Learning malware for fun and profit
May 11, 2015
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
OVERVIEW
What is malware?
Types of malwares.
How to create your own malware (Educational purpose only)
Writing signatures to antiviruses.
Evading antiviruses. (Educational purpose only)
What is a malware ? Malware short for malicious software . malware is a piece of software that is designed to disrupt operation , gather information , gain unauthorized access to system resources, and for exploitation purposes.
The malware is a general term used by a computer professionals to mean a variety of forms of hostile , intrusive, or annoying software or programming code.
In simply malware is a set of instructions that run on your computer and make your system do something that an attacker wants it to do.
Types of malwareThere are many types of malwares are there. most common are :
VirusesWormsRootkitsTrojansBackdoors SpywareKeyloggerAdwareCrimewareScareware
This list goes on …………………
What is a Virus?
A computer virus is a program that can replicate itself and spread from one computer to another.
if a computer program is called as a virus it most have the capability to spread from one file to another file and one computer to another computer by means of Network or internet or carried it by a removable devices like CD’s, DVD’s, Floppy disks and USB devices.
in simply virus is a program that can infect other programs by modifying them to include a, possibly evolved, version of itself.
Indications of Virus attack
Hard drive is accessed even when not using the computer.Computer freezes frequently or encounters errors.Computer slows down when programs starts.Files and Folders are missing (god has to know what happened to files).Unable to load operating system files.Browser window freezes.
When computer get infected by Viruses
Don’t having proper antivirus application.Not updating antivirus and operating system and applications.Installing pirated software's and rouge applications.Opening an infected E-Mail attachments.
How to create your own Virus (Educational purpose only)
DEMO
What is a Worm
A computer worm is a self-replicating malware which uses a computer network to send copies of itself to another computer.
However, a computer worm does not need to attach itself to a program in your system like a computer virus does in order to function. A computer worm generally localizes its damage to the computer network by causing increased bandwidth(only applicable to old worm types )
Indications of worm attacks
• Unusual network traffic in pc• Not able to visit websites due to bandwidth is
flooded by worm.• Unusual files in network shares.• Unable to update antiviruses.
How Worm spreads
Peer 2 peer (p2p) networks like uTorrent.
Infected USB devices.
Network shares. Emails
How to create your own Worm (Educational purpose only)
DEMO
Rootkit
Rootkit is a stealthy type of malware designed to hide its existence from processes viewer and other monitor software's.
Types of rootkits
• There are two different types of rootkits. they are :–User Mode rootkit–Kernel Mode rootkit
User Mode
Supervisor /Kernel Mode
Backdoors• A Backdoor is a way in to the system that
allows an attacker to access the victim machine.
• after penetrating the victim machine the attacker installs the backdoor in it.
• it used to access the victim machine.
• Example: NetCat
Backdoor !!!!
Hey got the backdoor. PWNED
Trojan
• Trojan is a piece of software which contains both legitimate code and malicious code.
• performs covert and overt actions.• Frequently embedded in applets, games and
email attachments.• Examples
– Beast– ProRat
Small story about Trojan
How to create your own Trojan (Educational purpose only)
DEMO
Best Tips to Defend Against Malware
Protect your computer with strong security software and
keep updated.
Enable automatic Windows updates.
Be careful when engaging in peer-to-peer (P2P) file-
sharing.
Beware of spam-based phishing
schemes.
Back up your files
regularly.
Writing signatures to antiviruses
Mostly antivirus signature writers use three methods to create signatures They are:
MD5 hashes Byte code Heuristic
AgainDEMO
Evading Antiviruses
AgainAn Awesome
DEMO
Any Queries
SpecialThanks
to
Raghu
chaitu
Imran
Related Documents
