Malware: Difference between revisions
imported>Ched Davis (add ref for def.) |
mNo edit summary |
||
(18 intermediate revisions by 6 users not shown) | |||
Line 1: | Line 1: | ||
{{subpages}} | {{subpages}} | ||
Malware is a term used in the [[computer]] field to describe "'''Mal'''icious Soft'''ware'''". | Malware is a term used in the [[computer]] field to describe "'''Mal'''icious Soft'''ware'''". Malware is an inclusive term that was coined to describe [[virus (computers)|viruses]], [[spyware]], [[worm (computers)|worms]], [[rootkit (computers)|rootkits]], [[Trojan_(computers)|trojans]], [[nagware]], and [[scareware]]. Due to the rapidly changing landscape of deliberately malicious software, many people will use the term "malware" to describe a general problem or threat that exists in the computer field and on the Internet. It is often difficult to distinguish (and explain), the subtle differences between worms, trojans, viruses, and other threats which reduce the productivity of a computer or compromise the security of a [[computer network|networked]] system. A much rarer alternate term is "scumware", a comment on the scum who write such programs. | ||
Malware need not execute on the user's computer, but may be software installed on another computer, which, in the course of a seemingly innocent interaction, causes the user or the user's computer to take action to the detriment of the user computer. [[Phishing]], for example, is a scheme where a user is induced to go to an apparently legitimate website, which prompts the user for sensitive information, such as a credit card number, which is then misused. | Malware need not execute on the user's computer, but may be software installed on another computer, which, in the course of a seemingly innocent interaction, causes the user or the user's computer to take action to the detriment of the user computer. [[Phishing]], for example, is a scheme where a user is induced to go to an apparently legitimate website, which prompts the user for sensitive information, such as a credit card number, which is then misused. | ||
The term malware can be used to describe a program that is as harmless as an annoying pop-up box that attempts to direct a user to a website in order to increase the | The term malware can be used to describe a program that is as harmless as an annoying pop-up box that attempts to direct a user to a website in order to increase the website's traffic. | ||
== Why it exists == | |||
Originally, malware began as a purely amateur effort, with rewards to its developer being notoriety in [[miscreant]] circles, as well as the intellectual challenge of developing it. While creating software that did damage was a violation of the traditional [[Hacker#hacker ethic|hacker ethic]], things could be blurry. One of the best-known early pieces of malware, the [[Morris worm]], may not have been deliberately malicious, but its developer did not expect it to have such a major impact or reproduce as quickly. | |||
Some malware developers saw their role as crusading for a good: demonstrating vulnerabilities that the original software developers would not or could not fix. | |||
It is not a given that people that spread, as opposed to created, malware are technically sophisticated. Some talented if misguided individuals would develop easy-to-use malware generators, which would then be made available, in places such as clandestine bulletin boards, to members of the miscreant community. A developer gained social status if large numbers of "[[script kiddie]]s", who were capable of running the attack script but not capable of creating it, used the "product". | |||
Eventually, however, a good deal of malware was created for pure economic benefit of the developer. Certain classes would steal financially valuable information, such as credit card numbers or the access codes to long-distance telephone systems. At least one security expert has analyzed the economics of this.<ref>{{citation | |||
| author= [[Peter Gutmann]] | |||
| title = The Commercial Malware Industry | |||
| url = http://www.cs.auckland.ac.nz/~pgut001/pubs/malware_biz.pdf | |||
}}</ref> | |||
Other classes caused indirect benefits: if Websites were compensated by the number of hits they received, perhaps to view advertising on them, anything that could lure unsuspecting users to the sites increased the compensation of the site operators. Other forms, seen most often with [[spam (e-mail)]], might stimulate stock market activity on a specific security, activity from which speculators had planned to profit. Yet other forms are "protection rackets", demanding money not to damage systems, or perhaps to disclose confidential data stored on them. | |||
Some malware is created as a form of political protest. This does get into a blurry area of definition: is an attack on a specific web page or class of pages, by an individual or group with an objective, truly malware if the attack software is part of an overall strategy? Is malware limited to computer pathogens that are released without real knowledge of how they will propagate? | |||
== Corporate malware == | |||
It is not uncommon for corporations to install dangerous software on customers' machines. The best-known example was the [[Digital_rights_management#The_Sony_rootkit|Sony rootkit]], a [[DRM]] system automatically installed on any Windows computer which played certain music CDs. Recently a tracking system used by many mobile phone carriers has come to light [http://www.wired.com/threatlevel/2011/11/rootkit-brouhaha/][http://www.xda-developers.com/android/more-on-carrier-iq/]. | |||
== Protection == | == Protection == | ||
The protection against malware can exist on several levels. The first level of protection should center around the education of the user, and how good computing habits can help prevent a system or network from being infected or compromised. An educated user may consider the line of defense to be installing an [[anti-virus (computers)|anti-virus]] program. <ref name=" | The protection against malware can exist on several levels. The first level of protection should center around the education of the user, and how good computing habits can help prevent a system or network from being infected or compromised. An educated user may consider the first line of defense against malware to be installing an [[anti-virus (computers)|anti-virus]] program. <ref name="msmalware"> {{cite web | url=http://www.microsoft.com/technet/security/alerts/info/malware.mspx | title=Defining Malware: FAQ | author=microsoft.com }}</ref> Additional steps that enhance a computers protection include the activation or installation of a [[firewall (computer)|firewall]], maintaining and up-to-date [[web browser]], plugging any operating system (OS) security risks with patches and updates, and avoiding potentially hazardous web-sites and downloads. | ||
Anti-virus packages come in many forms and provide varying degrees of protection. There are free anti-virus (AV) packages which offer only virus protection and scanning abilities, and entire protection suites which provide additional components such as firewall, spyware protection, phishing protection, and email spam protection. Those who opt for the simple single purpose or free AV packages, may wish to download additional spyware detection and removal programs. | Anti-virus packages come in many forms and provide varying degrees of protection. There are free anti-virus (AV) packages which offer only virus protection and scanning abilities, and entire protection suites which provide additional components such as firewall, spyware protection, phishing protection, and email spam protection. Those who opt for the simple single purpose or free AV packages, may wish to download additional spyware detection and removal programs. | ||
== References == | == References == | ||
<references/> | <references/>[[Category:Suggestion Bot Tag]] |
Latest revision as of 11:00, 15 September 2024
Malware is a term used in the computer field to describe "Malicious Software". Malware is an inclusive term that was coined to describe viruses, spyware, worms, rootkits, trojans, nagware, and scareware. Due to the rapidly changing landscape of deliberately malicious software, many people will use the term "malware" to describe a general problem or threat that exists in the computer field and on the Internet. It is often difficult to distinguish (and explain), the subtle differences between worms, trojans, viruses, and other threats which reduce the productivity of a computer or compromise the security of a networked system. A much rarer alternate term is "scumware", a comment on the scum who write such programs.
Malware need not execute on the user's computer, but may be software installed on another computer, which, in the course of a seemingly innocent interaction, causes the user or the user's computer to take action to the detriment of the user computer. Phishing, for example, is a scheme where a user is induced to go to an apparently legitimate website, which prompts the user for sensitive information, such as a credit card number, which is then misused.
The term malware can be used to describe a program that is as harmless as an annoying pop-up box that attempts to direct a user to a website in order to increase the website's traffic.
Why it exists
Originally, malware began as a purely amateur effort, with rewards to its developer being notoriety in miscreant circles, as well as the intellectual challenge of developing it. While creating software that did damage was a violation of the traditional hacker ethic, things could be blurry. One of the best-known early pieces of malware, the Morris worm, may not have been deliberately malicious, but its developer did not expect it to have such a major impact or reproduce as quickly.
Some malware developers saw their role as crusading for a good: demonstrating vulnerabilities that the original software developers would not or could not fix.
It is not a given that people that spread, as opposed to created, malware are technically sophisticated. Some talented if misguided individuals would develop easy-to-use malware generators, which would then be made available, in places such as clandestine bulletin boards, to members of the miscreant community. A developer gained social status if large numbers of "script kiddies", who were capable of running the attack script but not capable of creating it, used the "product".
Eventually, however, a good deal of malware was created for pure economic benefit of the developer. Certain classes would steal financially valuable information, such as credit card numbers or the access codes to long-distance telephone systems. At least one security expert has analyzed the economics of this.[1]
Other classes caused indirect benefits: if Websites were compensated by the number of hits they received, perhaps to view advertising on them, anything that could lure unsuspecting users to the sites increased the compensation of the site operators. Other forms, seen most often with spam (e-mail), might stimulate stock market activity on a specific security, activity from which speculators had planned to profit. Yet other forms are "protection rackets", demanding money not to damage systems, or perhaps to disclose confidential data stored on them.
Some malware is created as a form of political protest. This does get into a blurry area of definition: is an attack on a specific web page or class of pages, by an individual or group with an objective, truly malware if the attack software is part of an overall strategy? Is malware limited to computer pathogens that are released without real knowledge of how they will propagate?
Corporate malware
It is not uncommon for corporations to install dangerous software on customers' machines. The best-known example was the Sony rootkit, a DRM system automatically installed on any Windows computer which played certain music CDs. Recently a tracking system used by many mobile phone carriers has come to light [1][2].
Protection
The protection against malware can exist on several levels. The first level of protection should center around the education of the user, and how good computing habits can help prevent a system or network from being infected or compromised. An educated user may consider the first line of defense against malware to be installing an anti-virus program. [2] Additional steps that enhance a computers protection include the activation or installation of a firewall, maintaining and up-to-date web browser, plugging any operating system (OS) security risks with patches and updates, and avoiding potentially hazardous web-sites and downloads.
Anti-virus packages come in many forms and provide varying degrees of protection. There are free anti-virus (AV) packages which offer only virus protection and scanning abilities, and entire protection suites which provide additional components such as firewall, spyware protection, phishing protection, and email spam protection. Those who opt for the simple single purpose or free AV packages, may wish to download additional spyware detection and removal programs.
References
- ↑ Peter Gutmann, The Commercial Malware Industry
- ↑ microsoft.com. Defining Malware: FAQ.