Malware, viruses, trojans, spyware, and what to do about it!
What is Malware?
Malware is software designed to infiltrate or damage a computer system without the owner's informed consent. Malware is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, and/or annoying software or program code. So it's really just a "catch-all" term for all malicious software. Many everyday computer users are however still unfamiliar with the term "malware." Instead the term "virus" is used in commonly to describe all kinds of malware.
Software is considered malware based on what the perceived intent of the creator is, rather than any particular features. Malware includes:
What is a computer virus?
Viruses are infectious computer programs that spread when released onto a system. A virus can copy itself and infect a computer without user consent or knowledge. The original virus may modify the secondary copies of the virus or the copies may modify themselves (in the case of a metamorphic virus). A virus most often spreads from one computer to another when its host is taken to the uninfected computer via a network, internet download, or a removable medium (e.g. CD, USB drive).
What are computer worms?
Worms are like viruses except they spread over computers on your networks. That is, they copy themselves to other computers on the same network. While they may not "take over" your computer, they will slow down the network by taking up bandwidth.
What are Trojans?
Trojans are infectious computer programs that are accepted into your computer by network, internet, or removable device. Trojans often use false names or promise false functions to get the user to initiate the program. Trojans may completely hijack computer operations (locking the user out) or may open security "backdoors" for other malicious programs.
What is spyware?
Spyware was originally produced for the purpose of: 1) gathering information about computer users, 2) showing users pop-up ads, or 3) redirecting web browsers to specific sites for the financial benefit of the spyware creator. Spyware is computer software that is installed secretly on a personal computer to take partial control over the user's interaction with the computer, without the user's informed consent. Spyware is commonly downloaded in a form where it "piggy backs" another computer program that the user voluntarily installs.
Spyware is not always malicious. Companies like Alexa and Google (their toolbar) use essential spyware to rank website popularities and deliver pertinent products and services.
Spyware also includes malicious adware. Adware is software that may be voluntarily downloaded, such as the now retired BonziBUDDY. BonziBUDDY was an adware program for children.
"He will explore the Internet with you as your very own friend and sidekick! He can talk, walk, joke, browse, search, e-mail, and download like no other friend you've ever had! He even has the ability to compare prices on the products you love and help you save money! Best of all, he's FREE!"
Source: http://www.bonzi.com/bonzibuddy/bonzimail.asp
Oddly enough, BonziBUDDY also frequently directed child-users to shopping websites and was associated with a program that records browsing behavior. BonziBUDDY was discontinued in 2004.
Adware can also be downloaded in a "piggyback" form in voluntarily downloaded packages. It was common for a period of time to include adware of this sort in free and trial downloads. Now-a-days, most websites will indicate if the download is "adware free."
What is a bot?
A bot is a compromised computer that is running software allowing a remote computer to control it. The software is usually installed by someone breaking into the computer, but can also be installed by a user who downloads malware thinking it's another piece of software. This can happen in an email, an instant message, a P2P file sharing network, etc...
A botnet is a network of bots. The botnet is controlled by a single or a small number of remote computers. Botnets are a huge source of spam, which often are successful in compromising other computers, and adding to the botnet collective.
Some disturbing notes:
Remember that malware can be embedded in virtually any file you download: files, streaming video, and even images. There were recent vulnerabilities brought to light in both Quicktime Media Player (using its buffer overflow) and the popular video website YouTube (listing over 40 vulnerabilities).
The bottom line here is that no matter how many security features you have, you still need to be careful.
Crazy Story of the Day!
A substitute 7th grade teacher in Connecticut had malware on her classroom computer. Four of her students were looking up hairstyles when pornography windows started cascading down the screen of the computer. When attempting to close them, more would just pop right back up. The teacher had no history of viewing pornography on the computer but there was spyware and adware on it.
The teacher went to trial for four counts of risk of injury to a minor since she didn't shield the children from the images. She initially was convicted and they sentences her to 40 years! Since then, she has been granted a new trial since forensic technology is now able to show that there was spyware and adware on the computer.
http://www.foxnews.com/story/0,2933,278897,00.html
So what can you do to combat malware?
1) Update your operating system (OS) often. These updates include patches for potential security threats. That is, since there are so many variables and complex interactions on any one OS, there are multitudes of potential security weaknesses. These OS updates identify and patch there security weaknesses.
2) Update your browser often for similar reasons. A browser is your interface to the rest of the internet and your computer. There are a huge number of security issues that are addressed with every browser. Frequent updates, will patch the more recently identified problems.
3) Use common sense when downloading and/or running programs. If it comes from a shady website, be cautious ("you're only as good as the company you keep"). If it comes from an unknown person over IM, be cautious. If it comes from a P2P network, be cautious.
4) Use an anti-virus and KEEP IT UPDATED. Anti-virus software companies are continually identifying new viruses. They are continually updating their software with protection from those new viruses. Scan files with your anti-virus before you open then. It doesn't make sense to have an anti-virus program if you're not using it, or if you have it disabled (I know it slows down your computer, maybe just enable it when you are downloading).
5) Use a firewall. Always make sure you have a firewall and MAKE SURE IT IS ON.
Firewalls: A firewall blocks all traffic except through authorized ports on your computer, thus restricting unfettered access. A stateful firewall is a more secure form of firewall, and system administrators often combine a proxy firewall with a packet-filtering firewall to create a highly secure system; this would be overkill for a home system, but is more common in business. Most home users would use a software firewall, while some high risk servers and computers might need a hardware firewall.
6) Use an Anti-spyware program (often includes Anti-adware) and KEEP IT UPDATED. Really for the same reason as previously mentioned. I think you get the idea by now.
7) Don't open up spam email and instant messages (it confirms the existence of the address/user and that you open items from that account . You can expect to get more spam then.
Related articles
Rate this article
Questions about this topic? Ask them on our Contact Us page.
Bookmark this page
|
