File Viruses: infect executable files or BAT files.System or Boot Viruses: move actual Master Boot Record (MBR) from its actual location, the virus responds from the original location of MBR when the system boots, it executes the virus first. Normally, viruses require a triggering action to infect, but they can also have configured to infect upon certain predefined conditions. They can enter the operating system through removable drives or any digital media. These viruses spread by reproducing and infecting programs, documents or email attachments. It can be launched when user execute an infected program. Elimination: update the anti-virus, virus eliminatedĭuring infection phase, virus planted on a target system, replicate itself onto an executable file.Incorporation: developers design a defensive code.Detection: the behavior of a virus is observed, the virus is identified.Launch: user accidentally launch the infected program.Replication: after the virus is deployed, it will start to spread itself.Design: develop virus from scratch or using construction kits.The virus is a self-replicating program, it is capable of producing multiple copies by attaching with another program. Scanning for suspicious files and folders.Scanning for suspicious start-up programs.Scanning for suspicious Windows services.Scanning for suspicious registry entries.Scanning for suspicious network activities.Install / update security softwares and anti-viruses.Avoid to click on suspected email attachments.Attacker can monitor user, access information, alter files, etc.RAT includes a back door to maintain the access and control over the victim.RAT allows the attacker to get remote desktop access to the victim's computer.Attacker use this to hide the actual source of the attack.Proxy Server Trojans turns the compromised system into a proxy server.Used to launch distributed attacks, like DDoS, spamming.Botnets controlled by Command and Control Center.Botnet is a large scale of compromised system, they spread over the world.HTTP/HTTPS Trojans create a http/https tunnel to communicate.Defacement Trojans allow attacker to view, edit and extract information, for example User-Styled Custom Application.Command Shell Trojans provide a remote control of command shell (i.e.The basic purpose is to encrypt, obfuscate and manipulate the malware.īy using crypter, it becomes more difficult to detect.Ĭrypter is used while creating the trojan.Īn attacker is upload the trojan on a server, where it can be downloaded immediately when the victim clicks on the link Types of trojans Command Shell Trojans Wrappers often popular executable files, like games, music, etc. Wrapper binds malicious file in order to create and propagate the trojan along with it to avoid detection. Trojans created by using construction kits can avoid detection from virus and trojan scanning.ĭropper is a program that is designed to deliver a payload on the target machine, install the malware without being detected. Trojan Construction Kit allow attacker to create their own trojan. Misleads from its true intention and wait for the best time to attack.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |