Difference between all sorts of Malicious stuff

swati16

Member
Difference between all sorts of Malicious stuff

Reply with quoteQuote
This tutorial is written by Me (NewAge[X]), and is oriented for Total nawbs

that has no understanding the difference between a Trojan, Worms, Viruses,

Macro Viruses, Polymorphic Viruses, RootKits, Backdoors, LogicBombs and

TimeBombs, Bots and so this make me very angry :|
-----------------

~Trojan:
From Greek mythology, is a term used to describe malware that appears, to

the user, to perform a desirable function but, in fact, facilitates

unauthorized access to the user's computer system. Doesn't spread by itself.

[thX to SERVIC3]

~Worm:
Used for automatic exploitation of computer systems and needs no hacker

interaction. Its like a hellfire, once you start it up, it just spreads and

spreads until someone stops it. Worm itself does malicious stuff and

installs some other piece of virus code, like a Bot. As an Example look up

the "Conficker" worm.

~Virus (or Virii as some call it):
Mainly used for corrupting a computer system, destroying data or taking down

a network or anything else that does something destructible.

~Macro Virus:
Usually comes in a Word or Exel documents, because it is created in a Macro

programming environment, the ones that MS Office has. It has this tiny but

powerful "VB" scripting environment. Doesn't spread.

~Polymorphic Virus:
These kind of viruses can and always does change their "form" and

everything, literally. Their unique engine allows them to become different

in size, name, look and mutated code every time it infects something. This

is more an engine then a Virus.

~RootKit:
This is just basically a "box" that carries out a payload of malicious

codes, already compiled and waiting to be released. When a rootkit gets its

roots into your system, they become very nasty as they hide everything, like

processes, files and more.

~BackDoor:
See [~Trojan] above. Although this sometimes are just a backdoor with no

malicious stuff. It just opens a back door to the system and nothing more.

As an example look up "NetCat".

~LogicBomb:
These are same as [~Virus a.k.a Virii] but with a event watcher attached to

it. So when the specified event occurs, lets say some program pops up a

message dialog, the event viewer reacts and launches the virus.

~TimeBomb:
Same as [~LogicBomb] but instead of a Event watcher it has a ticking clock.

When the clock reaches the specified time or date or both, it launches its

payload.

~Bot:
Some people mistakes them with "BotNet". Bot and BotNet are from the same

category but are completely different things. Bot is a malicious piece of

code that turns your computer into a zombie slave. More realistic

explanation would be that your computer gives the control to the hacker too

by connecting to specified IRC server and being there waiting for commands.

A BotNet is an IRC server channel full of bots connected into one Net so

that a hacker with one command can control all of his bots.
----------------------

Well I think thats about it, hope you got this understanding and won't drive

me crazy Cry if something isn't very correct, please tell me and I'll

correct it.
 
Top