regular software and cause damages that can be worse that the damages caused by traditional virus attacks.
Malicious programs can combine behaviors of worms, viruses and trojans.
This program code is included in software, unbeknownst to the user, and designed to display advertisements. These programs often also collect personal data on the user and send it back to the hackers. Adware can change browser settings (start page and search pages, security levels, etc.) and create internet traffic that the user cannot control. All this can lead to breach of security and financial losses.
This is software that collects information about a particular user without his/her knowledge. Without proper software, a user may never even realize that spyware is installed on their computer. In general, spywares tend to:
This is potentially dangerous software that does not have a malicious function but can be used by hackers as an auxiliary component for launching malicious code as it contains holes and errors. Having such programs on your computer can potentially put your data at risk. These programs include, for instance, remote administration utilities, keyboard layout toggles, IRC clients, FTP servers, and all-purpose utilities for stopping processes or hiding their operation. Riskwares are capable of plugging into your web browser and redirect traffic. It is highly likely that riskware is involved if you encountered a problem such as navigating to a completely different website than the one you intended to go to.
Jokes do not do any direct damage but display false messages stating that damage has already been done or will be under certain conditions. These programs try to warn the user of dangers that do not exist, such as messages that pop up about formatting the hard drive (although no formatting actually takes place) or detecting viruses in uninfected files.
These are utilities used to conceal malicious activity. They mask malicious programs to keep anti-virus programs from detecting them. Rootkits modify the operating system on the computer and alter its basic functions to hide their own existence and behavior on the infected computer.
Programs created to set up DoS (Denial of Service) attacks on remote servers, hacking into other computers, and programs that are part of the development environment for malicious programs. These programs include hacking tools, virus builders, vulnerability scanners, password-cracking programs, and other types of programs for cracking network resources or penetrating a system.