Adware (advertising-supported software) is any software
application which automatically plays, displays, or downloads
advertising material to a user’s computer without users knowing
it, or with their partial assistance. Typical features are
pop-up windows or banners, persuasions to set web page as a home
page, etc. Some adware enter the program with user’s permission,
because in order to use the program, you have to accept presence
of advertising materials.
Backdoor
Backdoor is a client-server type of application allowing remote
access to a computer. The difference from common legitimate
application with similar function is that the installation is
done without user’s knowledge.
Boot sector
Boot sector viruses attack boot sector of a hard disc to make
sure that they run every time the computer is started. It is
relatively older group of viruses.
Dialer
Dialer is a program designed to redirect user’s telephone
connection to the Internet to some premium rate number. These
programs can be used legally when paying for Internet services,
but fraudulent dialers are often used for redirecting without
user knowing it.
File viruses
File viruses – use individual files as hosts. Generally, these
are always executable files, because the aim of malicious code
is its replication. Most frequent are viruses with “.COM“,
“:EXE“, “.BAT“ or “.SYS“ extension.
HLL viruses
HLL (High Level Languages) are viruses created in high level
programming languages as Pascal, C, C++, Delphi, Basic or Visual
Basic. Common viruses are created in assembler, but HLL viruses
are more massive and to analyze them is very complicated. The
detection by heuristic analyses is almost impossible.
Hoax
Hoax (rumor) – There are many hoaxes sent via emails, spreading
only thanks to human endeavor. The only way how to defend from
hoaxes is heightened caution. Hoaxes are the most common with
trustworthy companies ( “Microsoft warns…”, “CNN announced…”,
etc.) They often inform about catastrophic consequences, e.g.
devastating new viruses. What these messages have in common, is
appeal for immediate forwarding to other users. This is how
hoaxes are spread.
Macroviruses
Microviruses – are Macros able to copy themselves from one
document to another. So called macros are common parts of
applications in office packages and they can positively enlarge
their functionality. But they are programmable in common
languages and thus can manipulate with application data, or
modify other data in computer. Viruses especially written for
specific application can be spread basically only on this
application. Therefore the malicious code authors are searching
generally spread applications. These conditions fulfill
especially programs from Microsoft Office package, like Word or
Excel.
Overwriting viruses
Overwriting viruses are the simplest forms of infection. The
original code is deleted and substituted by new, malicious code.
Upon execution of the infected file the virus is executed as
well and it can try to replicate again.
Parasitic viruses
Parasitic viruses – they attach themselves to executable file as
a host leaving the contents of the host program unchanged, but
attaching to the host in such a way that the virus code is run
first. When the file is infected, upon execution it runs the
virus as well.
Phishing
Phishing is a form of criminal activity using techniques of so
called social engineering. It is characterized by attempts to
fraudulently acquire sensitive information, e.g. password, or
credit card details, by masquerading as a trustworthy person or
business in an apparently official email. Obtaining this type of
personal data is very attractive because it allows an attacker
to impersonate their victims and make fraudulent financial
transactions.
Retroviruses
Retroviruses are malicious applications trying to disable,
delete or deactivate antivirus systems.
Riskware
Riskware as a term includes all applications that upon execution
comprise some security risk. Similar to spyware or adware
installation, their installation can be approved in license
agreement when installing the program. Dialers can be considered
as a good example.
Rootkit
Rootkit is a special type of infiltration able to hide its
“root” on the infected systemwithout system administrator even
seeing it and thus escape detection. Usually it’s a malicious
code package enabling attacker to exploit vulnerabilities in the
system and gain full control over infected (rooted) computer.
The most important thing with rootkits is the prevention – the
ability to stop the infiltration proactively when trying to
infiltrate into the system, before it is executed. After
execution a rootkit is able to make itself “invisible” and thus
exploited user gains false feeling of security.
Social
engineering
Social engineering is a way of gaining personal information by
deception. This method commonly uses telephones or the Internet,
exploiting the gullibility by masquerading as a trustworthy
business or institution.
Spyware
Spyware is a program using Internet to send various user’s data
without his prior knowledge. Similarly to adware, accepting the
license agreement can be a part of a free program. Spyware
usually sends statistical data as information about installed
programs, visited sites, etc. Acquired information is usually
exploited for commercial gain.
Trojan horse
Trojan horse (sometimes called Trojan) is malicious program.
Unlike viruses or worms, it is not able to replicate and infect
files on its own. Most often it exists in a form of executable
file with .EXE or .COM extension. Basically file itself doesn’t
contain anything except malicious code. The most effective
method of cleaning is very simple; deletion. Trojans can also
pretend to be useful programs. This type of infiltration has
various functions ranging from sending keyloggers to file
deletion (e.g. to format a disc).It has also special function –
installing of so called backdoor.
Virus
Virus is a program able to self-replicate. It spreads by
inserting copies of itself into other executable files and
ensures their execution. The name is derived from similarity to
behavior of biological viruses. Virus can get to your computer
mainly through usage of the Internet. Additionally, viruses can
spread to other computers by infecting files on LAN or when
copying from data medium like floppy disc, CD, DVD, etc. There
are file viruses, thus individual malicious programs, boot
viruses, which attack boot sector of a hard disc to make sure
that they run every time the computer is started and
macroviruses, which are most often a part of documents with .DOC
and .XLS extension.
Viruses can be further divided into two types, on the basis
of their behavior when they get executed. Whereas non-resident
viruses are started upon execution of infected object, a
resident virus loads itself into memory on execution and
transfers control to the host program. The virus stays active in
the background and infects new hosts when those files are
accessed.
Worm
Worm is an independent self-replicating program spreading its
copies via Internet or LAN. Traditional viruses are passive and
cannot propagate themselves whereas worms can. A worm uses a
network to send copies of itself to other systems, or on the
lower level it uses vulnerabilities of the operation system. A
worm is able to carry other malicious programs, which can
perform various malicious activities, e.g. to install a backdoor
in an infected computer. Even without this payload a worm is
able to cause severe damage when enormously increasing the
Internet traffic. As a matter of Internet expansion, a worm is
able to be distributed worldwide within few hours. Side effects
can be the complete congestion of network, including the
businesses’ LANs
ESET Online Scanner
Try our free online scanner to find out what
viruses, spyware and other malware your current antivirus
solution let slip through!
