Professional Documents
Culture Documents
Topic 3 - Malicious Code
Topic 3 - Malicious Code
Topic 3 - Malicious Code
Topic 3
Malicious Code
Topic Reading
• Interact content.
Malware
• Can be very difficult to recover from but best protection is a plain and
simple backup.
• Are self-replicating.
• Often associated with spreading via attacks on vulnerable services but can
also propagate through automated means such as e-mail or file shares.
• Because they can self-install without human interaction they can be quick
to spread and difficult to stop.
Rootkits
• Botnets are used to control targets in order to use them to launch various
types of attacks against further target systems.
Source: https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fblog.eccouncil.org%2Fwp-content%2Fuploads%2F2018%2F12%2Fthe-structure-of-a-botnet.png&f=1&nofb=1
Keyloggers
• Can work in various ways including capturing via the kernel, through APIs
or scripts, or directly from memory.
• Are spread via varied infection mechanisms and have many different
attacks methods and targets.
• PUPs are different in that they may not cause any harm directly.
• Can include adware, browser toolbars, tracking programs and other types.
• Includes scripts or bespoke code that isn’t malware but is may still be used
by attackers.
• Can be difficult to guard against because they leverage legitimate and well
used tools.
Adversarial Artificial Intelligence (AAI)