Computer worms are self-replicating programs that spread over a network without user intervention. The first harmful worm was the Morris worm, launched in 1988 from MIT. It exploited vulnerabilities in Unix systems and caused major disruption across the early internet. One of the fastest spreading email worms was the Sobig worm of 2003, which contained a message claiming its creator was paid to create it. Botnets are collections of compromised computers controlled remotely without the owners' knowledge, and have been used to conduct DDoS attacks, spread spam, and steal personal information.
Computer worms are self-replicating programs that spread over a network without user intervention. The first harmful worm was the Morris worm, launched in 1988 from MIT. It exploited vulnerabilities in Unix systems and caused major disruption across the early internet. One of the fastest spreading email worms was the Sobig worm of 2003, which contained a message claiming its creator was paid to create it. Botnets are collections of compromised computers controlled remotely without the owners' knowledge, and have been used to conduct DDoS attacks, spread spam, and steal personal information.
Computer worms are self-replicating programs that spread over a network without user intervention. The first harmful worm was the Morris worm, launched in 1988 from MIT. It exploited vulnerabilities in Unix systems and caused major disruption across the early internet. One of the fastest spreading email worms was the Sobig worm of 2003, which contained a message claiming its creator was paid to create it. Botnets are collections of compromised computers controlled remotely without the owners' knowledge, and have been used to conduct DDoS attacks, spread spam, and steal personal information.
Computer worms: named form science fiction shockwave rider named by John
F Shoch and Jon A Hupp
Self replicating uses a network to spreadthey basically affect a network no need of user intervention they are independent they do not attach themselves to any existing program In the beginning Soch and Hupp crated these code to find idle systems on the network automatically and assign them some obs so that their s!y efficiency could improve" #heir intend were no further" NOTE: virus: they attach themselves to existing program they do not target a network they target a stand alone system worms types spreading : some of them have the intend of ust sitting on the system and they do not bother it and passes to another thru this first ever harmful worm: MORRIS worm referred to as the $%reat &orm$' significant media attention was given( first ever to spread through internet" Launched from MIT in 1!!' ust to disguise the fact that it was originally formed by students at colonel uni"er#i$%& #he person who developed this happens to be prof" at )I#" &as created with good intend to gauge the si*e of internet" Incidentally it turned out to be a havoc causing denial of service attack" It exploits the vulnerabilities of the s!y in net" )IS#+,-: this worm does not bother if a copy of it already exits in the system it ust places its replica and starts running" If at all it asked the host whether its copy is already existing this would not have become harmful" &ritten in .C/" -00-C#: 1222 s!y 32(322) 4 loss" M%doom fastest spreading email worm 5an 61 6227" next fastest to sobig worm" #he worm contains the text message "andy; I'm just doing my job, nothing personal, sorry," leading many to believe that the worm8s creator was paid to create it" +uthor( still unknown I9#-9:: :istributed denial of service attack of SC; group <ack :oor on port and causing it to run as a child process in win=creates 'om(ie#&& S>S-?-C#: linux or open source ppl Identified by Craig of )c+fee" #-CH9;@@;%A: it appears to sender as transmission error &hen received it has subect names as -rror' mail delivery system in different lang" when opened it has an attachment" &hen its run it causes this mail to be sent to all users found in the address book"/ 9;#-: this avoided all the "edu targets such as )S' )I# universities etc" M%doom&) this version targeted )s"server and caused no antivirus updates to be delivered" *+ Jul%: + variant of )ydoom attacks %oogle' +ltaBista and @ycos' completely stopping the function of the popular %oogle search engine for the larger portion of the workday' and creating noticeable slow(downs in the +ltaBista and @ycos engines for hours" a#%mme$ric (ac,door is a backdoor Ce"g"' in a cryptosystemD that can only be used by the attacker even after it is found" #his contrasts with the traditional backdoor that is symmetric' i"e"' anyone that finds it can use it" + -ue#$iona(le encr%p$ion scheme has the property that real public keys are computationally indistinguishable from fake public keys when the private key is not available" #he So(i. /orm was a computer worm that infected millions of Internet( connected' )icrosoft &indows computers in +ugust 622E" B-FSI;9S: So(i.&A0) 01 F& Its actually a mixutre of #roen G backdoor G worm #he Sobig worm will appear as an electronic mail with one of the following subects: Fe: +pproved' Fe: :etails' Fe: Fe: )y details' Fe: #hank youH' Fe:#hat movie Fe: &icked screensaver Fe: Aour application #hank youH Aour detailsI It will contain the text: $See the attached file for details$ or $?lease see the attached file for details"$ &hile the term $(o$ne$$ 'om(ie# can be used to refer to any group of bots' such as IFC bots' the word is generally used to refer to a collection of compromised computers Ccalled *ombie computersD running programs' usually referred to as worms' #roan horses' or backdoors' under a common command and control infrastructure" Several botnets have been found and removed from the Internet" #he :utch police found a 3"J million node botnet K3L and the 9orwegian IS? #elenor disbanded a 32'222 node botnet" K6L @arge coordinated international efforts to shutdown botnets have also been initiated" KEL It has been estimated that up to 3!7 of all personal computers connected to the internet are part of a botnet <otnets are exploited for various purposes: including denial(of(service attacks' creation or misuse of S)#? mail relays for spam 'click fraud' and the theft of application serial numbers' login I:s' and financial information such as credit card numbers" 2SEF2LL /ORMS: Welchia tries to help the user by downloading and installing security patches from )icrosoft' so it is a helpful worm" #hough even as it implies no harm' it can ((increase network traffic' ((reboot the infected computer' and more importantly=(it operates without consent and does not log anything" It has had several different variants and childworms" Specifically' the welchia worm targeted machines running /indow# 34& indeed' it actually helped to secure certain systems = it did create vast amounts of traffic by its transmission method' thereby slowing down the Internet and the )icrosoft website" once the patches had been installed' it rebooted the system" <ecause of these effects' the worm was perceived as a threat' and a patch was released by all maor anti( viral companies" 5I LO6E 27 worm )ay 7' 6222 with the simple subect of $I@;B-A;>$ with an attachment $@;B-(@-##-F(0;F(A;>"#M#"vbs$" again it attacks the mailers list and mails it by itself and as an aNuntise as if generated by people from east& EFFE8TS J"J billion dollars in damage" <ritish parliament shut their systems dowm because of this" #he worm overwrote important files' as well as music' multimedia and more' with a copy of itself mainly microsoft windows" #he <arok troan used by the worm" It will add a set of registry keys to the &indows registry that will allow the malware to start up at every boot"