1. VirusesWe all know about virus infections that can cripple computers, bring down networks, and steal our information. I’m sure we’ve all experienced this at one time or another, but little has been written about Parasites other than Spy-Ware or Ad-Ware. Parasites are not viruses and therefore will not show up on virus scans unless the anti-virus software you use specifically targets these in addition to viruses. Parasites include infections such as:
2. Parasites
1. Ad-Ware
2. Spy-Ware and Key-Loggers
3. Mal-Ware (malicious)
4. Trojan Horses
5. Hijackers
6. Worms
Spy-Ware and Ad-Ware are two of the most commonly known infections.
Ad-Ware installs itself within your Internet Browser to keep track of what Internet sites you visit (builds a profile of your surfing habits) and reports these back to its creator; most likely an Internet marketing company. We’ve all seen these types of “browser helpers” suddenly show up on our Internet Browser tool bars offering quick searches, current whether information, news headlines, and others. For advertisers this information is used in many ways and helps them determine how successful their products or services are, how many people access, buy, and use these products or services, and keeps a tab on the competition. Unfortunately, these marketing companies download your surfing profile onto your computer and begin a series of specific “pop-ups” design to interest you while browsing the Internet. Pop-ups are not as prevalent today as they were in years past due mostly to pop-up blockers.
Spy-Ware is an infection that is installed through browser helpers (as discussed above), but instead of keeping track of marketing trends this infection allows others to keep track of where you’ve been for the purpose of gathering personal data. If significant, this data can be used to steal personal information for the purposes of identity theft. If you combine a Spy-Ware with a Key-Logger infection, then you have real troubles.
Key-Logger (also known as Keystroke-Logger) is a very dangerous infection that keeps track of what you type in for the purposes of identifying bank account numbers, credit card numbers, social security numbers, names, addresses, telephone numbers, and more. While most of the sites you visit or buy from today have secured and encrypted web sites (look for the gold padlock in the browsers lower-right corner), there are still some sites that do not secure your information and still others who use these sites steal your identity (see my write-up on Phising). Mal-Ware is simply malicious. This type of infection, while not terribly dangerous, is annoying it can cost you time and money in order to rid it from your computer. The trademark of a Mal-Ware infection is usually related to:
1. Loss of audio/sound on your computer
2. Disabled devices such as a DVD or CD player
3. Removal of critical system drivers
4. Critical system software (such as DLL files) removed or renamed which causes you to perform a system restore or full system recovery
A Trojan Horse infection is a clever vehicle used by infectors for delivering underlying infections as its name implies.
A Trojan will embed itself deep within your system files and will release its payload (infection) when your computer next starts up. You may have experienced one when your anti-virus software runs, finds a virus, and quarantines the infection only to have it return once you have restarted your computer. Subsequent cleaning of the infection will continue after each restart until you locate and destroy the Trojan as well. A Trojan is the most difficult infection to clean out manually in that the Trojan’s name is not the name of the infection(s) it releases. Therefore you can remove the Trojan and still have the infection or visa-versa.
A Hijacker can infect you through a direct download from an infected web site or email, and it may be accompanied by a Worm (see below). The purpose for a Hijacker is to take either full or partial control of your computer. In one case I witnessed the Hijacker goes into a company computer, changed all the root passwords to the servers and network devices, setup a private network to him/her and began working away. Of course working away could mean simply using your computer’s CPU power for their own purpose, copying sensitive and confidential information off the servers, installing worms that crawl through the network infecting desktop computers, or simply using your computing power to distribute Spam or other infections. A second case involved a home computer that downloaded a remote terminal service, established a private connection to the Internet, changed the passwords to their Outlook email, and began using their computer to send out Spam. To get rid of the Hijacker means disconnecting from the Internet, shutting down all network gear, restoring each server/computer back to a prior date or performing a full system recovery on each, and setting network gear back to factory defaults and reprogramming; very time consuming and (in the case of the company above) very costly.
A Worm is an infection (utility) used by infectors to populate itself and its infection. Once found, a worm is nasty infection to eradicate and in most cases it’s already too late by the time you realize it’s been there. Worms can populate viruses, Trojan Horses, Hijackers, and other infections quickly and quietly. Although Worms are typically network related they have also been found to be the culprit behind Outlook infections using ones own Address Book to distribute itself.
ITC Computer Services of Arizona
Office/Fax: 602-375-7934
Mobile: 602-684-7501
Web Site: www.itcaz.com
Email: mike@itcaz.com
No comments:
Post a Comment