Malicious Software and Computer Viruses
37 Questions
0 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the primary characteristic of a non-resident virus?

  • It can only infect files when the host program is running.
  • It resides in the computer's memory.
  • It infects executable files without needing the programs to be active. (correct)
  • It is unable to replicate itself without user intervention.
  • Which type of malicious software is specifically designed to replicate itself across a network?

  • Adware
  • Computer virus
  • Worm (correct)
  • Trojan horse
  • What distinguishes a resident virus from a non-resident virus?

  • Resident viruses utilize the computer's memory to attack files. (correct)
  • Resident viruses do not infect executable files.
  • Resident viruses cannot replicate themselves.
  • Non-resident viruses can only attack anti-virus software.
  • What is the primary function of malicious software?

    <p>To cause harm to a computer system or network.</p> Signup and view all the answers

    Which of the following forms of malware can modify or delete system files?

    <p>Trojan horse</p> Signup and view all the answers

    How do worms typically spread through a network?

    <p>Through self-replication across the network nodes.</p> Signup and view all the answers

    What is a common source of resident viruses?

    <p>Infected backup drives or disks.</p> Signup and view all the answers

    Which type of malicious software does NOT typically modify existing files?

    <p>Worm</p> Signup and view all the answers

    What was the common name given to the I LOVE YOU virus?

    <p>Love Letter</p> Signup and view all the answers

    Which programming language was used to write the I LOVE YOU virus?

    <p>VBScript</p> Signup and view all the answers

    Who was responsible for creating and distributing the I LOVE YOU virus?

    <p>Onel de Guzman</p> Signup and view all the answers

    Which operating system did the Love Letter virus primarily target?

    <p>Windows</p> Signup and view all the answers

    In what year did the I LOVE YOU virus begin spreading?

    <p>2000</p> Signup and view all the answers

    The Morris Worm created significant problems due to which factor?

    <p>Bugs in the code</p> Signup and view all the answers

    What unique method did the SQL Slammer worm use for distribution?

    <p>Random IP address generation</p> Signup and view all the answers

    What does ransomware do to a victim's data?

    <p>Encrypts it for ransom</p> Signup and view all the answers

    What symptoms may indicate the presence of a rootkit on a computer?

    <p>Slowdowns and mysterious settings changes</p> Signup and view all the answers

    What action should be taken if antivirus software deactivates unexpectedly?

    <p>Perform an anti-rootkit scan</p> Signup and view all the answers

    Which of the following is a recommended step after performing an anti-rootkit scan?

    <p>Reinstall your cybersecurity software</p> Signup and view all the answers

    Which issue may NOT be associated with rootkit infections?

    <p>System performance enhancement</p> Signup and view all the answers

    If continuous slow performance is observed, which malicious software is a likely suspect?

    <p>Rootkits</p> Signup and view all the answers

    What is the primary function of spyware?

    <p>To collect personal data without the user's awareness</p> Signup and view all the answers

    Why are rootkits considered dangerous?

    <p>They can infect systems without displaying symptoms.</p> Signup and view all the answers

    Which type of rootkit infiltrates the bootloader of a computer?

    <p>Bootloader rootkit</p> Signup and view all the answers

    What is a common way to detect rootkit infections?

    <p>Unexpected system crashes</p> Signup and view all the answers

    How can a memory rootkit typically be removed?

    <p>By restarting the computer</p> Signup and view all the answers

    What do firmware rootkits compromise?

    <p>The device firmware where malware is typically undetected</p> Signup and view all the answers

    Which characteristic is NOT true about rootkits?

    <p>They all display clear and immediate symptoms.</p> Signup and view all the answers

    What kind of software should be used to remove spyware from a computer?

    <p>Adware and cleanup applications</p> Signup and view all the answers

    What is a common function of Trojan horses?

    <p>Logging keystrokes to steal credentials</p> Signup and view all the answers

    How can a user become infected by a Trojan horse?

    <p>By visiting a rogue website</p> Signup and view all the answers

    Which file extension is typically associated with Trojan horses?

    <p>.exe</p> Signup and view all the answers

    What is a common symptom of adware infection on a mobile device?

    <p>Apps taking longer to load</p> Signup and view all the answers

    Which of the following does NOT describe a sign of adware infection?

    <p>Increased storage space</p> Signup and view all the answers

    What method is typically used for removing adware?

    <p>Using legitimate anti-malware software</p> Signup and view all the answers

    Which of the following is a characteristic of adware?

    <p>Breaches user privacy for malicious purposes</p> Signup and view all the answers

    What is NOT a way through which a user can be infected with a Trojan horse?

    <p>Vaccinating the system regularly</p> Signup and view all the answers

    Study Notes

    Malicious Software

    • Malicious software or malware, is any malicious program that causes harm to a computer system or network.
    • Malware attacks a computer or network in the form of viruses, worms, trojans, spyware, adware or rootkits.

    Computer Virus

    • Self-replicating malicious software that attaches itself to other files/programs.
    • Executes secretly when the host program/file is activated.
    • There are two main types of computer viruses: Non-resident and resident

    Non-Resident Virus

    • Viruses that do not live in the computer’s memory.
    • Infect executable files when programs are not running.
    • Immediately start searching for other hosts that could be infected, infect them and transfer control to the application program.

    Resident Virus

    • Latches itself onto the computer’s memory, granting it the freedom to attack any file or application on the device (including anti-virus software).
    • Can come from corrupted drives or disks, or from suspicious links or downloads.

    Worms

    • Self-replicating computer virus.
    • Uses a network to send copies of itself to other nodes without user intervention.
    • Does not delete system's files, modify existing files, install Trojan horses, record or transmit decrypted passwords, capture super user privileges.

    I Love You Virus

    • Also known as Love Letter.
    • A computer worm that attacked tens of millions of Windows computers on May 6, 2000.
    • Spread as an email message with the subject line "ILOVEYOU" and the attachment "LOVE-LETTER-FOR-YOU.txt.vbs".
    • Created and distributed by Onel de Guzman, a young Filipino computer programmer.

    Worms

    • Jerusalem: The first known computer worm, discovered in 1987.
    • Morris Worm: Launched in 1988 by Robert Morris, a US student who wanted to discover the size of the internet.
    • Storm Worm: An email worm launched in 2007.
    • SQL Slammer: Unique worm that didn’t utilize traditional distribution methods.

    Morris Worm

    • Launched a few dozen lines of code with bugs that caused problems on affected hosts.
    • Caused thousands of overloaded computers running on UNIX and financial damage between 10millionand10 million and 10millionand100 million.

    Storm Worm

    • Sent 1.2 billion emails over ten years to create a botnet targeting popular websites.
    • Experts believe there are still millions of infected computers.

    SQL Slammer

    • Generated random IP addresses and sent itself to them hoping they weren't protected by antivirus software.
    • Infected over 75,000 computers, unknowingly involved in DDoS attacks on websites.

    Ransomware

    • Locks and encrypts a victim's data, files, devices or systems.
    • Makes them inaccessible until the attacker receives a ransom payment.

    Trojan Horses

    • Malicious program designed as authentic, real and genuine software.

    What Trojans Can Do

    • Erase or overwrite data on a computer.
    • Spread other viruses or install a backdoor.
    • Set up networks of zombie computers to launch DDoS attacks or send spam.
    • Logging keystrokes to steal passwords and credit card numbers.
    • Phish for account details.
    • Destroy data.

    How You Can Be Infected By Trojans

    • Visiting a rogue website.
    • Receiving files through messengers.
    • Opening attachments on emails.
    • Trojan horses via SMTP.
    • Opening bogus web pages.
    • Copying a file from someone else.
    • Downloading a file.
    • Installing a program.

    Adware

    • Not technically malicious, but breaches user privacy for malicious purposes.
    • Displays ads on the computer’s desktop or inside individual programs.
    • Can get onto mobile phones through entertainment or gaming apps.

    Signs of Adware Infection

    • Unexpected changes in your browser home page.
    • Web pages not displaying correctly.
    • Overwhelmed with pop-up ads.
    • Slow device performance.
    • Device crashing.
    • Reduced internet speeds.
    • Redirected internet searches.
    • Random appearance of a new toolbar or browser add-on.
    • Phone is slow.
    • Apps take longer to load.
    • Battery drains quickly.
    • Unexplained data usage and higher phone bills.
    • Numerous ad pop-ups.

    How To Remove Adware

    • Create a backup of the data.
    • Download or update security software.
    • Uninstall unused programs.
    • Use an adware and cleanup application.

    Spyware

    • Malware that watches and tracks user actions and collects personal data.
    • Installed on the user's computer to provide profit to a third party by collecting data without awareness.
    • Steals passwords and personal information by running in the background of the system.

    Rootkit

    • Malicious software that alters the regular functionality of an OS in a stealthy manner.

    Why Rootkits Are So Dangerous

    • They’re sneaky: Spread through corrupt downloads, spam emails, and exploit kits.
    • They’re stealthy: Don’t display many symptoms.
    • They’re capable: Multiple capabilities.

    Types of Rootkits

    • Bootloader rootkit: Infiltrates bootloader mechanism and infects the computer before the OS is loaded.
    • Firmware rootkit: Hides within firmware making it difficult to find.
    • Kernel rootkit: Attacks the core component of your computer and gives threat actors control.
    • Application rootkit: Modifies files with rootkit code, giving access to the machine every time those files are run.
    • Memory rootkit: Resides on RAM and can slow down the device, can be cleared by restarting the computer.

    How To Detect and Remove Rootkits

    • System crashes.
    • Software malfunctions.
    • Antivirus crash.
    • Try an anti-rootkit scan and reinstall security software.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Related Documents

    Week-6.pdf

    Description

    This quiz covers the essential concepts of malicious software, commonly referred to as malware, and delves into the specifics of computer viruses. It explores the difference between non-resident and resident viruses and how they infect systems. Test your knowledge on this critical topic in computer security.

    More Like This

    Use Quizgecko on...
    Browser
    Browser