Worms
Mail worms
A
worm is by definition similar to a virus but more independent. The first wave
of worms was seen when Internet mail became a standard way to communicate. An
email client, and especially address books and mailing lists, provide a
powerful way to reach a large number of recipients worldwide with very little
effort. Modern, advanced email programs also provide this functionality through
APIs that make it possible for computer programs to automatically send
messages. All this together provides an environment that enables mail worms to
spread much
faster
than viruses. A mail worm is carried by an email message, usually as an
attachment but there have been some cases where the worm is located in the
message body. The recipient must open or execute the attachment before the worm
can activate. The attachment may be a document with the worm attached in a
virus-like manner, or it may be an independent file. The worm may very well
remain undetected by the user if it is attached to a
document.
The document is opened normally and the user’s attention is probably focused on
the
document contents when the worm activates. Independent worm files usually fake
an error
message
or perform some similar action to avoid detection.
Pure worms
A
worm is a replicating program that works independently without a host file and
without user intervention. Pure worms meet all these requirements, whereas mail
worms represent an intermediate form that resembles both viruses and worms.
Pure worms have the potential to spread very quickly because they are not
dependent on any human actions
Trojan horses
The name Trojan horse is borrowed from Greek mythology. In the
computer world the term refers to a program that contains hidden malicious
functions. The program may look like something funny or useful such as a game
or utility, but harms the system when executed. Many Trojans contain activation
criteria that enable the Trojan to work for a while. The user is convinced that
the program is safe and useful, and forwards it to other users before the
malicious code strikes. Trojans lack a replication routine and thus are not
viruses by definition. A Trojan is spread to other computers only through
deliberate transfer by the users.
The motives of most virus writers remain unknown. There are
however some motives that can be identified by examining virus samples or
talking to known or anonymous virus authors.
• Challenge and curiosity. There are no courses or good books about how to write viruses.
Many programmers want to see if they can do it, and do not necessarily realize
that the virus may cause significant damage.
• Fame and power. Even
if the author remains anonymous, it probably gives a kick to read about the
virus in headlines. The virus, and possibly the damage it has caused makes
other people work and react in some way.
• Protest and anarchy.
A virus is quite a powerful way to cause intentional damage. There have
been cases where a virus is intended to harm a school’s network.
• Proof of concept.
Someone may for example want to prove that a certain replication technique
works. This type of virus may also appear on new platforms or applications
capable of hosting
viruses.
• Political motives. A
virus may be used to spread a political message. This may, for example, be
protests against totalitarian governments, multinational corporations etc.
Organized political parties do not use viruses.
No comments:
Post a Comment