Skip to content

Malware – CompTIA Security+ Lesson 23

Malware is software used to gain access to data using weaknesses and exploit it. A brief introduction to software exploitation.

To gain access to data malware uses weaknesses in data access object of databases or flaws in services and appliactions.

Commonly encountered malware

Spyware

Spyware often works on behalf of a third party and is spread by users who ask for it:
They download software, visit infected sites, etc…

This malware monitors the user’s activity and repots it to another party. It is used to gather informations such as credit card numbers, passwords and other personal data.

One thing that separates spyware from most other malware: It almost always exists to provide commercial gain.

Microsofts OS’s are the ones most affected by it.

Adware

This malware mainly delivers ads to the target. The primary purpose is to generate revenue for the creator.

For me, most free apps are kinda like malware…

Rootkits

Rootkits are software with the ability to hide certain things from the OS. There could be several processes running on a system or connections established that cannot be seen with the task manager or in netstat.

Rootkits could hide anywhere on the system where there is enough memory: GPU’s, PCI cards, …

Or to quote LLoyd from Mr. Robot:

Angela Moss: What's a rootkit? Lloyd: It's like a crazy serial rapist with a very big dick.

Many rootkits get around antivirus and antispyware. The best defence against it, is to catch the rootkit in the process of installation.

Trojan horses

If you’re familiar with the trojan horse from the greek history you can imagine what this malware does:

It enters your system under a disguise of another program.

The trojan horse could then create a backdoor for attackers. They can be used to compromise the security of a system or network.

It’s possible for a trojan horse to not be detected for years.

Immediately before and after you install a new software or OS, back it up. If you then suspect a trojan horse, you can reinstall the original programs to delete the trojan horse.

 

That’s all folks, if you liked this post let me know with a comment, and I will make another article about malware.

If you didn’t like it, let me know, too!

Published inCompTIA Security+

Be First to Comment

Leave a Reply

%d bloggers like this: