Virus

PRESENTATION ON COMPUTER VIRUSES

PRESENTATION ONCOMPUTER VIRUSESBY AREEBA A. BHUTTO

OUTLINE:

INTRODUCTION.HISTORY .CATEGORIES OF COMPUTER DISRUPT SOFTWARES.TYPES & EXAMPLES.VIRAL LANGUAGE.PREVENTION FROM VIRUS ATTACKS.ANTI-VIRUS.CONCLUSION.

PHISHING:

Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication.

Phishing emails may contain links to websites that are infected with malware.

VIRUS HISTORY:Traditional computer viruses were first widely seen in the late 1980s, and came about because of several factors. The first factor was the spread of personal computers (PCs).

The second factor was the use of computer bulletin boards. People could dial up a bulletin board with a modem and download programs of all types.

The third factor that led to the creation of viruses was the floppy disk. In the 1980s, programs were small, and you could fit the entire operating system, a few programs and some documents onto a floppy disk or two. Many computers did not have hard disks, so when you turned on your machine it would load the operating system and everything else from the floppy disk. Virus authors took advantage of this to create the first self-replicating programs.

Computer viruses:

A computer virus is a type of malware that, when executed, replicates by inserting copies of itself into other computer programs, data files, or the boot sector of the hard drive. When this replication succeeds, the affected areas are then said to be "infected.

Defining characteristic of viruses is that they are self-replicating computer programs which install themselves without the user's consent.

INTRODUCTIONMALWARE: Malware, short for malicious software, is software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems. 'Malware' is a general term used to refer to a variety of forms of hostile or intrusive software. It can appear in the form of code, scripts, active content, and other software.

Boot sector virus:The term boot sector is a generic name that seems to originally come from MS-DOS but is now applied generally to the boot information used by any operating system. In modern computers this is usually called the master boot record, and it is the first sector on a partitioned storage device.

Boot sector viruses became popular because of the use of floppy disks to boot a computer. The widespread usage of the Internet and the death of the floppy has made other means of virus transmission more effective.

THE FILE INFECTOR VIRUS:The most common type of virus, the file infector takes root in a host file and then begins its operation when the file is executed. The virus may completely overwrite the file that it infects, or may only replace parts of the file, or may not replace anything but instead re-write the file so that the virus is executed rather than the program the user intended.

The definition is usually meant to refer only to viruses which use an executable file format, such as .exe, as their host.

MACRO VIRUS:A wide variety of programs, including productivity applications like Microsoft Excel, provide support for Macros special actions programmed into the document using a specific macro programming language. Unfortunately, this makes it possible for a virus to be hidden inside a seemingly benign document.

Macro viruses very widely in terms of payload. The most well known macro virus is probably Melissa.

Melissa virus The Melissa virus, written by David L Smith in homage to a Florida stripper, was the first successful email-aware virus and inserted a quote from The Simpsons in to Word documents. Smith was later sentenced to jail for causing over $80 million worth of damage.

Trojan horses:

In computers, a Trojan horse is a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage, such as ruining the file allocation table on your hard disk.

The term comes from Greek mythology about the Trojan War

OSX/RSPlug Trojan

In November 2007, the first example of financially-motivated malware for Apple Macs was discovered in the wild. The launch of the OSX/RSPlug Trojan increased fears that Apple's platform may be targeted more by hackers in the future.

COMPUTER WORMS:

A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it.

Worms almost always cause at least some harm to the network. Spammers are thought to be a source of funding for the creation of such worms.

Storm worm

The Storm worm, originally posing as breaking news of bad weather hitting Europe, infected computers around the world in 2007. Millions of infected PCs were taken over by hackers and used to spread spam and steal identities.

Trojan Horses are sneaky: while they appear harmless, they really are programs that hide all sorts of malicious goodies. Trojan Horses do not replicate themselves the way viruses and worms do.Computer viruses attach themselves to files or programs, often through email attachments which means a person has to actually run the program for the virus to become active and spread. Worms are similar to viruses because they self-replicate but unlike viruses, they dont have to attach themselves to a program. Instead they use computer networks to send malicious software to other computers, spreading from computer to computer.DIFFERENCE

ROOTKITS:

A Rootkit is a stealthy type of software, typically malicious, designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to a computer.

Rootkit installation can be automated, or an attacker can install it once they've obtained root or Administrator access. Obtaining this access is a result of direct attack on a system (i.e. exploiting a known vulnerability, password (either by cracking, privilege escalation, or social engineering). Once installed, it becomes possible to hide the intrusion as well as to maintain privileged access. The key is the root/Administrator access i.e. full control over a system.

SPYWARE:Spyware is software that aids in gathering information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent.Spyware can collect almost any type of data, including personal information like Internet surfing habits, user logins, and bank or credit account information.

CRIMEWARE:Crimeware is any computer program or set of programs designed expressly to facilitate illegal activity online. It is a class of malware designed specifically to automate cybercrime.

Crimeware is designed to perpetrate identity theft in order to access a computer user's online accounts at financial services companies. Crimeware also often has the intent to export confidential or sensitive information from a network for financial exploitation.

ADWARE:Adware, or advertising-supported software, is any software package which automatically renders advertisements in order to generate revenue for its author. The advertisements may be in the user interface of the software or on a screen presented to the user during the installation process.

The term is sometimes used to refer to software that displays unwanted advertisements.

E-mail viruses:

An e-mail virus is computer code sent to you as an e-mail note attachment which, if activated, will cause some unexpected and usually harmful effect, such as destroying certain files on your hard disk and causing the attachment to be re-mailed to everyone in your address book.

Although not the only kind of computer virus, e-mail viruses are the best known and undoubtedly cause the greatest loss of time and money overall.

SPAMMING:Electronic spamming is the use of electronic messaging systems to send unsolicited bulk messages (spam), especially advertising, indiscriminately. While the most widely recognized form of spam is e-mail spam.

Spamming remains economically viable because advertisers have no operating costs beyond the management of their mailing lists, and it is difficult to hold senders accountable for their mass mailings. Because the barrier to entry is so low, spammers are numerous, and the volume of unsolicited mail has become very high.

A person who creates electronic spam is called a spammer.

I love you virus

I LOVE YOU virus, which appeared on May 4, 2000, was even simpler. It contained a piece of code as an attachment. People who double-clicked on the attachment launched the code. It then sent copies of itself to everyone in the victim's address book and started corrupting files on the victim's machine.

In which programming languages a virus can be created?

There are viruses in almost every programming language, but most are probably written in C and C++ as these two languages have a lot more control over your application compared to most others, so you can be very specific about what you want them to do. Smaller, less powerful languages such as Visual Basic, .NET, Python or Java will also suffice in creating viruses.

Anti-Virus Tips

Do not open any files attached to an email from an unknown, suspicious or untrustworthy source.Do not open any files attached to an email unless you know what it is.Do not open any files attached to an email if the subject line is questionable or unexpected.Delete chain emails and junk email. Do not forward or reply to any to them. These types of email are considered spam - unsolicited, intrusive messages that clog up the inboxes and networks.Do not download any files from strangers.Exercise caution when downloading files from the Internet. Ensure that the source is a legitimate and reputable one. Verify that an anti-virus program checks the files on the download site.Update your anti-virus software regularly. Back up your files on a regular basis. If a virus destroys your files, at least you can replace them with your back-up copy. You should store your backup copy in a separate location from your work files, one that is preferably not on your computer.

HOW TO PREVENT FROM VIRUS ATTACKS?

Anti-virus software is crucial to preventing virus attacks, but this strategy only works if users update their software.

Always use an anti-virus software program, one with both an on-demand and an on-access scanner. You'll want to look for one that has a fairly complete database of viruses and that is updateable. New viruses are produced daily, so it's important to have software that can detect the latest threat.

CONCLUSION: "Better Safe Than Sorry".

BETTER SAFE THAN SORRY!