malware - cs.stevens.edu · where does malware come from? malicious scripts on websites that...
TRANSCRIPT
![Page 1: Malware - cs.stevens.edu · Where does Malware come from? Malicious scripts on websites that exploit security holes in browsers (Exploits) Security vulnerabilities in operating systems](https://reader035.vdocuments.net/reader035/viewer/2022081617/6041e7a578be890bd62efb0c/html5/thumbnails/1.jpg)
Malware
By: Lucas Scavone
April 16th, 2009
![Page 2: Malware - cs.stevens.edu · Where does Malware come from? Malicious scripts on websites that exploit security holes in browsers (Exploits) Security vulnerabilities in operating systems](https://reader035.vdocuments.net/reader035/viewer/2022081617/6041e7a578be890bd62efb0c/html5/thumbnails/2.jpg)
Topics
What is Malware?Why does Malware exist?Where does Malware come from?How does Malware effect me?How can I remove Malware infections?How can I prevent Malware infections?
![Page 3: Malware - cs.stevens.edu · Where does Malware come from? Malicious scripts on websites that exploit security holes in browsers (Exploits) Security vulnerabilities in operating systems](https://reader035.vdocuments.net/reader035/viewer/2022081617/6041e7a578be890bd62efb0c/html5/thumbnails/3.jpg)
What is Malware?
Malicious Software (Viruses, Trojans, Worms, Spyware)Small programs that run in the backgroundGenerally installed without consentNot always harmful, but almost never good
![Page 4: Malware - cs.stevens.edu · Where does Malware come from? Malicious scripts on websites that exploit security holes in browsers (Exploits) Security vulnerabilities in operating systems](https://reader035.vdocuments.net/reader035/viewer/2022081617/6041e7a578be890bd62efb0c/html5/thumbnails/4.jpg)
Some Examples
![Page 5: Malware - cs.stevens.edu · Where does Malware come from? Malicious scripts on websites that exploit security holes in browsers (Exploits) Security vulnerabilities in operating systems](https://reader035.vdocuments.net/reader035/viewer/2022081617/6041e7a578be890bd62efb0c/html5/thumbnails/5.jpg)
![Page 6: Malware - cs.stevens.edu · Where does Malware come from? Malicious scripts on websites that exploit security holes in browsers (Exploits) Security vulnerabilities in operating systems](https://reader035.vdocuments.net/reader035/viewer/2022081617/6041e7a578be890bd62efb0c/html5/thumbnails/6.jpg)
![Page 7: Malware - cs.stevens.edu · Where does Malware come from? Malicious scripts on websites that exploit security holes in browsers (Exploits) Security vulnerabilities in operating systems](https://reader035.vdocuments.net/reader035/viewer/2022081617/6041e7a578be890bd62efb0c/html5/thumbnails/7.jpg)
![Page 8: Malware - cs.stevens.edu · Where does Malware come from? Malicious scripts on websites that exploit security holes in browsers (Exploits) Security vulnerabilities in operating systems](https://reader035.vdocuments.net/reader035/viewer/2022081617/6041e7a578be890bd62efb0c/html5/thumbnails/8.jpg)
Why does Malware exist?
ProfitFraudData MiningLack of better things to do
![Page 9: Malware - cs.stevens.edu · Where does Malware come from? Malicious scripts on websites that exploit security holes in browsers (Exploits) Security vulnerabilities in operating systems](https://reader035.vdocuments.net/reader035/viewer/2022081617/6041e7a578be890bd62efb0c/html5/thumbnails/9.jpg)
Where does Malware come from?
Malicious scripts on websites that exploit security holes in browsers (Exploits)Security vulnerabilities in operating systems and other softwareSpam emails can contain attachments of MalwareSome Malware will download more Malwareonce installedP2P software downloads often contain MalwareCybercrime organizations (credit card fraud)
![Page 10: Malware - cs.stevens.edu · Where does Malware come from? Malicious scripts on websites that exploit security holes in browsers (Exploits) Security vulnerabilities in operating systems](https://reader035.vdocuments.net/reader035/viewer/2022081617/6041e7a578be890bd62efb0c/html5/thumbnails/10.jpg)
Exploits (Used on Vulnerabilities)
Security holes found in software, usually operating system, browser or email client basedMake use of “Buffer Overflow” and other attacks to execute arbitrary code at root level accessUsed to gain unauthorized access to machines in order to infect them with MalwareSeveral Malware variants will scan IP ranges for vulnerable ports and infect any machines found automatically (Blaster Worm).
![Page 11: Malware - cs.stevens.edu · Where does Malware come from? Malicious scripts on websites that exploit security holes in browsers (Exploits) Security vulnerabilities in operating systems](https://reader035.vdocuments.net/reader035/viewer/2022081617/6041e7a578be890bd62efb0c/html5/thumbnails/11.jpg)
Buffer Overflow
Caused by unchecked buffer sizes being assigned values that “overflow” into the next memory space.This generally causes the code to be executed with root level permissions by the machine code interpreterUsually causes host application being overflowed to crash due to code being overwritten in memory
![Page 12: Malware - cs.stevens.edu · Where does Malware come from? Malicious scripts on websites that exploit security holes in browsers (Exploits) Security vulnerabilities in operating systems](https://reader035.vdocuments.net/reader035/viewer/2022081617/6041e7a578be890bd62efb0c/html5/thumbnails/12.jpg)
Crash caused by initial Blaster worm infection
![Page 13: Malware - cs.stevens.edu · Where does Malware come from? Malicious scripts on websites that exploit security holes in browsers (Exploits) Security vulnerabilities in operating systems](https://reader035.vdocuments.net/reader035/viewer/2022081617/6041e7a578be890bd62efb0c/html5/thumbnails/13.jpg)
How does Malware affect me?
Can cause performance decrease in computerCan be used to steal user information
Credit Cards, Passwords, Banking informationCan be used to send spam from your computerCan be used to turn your computer into a "zombie"Can be used to infect other computers from your computer
![Page 14: Malware - cs.stevens.edu · Where does Malware come from? Malicious scripts on websites that exploit security holes in browsers (Exploits) Security vulnerabilities in operating systems](https://reader035.vdocuments.net/reader035/viewer/2022081617/6041e7a578be890bd62efb0c/html5/thumbnails/14.jpg)
How can I remove Malwareinfections?
Several tools available for free on the internet
Malware Bytes (general computer scanner)Hijack This! (registry scanner)ProcXP (detailed process manager)
![Page 15: Malware - cs.stevens.edu · Where does Malware come from? Malicious scripts on websites that exploit security holes in browsers (Exploits) Security vulnerabilities in operating systems](https://reader035.vdocuments.net/reader035/viewer/2022081617/6041e7a578be890bd62efb0c/html5/thumbnails/15.jpg)
![Page 16: Malware - cs.stevens.edu · Where does Malware come from? Malicious scripts on websites that exploit security holes in browsers (Exploits) Security vulnerabilities in operating systems](https://reader035.vdocuments.net/reader035/viewer/2022081617/6041e7a578be890bd62efb0c/html5/thumbnails/16.jpg)
![Page 17: Malware - cs.stevens.edu · Where does Malware come from? Malicious scripts on websites that exploit security holes in browsers (Exploits) Security vulnerabilities in operating systems](https://reader035.vdocuments.net/reader035/viewer/2022081617/6041e7a578be890bd62efb0c/html5/thumbnails/17.jpg)
How can I prevent Malwareinfections?
Be cautious when dealing with email from unknown sendersNever open files you do not know the sender ofBe cautious when surfing the webScan your computer for Malware regularlyKeep up to date security patches on all software (Operating system, Virus scanner)Run firewall software to protect internet applications from being exploited
![Page 18: Malware - cs.stevens.edu · Where does Malware come from? Malicious scripts on websites that exploit security holes in browsers (Exploits) Security vulnerabilities in operating systems](https://reader035.vdocuments.net/reader035/viewer/2022081617/6041e7a578be890bd62efb0c/html5/thumbnails/18.jpg)
How can I prevent Malwareinfections? (As a System Admin)
Properly configuring user accounts to have minimal permissions neededConfigure browser and email client security settings to limit ActiveX controls and tighten other security settingsUse AntiVirus software to actively scan the computer and processes for malicious programsProperly train users to be cautious with email and web browsing and to notify you immediately in the event of an uncaught infectionFirewall with Deep Packet Inspection (SonicWALL)
![Page 19: Malware - cs.stevens.edu · Where does Malware come from? Malicious scripts on websites that exploit security holes in browsers (Exploits) Security vulnerabilities in operating systems](https://reader035.vdocuments.net/reader035/viewer/2022081617/6041e7a578be890bd62efb0c/html5/thumbnails/19.jpg)
Any Questions?