Malware
From Wikipedia, the free encyclopedia
Malware, short for malicious software, is software designed to disrupt computer operation, gather sensitive information, or gain unauthorized access to computer systems. While it is sometimes software, it can also appear in the form of script or code. Malware is a general term used to describe any kind of software or code specifically designed to exploit a computer, or the data it contains, without consent. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software.
Malware includes computer viruses, worms, trojan horses, spyware, adware, most rootkits, and other malicious programs. In law, malware is sometimes known as a computer contaminant, for instance in the legal codes of severalU.S. states, including California and West Virginia.
Malware is not the same as defective software, which is software that has a legitimate purpose but contains harmfulbugs that were not noticed before release. Sometimes, malware is disguised as genuine software, and may come from an official company website. An example would be software used for useful purposes that also includes tracking software to gather marketing statistics for advertising.
Therefore, some security programs may find "potentially unwanted programs" or "PUP". Though a computer virus is malware that can reproduce itself, the term is sometimes used erroneously to refer to the entire category. An example of a computer virus which is not a malware, but is benevolent is Fred Cohen's compression virus.
Preliminary results from Symantec published in 2008 suggested that "the release rate of malicious code and other unwanted programs may be exceeding that of legitimate software applications." According to F-Secure, "As much malware [was] produced in 2007 as in the previous 20 years altogether." Malware's most common pathway from criminals to users is through the Internet: primarily by e-mail and the World Wide Web.Proliferation
The prevalence of malware as a vehicle for Internet crime, along with the challenge of anti-malware software to keep up with the continuous stream of new malware, has seen the adoption of a new mindset for individuals and businesses using the Internet. With the amount of malware currently being distributed, it follows that some percentage of computers (that are connected to an Internet connection) will always be infected. For businesses, this means that they need to find a way to operate despite this problem. The result is a greater emphasis on back-office protection systems designed to protect against advanced malware operating on customers' computers.
On March 29, 2010, Symantec Corporation named Shaoxing, China, as the world's malware capital. A 2011 study from the University of California, Berkeley, and the Madrid Institute for Advanced Studies published an article in Software Development Technologies, examining how entrepreneurial crackers are helping enable the spread of malware by offering access to computers for a price. To avoid detection by anti-virus software, malware distributed by PPI services are frequently updated, with one observed family of malware updating up to twice a day.
Although most common families of malware targeted both Europe and the United States, there were some families with a single-country focus and some families with no geographic bias. Microsoft reported in May 2011 that one in every 14 downloads from the Internet may now contain malware code according to the Wall Street Journal. Social media, and Facebook in particular, are seeing a rise in the number of tactics used to spread malware to computers.
Purposes
Many early infectious programs, including the first Internet Worm and a number of MS-DOS viruses, were written as experiments or pranks. They were generally intended to be harmless or merely annoying, rather than to cause serious damage to computer systems. In some cases, the perpetrator did not realize how much harm his or her creations would do. Young programmers learning about viruses and their techniques wrote them simply for practice, or to see how far they could spread. As late as 1999, widespread viruses such as the Melissa virus and the David virus appear to have been written chiefly as pranks. The firstmobile phone virus, Cabir, appeared in 2004.
Hostile intent related to vandalism can be found in programs designed to cause harm or data loss. Many DOS viruses, and the Windows ExploreZip worm, were designed to destroy files on a hard disk, or to corrupt the file system by writing invalid data to them. Network-borne worms such as the 2001 Code Red worm or the Ramen worm fall into the same category.
Since the rise of widespread broadband Internet access, malicious software has been designed for a profit (e.g. forced advertising). For instance, since 2003, the majority of widespread viruses and worms have been designed to take control of users' computers for black-market exploitation. Infected "zombie computers" are used to send email spam, to host contraband data such as child pornography, or to engage indistributed denial-of-service attacks as a form of extortion.
Another strictly for-profit category of malware has emerged in spyware -- programs designed to monitor users' web browsing, display unsolicited advertisements, or redirect affiliate marketing revenues to the spyware creator. Spyware programs do not spread like viruses; they are, in general, installed by exploiting security holes or are packaged with user-installed software, such as peer-to-peer applications.
No comments:
Post a Comment