|
(IV) Classifying malicious code |
|
|
Marcus Aurelius (121-80BC); Roman emperor, philosopher.
- (IV) Classifying malicious code -
Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)
Madrid, July 30 2003 - This fourth edition of Oxygen3 24h-365d explaining
different types of malicious code will follow on from the last edition,
which dealt with the category of worms, currently the most numerous group.
As described in the previous edition, worms can spread in a variety of
ways(using their own SMTP engine, exploiting vulnerabilities, etc.). The
following list describes yet more methods used by this type of malicious
code to propagate.
- Spreading through local networks. These worms spread across resources
shared on LANs, and can even crash the network. Some examples of this type
of worm include Lovgate, Sobig or the dangerous Bugbear.B.
- Spreading through P2P (peer-to-peer) applications. The popularity of these
kinds of applications, designed to allow Internet users to swap files, has
turned programs like KaZaA or iMesh into excellent means of transmitting
malicious code. In order to exploit these programs, these worms create files
in the shared directories of these applications, with names that trick other
users into downloading them to their computers. Redisto.B or Fizzer are
examples of this kind of worm.
- Spreading through IRC and similar applications. This method is normally
used as a complementary means of transmission, as the majority of worms
designed to spread through chat or instant messaging programs also use
e-mail.
- Hiding in the HTML code of e-mail messages. This means of transmission
allows a worm to infect a computer without needing the user to perform any
operations. An example of this type is Kakworm, which spreads by hiding in
the AutoSignature of the e-mail messages sent from the affected computer. It
is then automatically run when the message is viewed through the preview
pane in Outlook.
- Spreading directly across the Internet. This kind of virus does not need
any carrier to spread from one computer to another, as its strategy is to
look for unprotected communication ports in order to get into a computer
without the user realizing.
More information on these and other malicious code from Panda Software's
Virus Encyclopedia at: http://www.pandasoftware.com/virus_info/encyclopedia/
NOTE: The address above may not show up on your screen as a single line.
This would prevent you from using the links to access the web pages. If this
happens, just use the 'cut' and 'paste' options to join the pieces of the
URL.
------------------------------------------------------------
The 5 viruses most frequently detected by Panda ActiveScan, Panda Software's
free online antivirus: 1)Bugbear.B; 2)Fornight.E; 3)PSWBugbear.B; 4)Klez.I;
5)Parite.B.
To contact with Panda Software, please visit:
http://www.pandasoftware.com/about/contact/
|
|
|
 |
| "(IV) Classifying malicious code" | Login/Create an Account | 0 comments |
|
| | The comments are owned by the poster. We aren't responsible for their content. |
|
|
|
No Comments Allowed for Anonymous, please register |
|
| |
|
Login |
|
 |
|
|
|
|
· New User? · Click here to create a registered account.
|
|
|
Article Rating |
|
|
|
|
|
|
Average Score: 0
Votes: 0
|
|
|
