Meeting-5

Malicious Software

In computer world, there is also a software which is created to do something bad and to perform criminal intension. This kind of software is called malicious software or malware. Malicious software can be divided into some categories:

a.VIRUS
Virus is a software that can replicate by injecting or infecting its own code into other file. By its way to infect other file, virus can be divided into three categories:

1. Overwriting
A type of computer virus that will copy its own code over the host computer system’s file data, which destroys the original program. After your computer system has been cleaned using an antivirus program, users will need to install the original program again.

2. Appending
A virus that inserts a copy of its malicious code at the end of the file. The goal of an appending virus is not to harm the host program, but to modify it to hold the virus code and then be able to run itself.

3.Prepending
A virus defines the method it uses of infecting files by adding their code to the beginning of the file. By doing this, these viruses ensure that they are activated when an infected file is used.

b.WORM
Worm is also a kind of malicious software. It is different from virus which is worm can not inject of infect other files. A worm is a software which replicates by creating its own copy. And without infecting other file. Worm actually spreads through a network or the Internet using email. Below is a sample of worm called I Love You. Worm I Love You spreads through the Internet as an email attachment.
Usually worm will do something tricky to cheat email receiver. The first is using double file extension. At the left sample, worm I Love You uses two extension, those are TXT.VBS. The second trick is using social engineering. At the above sample, the worm uses a name “I LOVE YOU” which might interested to every email receiver. Who doesn’t need love? So, the effect of these tricks are any body –the email receiver- will click that attachment which is actually a worm code.

c. TROJAN HORSE
Trojan horse is derived from ancient Greek. Trojan Horse is a program that looks like a good program but actually contains destructive code or destructive feature. Trojan horse is different from virus and worm, Trojan horse can not replicate and cannot infect other file.

There are many kind of Trojan horse. Below are some of them:
a. Password stealer
b. Keylogger
c. Fake Program
d. Anonymous emailer
e. Remote monitoring
f. Remote administrator, etc

Komentar Disini