It seems that malware
has many more types that you need to decipher before you even get to know which
one has attacked your system. For example, Ransomeware is one such malware that
locks out your system denying you access unless you cough up significant amount
to unlock your system. It is as easy as clicking a link on your social media
website or your account wall. Hackers are smart enough to design malware that
travels by clicking a link posted on your wall. As soon as it enters your
computer, you will be bombarded with adware and popup ads that appear even when
you have not launched any browser. All this is annoying indeed.
There are other sneaky
types of malware that are waiting to enter your system and wreak havoc. If you
are not able to identify this only then will you be able to confront it. Let us
learn more about it.
Operating System
Subversion
We are aware that
Windows Explorer is where all our files, documents, pictures and other
essentials are organized in a hierarchy. The OS is involved in fetching file
information required. The gateway is open for any program to penetrate the
system and directly contact the file system. This can lead to attacks on the
hardware and OS. Rootkit is such a technology that allows a malware to be
erased from the system. This results in undetected infection to the OS. Rootkit
deletes its evidence from the system while allowing file exchange between
Windows. Antivirus that works on seeking requests from Windows about the file
system will not be able to detect this malware. Even Registry settings are
hidden by some form of this malware.
No-file Malware
The initial activity
undertaken by any antivirus is to check the system by performing a full scan.
This also includes scanning each file on the system before execution. However,
all these efforts of scanning the system can be easily thwarted if there are no
file copies. Slammer worm is one such malware that leaves no evidence of file
on the disk. This was 10 years ago, recently the most popular antivirus
Kaspersky has come out with detecting yet another form of malware. The Java
infection is a no-file malware that was propagated via Russian news website. As
soon as a visitor clicks the links to this website the malware would enter
their system. It is said to be propagating using banner ads, the creators of
this malware injected the code into the Java itself. It is said to be potent
enough to take control of the server by turning off the User Account Control.
This can be controlled by installing the Lurk Trojan.
By restarting the
system, the malware can be detected and purged. However if you are not aware of
its existence then you might never end up taking this essential step.
Return Oriented
Programming
Return Oriented
Programming or ROP is yet another vulnerable spot for providing gateway to
malware entry. Using ROP is dangerous as it will not install executable codes.
It seeps into the blocks of codes and reconstructs the instruction of return or
RET. As soon as the CPU gains access to instruction, the ROP malware launches
the code from another source of program. This is what makes it invisible and
almost impossible to detect.
Frankenstein's Malware
As the name suggests, it
is a malware that is designed by patches of various chunks of codes put
together. This creates a new binary that results in a new malware similar to
Frankenstein's monster. This malware is dangerous as it can replicate the
technique used in ROP ending in RET instructions.
Detecting Malware Threat
All of the above listed
sneaky malware can be detected. You can choose an antivirus program that is
designed to detect and remove Rootkits. Other techniques involve taking note of
all the files on your system lying on the disk. Then run a query directed to
the file system to bring out any discrepancies. Another simple solution for an
average user can be to choose an antivirus that does not boots in Window OS.
This way any sneaky malware will not be able to get past undetected.
You can choose to go
with Norton File Insight by Symantec that is quick to point out any
discrepancies in the system. As far as ROP attacks are concerned you need not
worry about it as it targets specific areas and it is not widespread.
She is a Technology
writer who is keen on any new emerging technology updates. She is working with
Qresolve as a Technical Support Engineer. Semeli Karen McPherson has been
offering online tech support to global customers
for issues related to laptops, desktops, Mac and devices including iPods,
tablets, iPhones, computer support and more. She caters to
the segment of core technology and provides viable solutions to any issues
related to technology and software. Her expertise and skills in handling key
technology issues is immaculate and quick result bearing. Through her articles
and postings she aims to provide knowledge and solutions to common technology
issues that a user faces.
Article Source: http://EzineArticles.com/?expert=Semeli_Karen_McPherson
Article Source: http://EzineArticles.com/7951256
No comments:
Post a Comment