Welcome to 

    mickyj.com

   


















    

     

    

    


Welcome to the mickyj.com Malware Glossary.

Malware Glossary


Adware
Software that downloads and displays advertisements. This type of software is often bundled with 'freeware'. The software end user license agreement may say that by installing the software you agree to accept advertising.

Browser Helper Object (BHO)
Can search all pages you view in Internet Explorer and replace banner advertisements with targeted advertisements, monitor and report on your actions, and change your homepage.

Cracker

A black hat (also called a cracker or Darkside hacker) is a malicious or criminal hacker. This term is seldom used outside of the security industry and by some modern programmers. The general public uses the term hacker to refer to the same thing. In computer jargon the meaning of "hacker" can be much broader. The name comes from the opposite of White Hat hackers.

Usually a Black Hat is a person who uses their knowledge of vulnerabilities and exploits for private gain, rather than revealing them either to the general public or the manufacturer for correction. Many Black Hats promote individual freedom and accessibility over privacy and security[citation needed]. Black Hats may seek to expand holes in systems; any attempts made to patch software are generally done to prevent others from also compromising a system they have already obtained secure control over. A Black Hat hacker may have access to 0-day exploits (private software that exploits security vulnerabilities; 0-day exploits have not been distributed to the public). In the most extreme cases, Black Hats may work to cause damage maliciously, and/or make threats to do so as blackmail.

Black-hat hacking is the act of compromising the security of a system without permission from an authorized party, usually with the intent of accessing computers connected to the network (the somewhat similar activity of defeating copy prevention devices in software - which may or may not be legal depending on the laws of the given country - is actually software cracking). The term cracker was coined by Richard Stallman to provide an alternative to using the existing word hacker for this meaning. Use of the term "cracker" is mostly limited (as is "black hat") to some areas of the computer and security field and even there is considered controversial. One group that refers to themselves as hackers is consist of skilled computer enthusiasts. The other, and more common usage, refers to those who attempt to gain unauthorized access to computer systems. Many members of the first group attempt to convince people that intruders should be called crackers rather than hackers, but the common usage remains ingrained.

Denial-of-Service Attack

An attack on a computer system intended to reduce, or entirely block, the level of service that 'legitimate clients' can receive from that system. These range in scope from network bandwidth wasting and/or swamping through exhausting various machine resources (memory, disk space, thread or process handles, etc) required by the process(es) providing the service. They usually work by exploiting vulnerabilities that eventually crash the service process or the underlying system. Although not commonly associated with viruses, denial-of-service components are included in some viral payload routines.

Dialer
Software that dials a phone number. Some dialers connect to local Internet Service Providers and are beneficial as configured. Others connect to toll numbers without user awareness or permission.

Hacker
A hacker is a person who creates and modifies computer software and computer hardware, including computer programming, administration, and security-related items. The term usually bears strong connotations, but may be either positive or negative depending on cultural context (see the Hacker definition controversy).

In computer programming, a hacker is a programmer who hacks or reaches a goal by employing a series of modifications to exploit or extend existing code or resources. For some, hacker has a negative connotation and refers to a person who "hacks" or uses kludges to accomplish programming tasks that are ugly, inelegant, and inefficient. This negative form of the noun "hack" is even used among users of the positive sense of "hacker".

In computer security, a hacker is a person who specializes in work with the security mechanisms for computer and network systems. While including those who endeavor to strengthen such mechanisms, it more often is used (especially in the mass media) to refer to those who seek access despite them.

Hijacker
Any software that resets your browser's settings to point to other sites. Hijackers may re-route your information and address requests through an unseen site, capturing that information. In such hijacks, your browser may behave normally, but be slower.
 

Homepage Hijacker
Any software that changes your browser's homepage to a different site. Hijackers may re-route your information and address requests through an unseen site, capturing that information. In such hijacks, your browser may behave normally, but be slower.

Error Hijacker
Any software that resets your browser's settings to display a new error page when a requested URL is not found. Hijackers may re-route your information and address requests through an unseen site, capturing that information. In such hijacks, your browser may behave normally, but be slower.

Search Hijacker
Any software that resets your browser's settings to point to other sites when you perform a search. Hijacks may re-route your information and address requests through an unseen site, capturing that information. In such hijacks, your browser may behave normally, but be slower. In addition, search results when such a hijacker is running will sometimes differ from non-hijacked results.


Keylogger
Any program that records keystrokes. The term tends to be mainly used for programs that surreptitiously record keystrokes and then make the log of keyboard activity available to someone other than the logged user(s). Commonly these log files are emailed to the person who planted the logging software, but on public access machines (in cyber-cafes, school and university computer labs, etc .) that level of sophistication is not necessary as the 'attacker' can simply access the log file from the compromised machine at a later date, revealing usernames and passwords for accessing other systems and other potentially sensitive information. Although more common in Trojan Horse programs and Remote Access Trojans, keyloggers are sometimes used in the payloads of viruses.

Malware
Malicious software. A catch-all term for 'programs that do bad or unwanted things'. Generally, viruses, worms and Trojans will all be classed as Malware, but several other types of programs may also be included under the term.

Malvertisements

Malvertisements hand up all kinds of malware onto your PC via flash advertrisments. Make sure you have the latest version of flash installed on your PC.

P2P
Any peer-to-peer file swapping program, such as Audio galaxy, Bear share, Blubster, E-Mule, Gnucleus, Grokster, Imesh, KaZaa, KaZaa Lite, Limewire, Morpheus, Shareaza, WinMX and Xolox. Can degrade system performance and consume vast amounts of storage. May create security issues as outsiders are granted access to internal files. Often bundled with Adware or Spyware.

Password Cracker
A tool to decrypt a password or password file. Password crackers have legitimate uses by security administrators, who want to find weak passwords in order to change them and improve system security, but can be used maliciously.

Phising

In computing, phishing is a form of criminal activity using social engineering techniques. Phishers attempt to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication. Phishing is typically carried out using email or an instant message. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, and technical measures.

The first recorded mention of phishing is on the alt.2600 hacker newsgroup in January 1996, although the term may have appeared even earlier in the print edition of the hacker magazine 2600[1]. The term phishing is a portmanteau of password harvesting[2] and alludes to the use of increasingly sophisticated lures to "fish" for users' financial information and passwords.
Also see Vishing

Phreaking
Phreaking is a slang term coined to describe the activity of a subculture of people who study, experiment with, or exploit telephones, the telephone company, and systems connected to or composing the Public Switched Telephone Network (PSTN) for the purposes of hobby or utility. The term "phreak" is a portmanteau of the words "phone" and "freak." It may also refer to the use of various audio frequencies to manipulate a phone system. "Phreak", "phreaker", or "phone phreak" are names used by and towards people who participate in phreaking. It is often considered similar, and therefore grouped in category with computer hacking. This is sometimes called the H/P culture (with H standing for Hacking and P standing for Phreaking).


Remote Administration Tool
There are legitimate remote administration tools included with many network management products, with helpdesk and other support software. These are installed with the system administrator's knowledge and consent (although not necessarily with that of the end-user s). Many programs that are clearly designed to spy on unsuspecting users are referred to as 'remote administration tools' in an attempt (usually by their writers, resellers, agents, etc) to legitimize them. These tools usually have 'silent' installation modes and such ‘useful ’ administration functions have as the ability to repeatedly open and close the CD-ROM tray of the 'administered' machine.

Remote Access Trojan
A program that surreptitiously allows access to a computer's resources (files, network connections, configuration information, etc) via a network connection. Legitimate programs used by system administrators or helpdesk support are useful and necessary in a corporate environment. However, in the wrong hands, it gives someone complete control over your PC, as if they were at your keyboard.
 

Rootkit

A program that fraudulently gains or maintains administrator level access that may also execute in a manner that prevents detection. Rootkits are generally difficult to detect as their aim is to gain access stealthily. It is a type of Trojan that keeps itself, other files, registry keys and network connections hidden from detection. Normally a rootkit is not dangerous. It is the stealthy part of the Malware. It's payload which is then hidden, is usually very dangerous. Antivirus programs have great difficulty in finding Rootkits as the files are so well hidden that even the space they take up on a drive, is invisible. Normally Windows, Dos tools, Safe mode and other forms of interrogation are forced into believing the file, service or registry keys are not there.

Spyware Cookie
Any cookie that is shared among two or more unrelated websites for the purpose of gathering and sharing private user information.

Spyware
A program that gathers information and can be 'silently' installed and run in 'stealth' mode. This kind of software is used to gather information from a user's machine, such as recorded keystrokes (passwords), a list of websites visited by the user, applications installed on the machine, the version of operating system, registry settings, etc.

Tracking Cookie
Any cookie that is shared among two or more web pages for the purpose of tracking a user's surfing history.

 

Trojan

See Remote Access Trojan

Vishing
Relying on emails to obtain bank details as in phishing, a new variant has stated to appear known as 'vishing'. This relies on and inherent capability of Voice over Internet Protocol (VoIP) telephony to provide local telephone banks. A classic attack targeted customers of the Santa Barbara Bank and Trust in California. They received an email requesting a call be made to an apparently local telephone number.

Customers who responded heard a recorded message asking them to enter their account details.

Any Internet telephony service, including Skype, has the capability to provide a telephone number that appears to be based elsewhere. So a British business could boast a London dial-in number even if it is based in Plymouth, for example.

So it wouldn't be hard to obtain a VoIP number that looked like it was in Santa Monica. There are also reports a similar vishing attack asking for details of recipients'' Paypal accounts

 

 

     ( )

 

 

 

 

                                                                                               This page was written and designed by Michael Jenkin 2011 ©