Malicious Software Overview

Questions and Answers

A non-resident virus resides in the computer's memory.

False

Malicious Software is synonymous with the term Malware.

True

A computer worm needs user intervention to spread to other nodes.

False

Resident viruses can attack any file or application on a device.

True

Malicious malware software can be transmitted through viruses, worms, and trojans.

True

Computer viruses are incapable of replicating themselves.

False

Worms can modify existing files on the system.

False

Rootkits are a type of malicious software.

True

The I LOVE YOU virus was written in Python.

False

The Morris Worm was launched in 1988.

True

The Storm Worm was an email worm launched in 2000.

False

Ransomware locks and encrypts a victim's data until a ransom is paid.

True

SQL Slammer utilized traditional methods to distribute itself.

False

Onel de Guzman was a young Filipino responsible for creating the I LOVE YOU virus.

True

Trojan horses can spread other viruses or install a backdoor.

True

Jerusalem was the first known computer worm discovered in 1990.

False

Spyware programs install themselves on the user's computer without their awareness.

True

A rootkit can only spread through physical connection to the computer.

False

Firmware rootkits can be easily detected by standard cybersecurity tools.

False

Memory rootkits reside on a computer's RAM and can affect performance.

True

Application rootkits are benign and do not modify regular files.

False

Rootkits are referred to as the Swiss Army Knives of malware because of their multiple capabilities.

True

System crashes are often a sign of rootkit infections affecting important system components.

True

Uninstalling unnecessary programs can help protect against spyware infections.

True

A computer can be infected with Trojans by opening an email attachment.

True

Adware is considered a highly malicious type of software.

False

Key loggers are a type of Trojan that logs keystrokes to steal personal information.

True

The Trojan horse is always a text file with a .txt extension.

False

Signs of mobile adware can include unexplained data usage and numerous ad pop-ups.

True

Being redirected during internet searches can be a sign of adware infection.

True

Downloading any file from a legitimate website is completely safe from Trojan infections.

False

Adware only affects desktop computers and cannot be found on mobile devices.

False

Software malfunctions such as slowdowns and mysterious settings changes can be signs of a rootkit.

True

A rootkit will always cause your antivirus software to deactivate.

False

Running an anti-rootkit scan is unnecessary if your antivirus is functioning properly.

False

Removing a rootkit may require the reinstallation of cybersecurity software after scanning.

True

Antivirus crashes are a definitive indicator of a rootkit infection.

False

Study Notes

Malicious Software Overview

• Malicious Software (Malware) is any program that causes harm.
• Malware Attacks involve inserting malicious code to disrupt or destroy a system.
• Types of Malware: Viruses, Worms, Trojans, Spyware, Adware, Rootkits.

Computer Virus

• A computer virus self-replicates and attaches to files or programs.
• Virus Activation: Executions occurs when the host file is opened.
• Two types of Viruses: Non-resident and Resident.

Non-Resident Virus

• Non-resident viruses do not reside in computer memory.
• They infect executable files when programs are not running.
• They immediately search for other hosts to infect.
• They transfer control to the infected application program.

Resident Virus

• Resident viruses reside in computer memory.
• They attack any file or application, including antivirus software.
• Sources: Corrupted drives, disks, suspicious links, or downloads.

Worms

• A worm is a self-replicating computer virus.
• Network Propagation: Worms spread through networks without user interaction.
• Impact: They do not delete system files, modify existing files, install Trojans, or capture user credentials.

"I LOVE YOU" Virus

• Common Name: Love Letter.
• Type: Computer worm.
• Operating System: Microsoft Windows.
• Written in: VBScript.
• Responsible: Onel de Guzman, a Filipino programmer.
• Transmission: Email with subject "ILOVEYOU" and attachment "LOVE-LETTER-FOR-YOU.txt.vbs".

Famous Worms

• Jerusalem: The first known computer worm discovered in 1987.
• Morris Worm: Launched in 1988 by Robert Morris to measure the internet size.
• Storm Worm: Launched in 2007 as fake news about a storm wave, targeting popular websites.
• SQL Slammer: A unique worm, it used random IP addresses to spread.
• Botnet: A network of infected computers controlled by an attacker.

Ransomware

• Ransomware encrypts a victim's data, files, devices, or systems.
• Purpose: To demand ransom payment for decryption.

Trojan Horses

• Trojan Horses are disguised as authentic software.
• Trojan Horse Functionality:
  • Erase or overwrite data.
  • Spread other viruses.
  • Establish zombie networks for DDoS attacks or spam.
  • Steal passwords and credit card numbers (key logger).
  • Phish for account details.
  • Destroy data.

Trojan Infection Sources

• Websites: Rogue websites.
• Instant Messaging: Files shared through messengers.
• Email: Attachments in emails.
• SMTP: Trojan horses transmitted via SMTP (Simple Mail Transfer Protocol).
• File Extensions: .exe, .com, .scr, .bat, .pif.

Adware

• Adware: Not inherently malicious but breaches user privacy.
• Purpose: Display advertisements.
• Display Methods: Pop-up windows on desktops or inside programs.
• Mobile Infection: Through apps in entertainment and gaming categories.

Adware Infection Signs

• Unexpected changes in browser homepage.
• Incorrect web page displaying.
• Excessive pop-up ads.
• Slow device performance.
• Device crashing.
• Reduced internet speeds.
• Redirected internet searches.
• New toolbar or browser add-ons appearing.

Mobile Adware Infection Signs

• Slow phone performance.
• Slow app loading.
• Quickly draining battery.
• Unknown apps installed.
• Unexplained data usage.
• Higher-than-expected phone bills.
• Frequent ad pop-ups.

Removing Adware

• Create a data backup.
• Download or update security software.
• Uninstall unused programs.
• Use adware removal and cleanup applications.

Spyware

• Spyware: Monitors user actions and collects personal data.
• Installation: Usually installs itself on the user's computer.
• Purpose: Profit by collecting data without user consent.
• Impact: Steals passwords and personal information.

Spyware Types

• Keystroke Loggers: Record user keystrokes to capture sensitive information.
• Screen Capture Programs: Record screen activity.
• Web Browser History Trackers: Track browsing history.
• Packet Sniffers: Monitor network traffic to intercept sensitive information.
• Cookie Droppers: Inject cookies to capture browsing data.

Rootkit

• Rootkit: A type of malware that alters the operating system's functionality stealthily.
• Purpose: To gain unauthorized control over a computer.

Rootkit Capabilities

• Stealthy: Rootkits can hide from traditional security tools.
• Capable: Rootkits can perform various malicious actions.
• Sneaky: Rootkits can spread through deceptive methods like corrupt downloads, spam emails, and exploit kits.

Rootkit Types

• Bootloader Rootkit: Infects the bootloader to gain control before the operating system loads.
• Firmware Rootkit: Hides in firmware making detection difficult.
• Kernel Rootkit: Infects the operating system's kernel, giving attackers significant control.
• Application Rootkit: Modifies files with rootkit code, providing access when infected files are run.
• Memory Rootkit: Resides in RAM, slowing down the computer and performing malicious tasks.

Rootkit Detection and Removal

• System crashes: Rootkits can cause system crashes.
• Software malfunctions: Slowdowns, settings changes, or browser malfunctions.
• Antivirus crashes: Antivirus software may deactivate due to rootkit presence.
• Anti-rootkit scans: Use specialized tools to detect rootkits.

Tips for Staying Safe

• Install antivirus software: Protect your system from malware.
• Keep software up-to-date: Patches fix vulnerabilities.
• Be cautious about downloads: Only download from trusted sources.
• Beware of suspicious emails: Do not open attachments from unknown senders.
• Use strong passwords: Make it harder for attackers to guess your passwords.
• Enable security features: Use firewalls and other security measures.
• Back up your data: Protect your data from loss.
• Be aware of phishing attempts: Recognize and avoid scams.
• Don't click on suspicious links: Only visit trusted websites.
• Stay informed: Keep up with the latest security threats.

Description

This quiz covers the fundamentals of malicious software, commonly known as malware. It explores various types of malware, including computer viruses, worms, and their specific characteristics. Test your knowledge on how these threats operate and the distinct features of non-resident and resident viruses.