Showing posts with label how virus works. Show all posts
Showing posts with label how virus works. Show all posts

Tuesday, November 26, 2013

Yes! You are HACKED! (PART-3)

Yes! We are back with the PART 3 of the series 'Yes! You are Hacked!'
In case you missed the earlier posts. you reach both PART-1 and PART-2 here.

So after having posted the 4 signs of your system being compromised, here comes the fifth and the sixth!

Sure sign of system compromise No. 5: Your friends receive fake emails from your email account
This is the one scenario where you might be OK. It's fairly common for our email friends to receive malicious emails from us. A decade ago, when email attachment viruses were all the rage, it was very common for malware programs to survey your email address book and send malicious emails to everyone in it.

Sunday, November 17, 2013

Yes! you are HACKED! (PART-2)

Missed PART-1? Read it HERE!
So, here comes PART-2 of 'Yes! You are HACKED!' series. Read on, it may be possible that you may be a victim and you don't know!

Sure sign of system compromise No. 3: Redirected Internet searches
Many hackers make their living by redirecting your browser somewhere other than where you want to go. A hacker gets paid by getting your clicks to appear on someone else's website, often those who don't know that the clicks to their site are from a malicious redirection.

You can often spot this type of malware by typing a few related, very common words (for example, "puppy" or "goldfish") into Internet search engines and checking to see whether the same websites appear in the results -- almost always with no actual relevance to your terms. Unfortunately, many of today's redirected Internet searches are well hidden from the user through use of additional proxies, so the bogus results are never returned to alert the user. In general, if you have bogus toolbar programs, you're also being redirected. Technical users who really want to confirm can sniff their own browser or network traffic. The traffic sent and returned will always be distinctly different on a compromised computer vs. an uncompromised computer.

Friday, January 25, 2013

Generations Of Anti-virus Softwares

The key characteristics of the generation of anti-virus software are as follows:

  • 1st Generation   These anti-virus software programs were called as simple scanners. They needed a virus signature to identify a virus. A variation of such programs kept a watch on the length of programs and looked for changes so as to possibly identify a virus attack.

  • 2nd Generation   These antivirus software programs did not rely on simple virus signatures. Rather, they used some rules to look for possible virus attacks. The basic idea was to look for code blocks that were commonly associated with viruses. For example, such programs can look for encryption key used by a virus, decrypt it, and remove the virus and clean the code. Another variation of these anti-virus programs used to store some identification about the file to detect changes in the contents of the file.

  • 3rd Generation    These anti-virus software programs were memory resident. They watched for viruses based on their actions, rather than their structure. Thus, it is not necessary to maintain a large database of virus signatures. Instead, focus on keeping a watch on a small number of suspect actions.

  • 4th Generation These anti-virus software programs package many anti-virus techniques together(example scanning, monitoring, filtering). They also contain access control features, thus defeating the attempts of a virus to infect the files.

Friday, January 18, 2013

Phases of a Computer Virus

Different Phases Of a Virus

During it lifetime, a virus goes through four phases:

1) Dormant Phase

Here, the virus remains idle and gets activated based on a certain action or event(for example, a user pressing a key or on a certain date and time etc)

2)Propagation Phase

The virus starts propagating, that is multiplying itself. A piece of code copies itself and each copy starts copying more copies of self, thus propagating.

3)Triggering Phase

A Dormant virus moves into this phase when it gets activated, that is, the event it was waiting for gets initialised.

4)Execution Phase

This is the actual work of the virus. It can be destructive(deleting files on disk) or harmless(popping messages on screen).