Jump to content

The Computer Revolution/Malware

From Wikibooks, open books for an open world

Worms can open a back door for those that wish to enter your computer and provide remote access to intruders. There are many different entrances into your computer (such as email), where they enter and can cause great harm. The worms use up bandwidth and hinder a computer's ability to function properly.

ILOVEYOU

[edit | edit source]

Created by a group from Filipinos, this virus has caused massive damage to many people around the world. The ILOVEYOU worm is sent through email, it detected the receiver's email address book and was able to send itself via email, thus appearing to be a genuine email from a known contact. People receive the file from opening the email and downloading an attachment that ends with a .VBS. From there it takes multiple extension files, such as .JPG or .CSS and changes them to .VBS files. The ILOVEYOU worm also has the ability to download a program called "WIN-BUGSFIX.EXE" which causes your cached passwords to be mailed to certain hackers.

Mydoom

[edit | edit source]

Also a very destructive worm and caused thousands of computers to be shut down for a while so it could be fixed. Its primary source of transfer is email. Although the original creator of the mydoom worm is unknown, what is known is the worm was first originally created by a Russian programmer some time in early 2004 or late 2003. The first known time it was spotted was on January 26, 2004. The main purpose of this worm is to send spam email to all email users it can reach through infected address books. It also allows access to infected computers by a backdoor on port 3127. Third it was created to do a DOS (denial-of-service) attack against www.sco.com. Later variants of mydoom also blocked access to Microsoft as well as anti virus websites.

Melissa

[edit | edit source]

A mass mailing computer worm, the Melissa worm, was created by David L. Smith was first discovered on March 26, 1999. The Melissa worm was first opened through a porn site password page. It embedded itself in a file called List.DOC and was able to use the user's email to mail itself. Melissa used word documents to shield itself, but had a weakness when it came to certain word programs such as Word 95. Mailing itself was also limited to Microsoft outlook 97/98 and was unable to achieve sending itself through Microsoft Outlook Express. It was the macros in word that maid the worm possible. When you receive the original worm through email this is what it shows you:

From: <name of the infected sender>
Subject: Important message from <name of sender>
To: <The recipients, from the 50 names>
Attachment: LIST.DOC
Body: Here is that document you asked for ... don't show anyone else ;-)
From there it was changed to Melissa.I/Empirical, to Melissa.O, Melissa.U, Melissa.V, Melissa.W and lastly Melissa.AO. Most of them show differences between each other with the same basics, but Melissa.A (the original) and Melissa.W are believed to be the same. All of them have caused serious harm and still continue to harm users computers.

Virus

[edit | edit source]

Trojan horse

[edit | edit source]

What’s a Trojan Horse virus?

A Trojan Horse is an email virus usually released by an email attachment. If opened, it will scour your hard drive for any personal and financial information such as your social security, account, and PIN numbers. Once it has collected your info, it is sent to a thief’s database.

The term comes from the a Greek story of the Trojan War, in which the Greeks give a giant wooden horse to their foes, the Trojans, ostensibly as a peace offering. But after the Trojans drag the horse inside their city walls, Greek soldiers sneak out of the horse's hollow belly and open the city gates, allowing their compatriots to pour in and capture Troy.

Types of Trojan horses

Trojan horses are almost always designed to do various harmful things, but could be harmless. They are broken down in classification based on how they breach systems and the damage they cause. The seven main types of Trojan horses are:

-Remote Access Trojans

-Data Sending Trojans

-Destructive Trojans

-Proxy Trojans

-FTP Trojans

-security software disabler Trojans

-denial-of-service attack (DoS) Trojans

One thing you probably won't find a Trojan doing is scouring your hard drive for personal details, as the Visa description alleges. Contextually, that would be a bit of a trick for a Trojan. Instead, this is where the keylogging functionality most often comes into play - capturing the user's keystrokes as they type and sending the logs to the attackers. Some of these keyloggers can be pretty sophisticated, targeting only certain websites (for example) and capturing any keystrokes involved with that particular session.