Time bombs are a subclass of logic bombs that " explode " at a certain time. Some of the first viruses, written in the 1980s, were time bombs. For example, the infamous " Friday the 13th " virus was a time bomb; it duplicated itself every Friday and on the 13th of the month, causing system slowdown. In addition, on every Friday the 13th it also corrupted all available disks.
The Michelangelo virus from the early 1990s - one of the first viruses to make it into public consciousness because of news coverage - tried to damage hard disk directories on the 6th of March. The Win32.Kriz.3862 virus, discovered in 1999, detonates on Christmas day; its payload includes massive overwriting of data on all data storage units and also damage to the BIO
In 2000, a
The indictment charged that he inserted a programmatic time bomb into a risk model on which he worked as a programmer; the trigger date was July 2000. The unauthorized code was discovered by other programmers, who apparently had to spend months repairing the program because of the unauthorized changes the defendant allegedly inserted.
Logic bombs can be installed on a victim's system from outside, too. Many buffer overflows allow what the alert agencies (e.g., CERT/CC) call " execution of arbitrary code. " It is possible for malicious code (e.g., ActiveX, Java, and even HTML) to cause external code to be downloaded to a victimized machine; at that point, anything can happen. Not only can malicious programs take immediate action (e.g., sending spam with forged headers), but they can also lie quiescent until specific conditions are met - that is, they can be logic bombs
The Trojan horse, also known as trojan, in the context of computers and softwares describes a class of computer threats (malware) that appears to perform a desirable function but in fact performs undisclosed malicious functions that allow unauthorized access to the host machine, giving them the ability to save their files on the user's computer or even watch the user's screen and control the computer.
Trojan horses (often just called Trojans) are programs that must be installed or executed by a user to be effective. Often, these are disguised as helpful or entertaining programs which can include operating system patches, Linux packages, or games. Once executed, however, Trojans perform actions the user did not intend such as opening certain ports for later intruder access, replacing certain files with other malicious files, and so on.
Trojan Horses (not technically a virus) can be easily and unwittingly downloaded. For example, if a computer game is designed such that, when executed by the user, it opens a back door that allows a hacker to control the computer of the user, then the computer game is said to be a Trojan horse.
Worms are programs which reproduce by copying themselves over and over, system to system, using up resources and sometimes slowing down the systems. They are self contained and use the networks to spread, in much the same way viruses use files to spread.
A computer worm is a self-replicating computer program. It uses a network to send copies of itself to other nodes (computers on the network) and it may do so without any user intervention. Unlike a virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, if only by consuming bandwidth, whereas viruses almost always corrupt or devour files on a targeted computer.
Many worms that have been created are only designed to spread, and don't attempt to alter the systems they pass through. However, as the Morris worm and Mydoom showed, the network traffic and other unintended effects can often cause major disruption. A "payload" is code designed to do more than spread the worm - it might delete files on a host system (e.g., the ExploreZip worm), encrypt files in acryptoviral extortion attack, or send documents via e-mail.
Backdoors can be exploited by other malware, including worms. Examples include Doomjuice, which spreads better using the backdoor opened by Mydoom, and at least one instance of malware taking advantage of the rootkit and backdoor installed by the Sony/BMG DRM software utilized by millions of music CDs prior to late 2005.
No comments:
Post a Comment