Malicious Software Info

Definition of viruses, worms, hoaxes and Trojans

Virus: A program that copies itself into another program, sectors on a drive, or items that support scripts. Most viruses only copy themselves, while a minority unleash a payload, which is the action generated by the virus. Payloads can damage files, corrupt hard drives, display messages, or open other files. Typically, the payload is delivered when a certain condition occurs, such as when the date on the computer reaches a particular day.

Virus variant: A virus that has been altered to take advantage of already created virus code. By doing this, the virus is not immediately detected by antivirus software looking for the original virus.

Worm: A more effective form of virus that finds vulnerable systems and then copies itself into those systems. The most frequent methods of propagation are from email distribution lists, email signature scripts, and shared folders on the network. Worms may or may not have a damaging payload. Currently the typical payload for a worm is making the computer more susceptible to other malicious viruses.

Superworm: A worm that sends itself out to other vulnerable systems only after it has detected many systems and made a "list." All infected computers send at roughly the same time. This makes virus detection more difficult and greatly increases the number of computers it can infect in less time.

Hoax: An email that usually states that it is harming the computer, but does not actually perform what it states. Some hoaxes ask the reader of the email to perform a damaging process, like deleting an important file. Most hoaxes are spread by well-meaning individuals hoping to alert others to a potential virus that in reality is just a hoax.

Trojan or Trojan Horse: A Trojan or Trojan Horse is a program generally designed to impact the security of a system. The program is usually disguised as something else (a benign program) or is masqueraded as a legitimate file that the user would expect to see, or want to load, on the system. The payload of a Trojan is usually delivered as soon as it is opened and usually with devastating results.

Backdoor Trojan: A backdoor trojan differs from a trojan in that it also opens a backdoor to your system. They’re also sometimes call Remote Access Trojans (RAT). These are the most widespread and also the most dangerous type of trojan. They are so dangerous because the have the potential to allow remote administration of your system. As if a hacker were sitting at your keyboard, only worse. There’s almost no limit to what they can do. Some common uses:

 Use your system and Internet connection to send   spam.

(yes, the majority of spam is now generated by infected systems).

Steal your online and offline passwords, credit card numbers, address, phone number, and other information stored on your computer that could be used for identity theft, or other financial fraud.

Log your activity, read email, view and download contents of documents, pictures, videos and other private data.

Use your computer and Internet connection, in conjunction with others to launch Distributed Denial of Service (DDoS) attacks. Modify system files, disable antivirus, delete files, change system settings, to cover tracks, or just to wreak havoc.

Phishing: phishers lure users to a phony web site, usually by sending them an authentic-appearing email. Once at the fake site, users are tricked into divulging a variety of private information, such as passwords and account numbers.

Pharming: pharming allows hackers to redirect one website's traffic to another website. At the bogus site, the pharmer uses his old phishing tricks to obtain sensitive data and IDs from users. Pharming is a particularly virulent threat.

Spyware: spyware invades a computer then, as its name implies, monitors a user's activities without consent. Despite much press over the past year, spyware continues to infect millions of computers every year. Insidious and devious, spyware can be difficult to purge even when detected.

Zombie drones: zombie drones allow hackers to turn third-party computers into remote spamming machines. As a result, a user may play an unwitting role in propagating spam.