Professional Documents
Culture Documents
Vrmlwinfo Eng
Vrmlwinfo Eng
Vrmlwinfo Eng
File infectors: These viruses attach themselves to executable files and propagate
by infecting other files.
Macro viruses: Target macros in documents, spreadsheets, etc., and can execute
malicious code when the document is opened.
Boot sector viruses: Infect the boot sector of storage devices, enabling them to
execute when the system boots up.
Multipartite viruses: Infect both files and boot sectors to maximize their spread
and persistence.
Polymorphic viruses: Constantly mutate to evade detection by antivirus programs.
Metamorphic viruses: Rewrite themselves entirely upon replication, altering their
code structure.
Retro viruses: Target antivirus software, aiming to disable or evade them.
Resident viruses: Embed themselves in system memory, allowing them to execute
whenever the infected system runs.
Worms:
Email worms: Spread through email attachments or links and can replicate themselves
automatically.
Internet worms: Exploit vulnerabilities in network services or protocols to spread
across the internet.
Network worms: Propagate through network shares or vulnerabilities, infecting
connected systems.
File-sharing worms: Utilize peer-to-peer file-sharing networks to spread and infect
other users' devices.
Trojans:
Backdoor Trojans: Create a backdoor on the infected system, allowing unauthorized
access.
Rootkit Trojans: Conceal malicious activities by manipulating system functions at
the root level.
Banking Trojans: Steal sensitive financial information such as login credentials or
credit card details.
Remote Access Trojans (RATs): Enable remote control of infected systems, often used
for surveillance or data theft.
Keylogger Trojans: Record keystrokes to capture sensitive information like
passwords.
FakeAV Trojans: Mimic legitimate antivirus software to trick users into installing
malware.
Game-thief Trojans: Target online gaming accounts, stealing credentials or in-game
items.
DDoS Trojans: Coordinate infected devices to launch Distributed Denial of Service
attacks on target systems.
Infostealer Trojans: Specifically designed to steal personal or sensitive
information from infected systems.
Ransomware:
Encrypting ransomware: Encrypts files on the victim's system and demands payment
for decryption.
Locker ransomware: Locks the victim out of their system or files without
encryption, demanding payment for access restoration.
Master Boot Record (MBR) ransomware: Infects the Master Boot Record of a system,
preventing it from booting until a ransom is paid.
Mobile ransomware: Targets mobile devices, encrypting files or locking the device
until a ransom is paid.
Ransomware as a Service (RaaS): Allows cybercriminals to use ransomware with
minimal technical expertise, often through a subscription-based model.
Scareware: Displays fake warnings or alerts to intimidate users into paying for
unnecessary or fake services.
Spyware:
Adware: Displays unwanted advertisements or redirects users to advertising sites.
Tracking cookies: Monitor user activities across websites for targeted advertising
or data collection purposes.
System monitors: Record system activity, including keystrokes, browsing history,
and application usage.
Trojans with spyware capabilities: Trojan horses equipped with spying
functionalities like keylogging or screen capturing.
Adware:
Browser hijackers: Modify browser settings, redirecting users to sponsored websites
or search engines.
Pop-up ads: Generate intrusive advertisements, often appearing as pop-up windows.
Malicious toolbars: Install browser toolbars that display advertisements or collect
user data without consent.
Ad-supported software: Free software bundled with advertisements or sponsored
content, often generating revenue for the developer through ad clicks or
impressions.
Rootkits:
Firmware rootkits: Infect firmware components like BIOS or UEFI, allowing
persistence and control over infected systems.
Hardware or firmware rootkits: Manipulate hardware components or firmware to evade
detection and maintain control.
Hypervisor or virtual machine-based rootkits: Target virtualized environments,
compromising the underlying hypervisor to gain control over virtual machines.
Kernel rootkits: Tamper with the operating system kernel to conceal malicious
activities and maintain privileged access.
User-mode or application rootkits: Modify user-level processes or applications to
hide malware presence and maintain persistence.
Botnets:
Zombie networks: Compromise multiple devices, forming a network of bots controlled
by a central command server.
Command and Control (C&C) servers: Direct botnet activities, issuing commands to
compromised devices for various malicious purposes.
Botnet agents or zombies: Infected devices within a botnet, capable of carrying out
commands from the C&C server, such as launching DDoS attacks or sending spam
emails.
Logic Bombs:
Time bombs: Trigger at a specific time or date to execute malicious actions, such
as data deletion or system disruption.
Event-dependent logic bombs: Activate based on specific conditions or events, such
as the termination of an employee's contract, to cause damage or disruption.
Scareware:
Fake antivirus software: Displays false alerts claiming the system is infected,
prompting users to purchase fake security solutions.
Fake system optimizers: Claim to improve system performance but often perform
unnecessary or harmful actions, such as deleting critical files or installing
additional malware.
Fake security software: Mimics legitimate security tools but lacks actual
protective capabilities, aiming to deceive users into paying for useless services.
Fileless Malware:
Memory-based malware: Executes directly from system memory, leaving little to no
trace on disk, making detection and removal challenging.
PowerShell-based malware: Utilizes PowerShell scripting language to execute
malicious commands or download additional payloads.
Script-based malware: Relies on scripting languages like JavaScript or VBScript to
perform malicious actions, often delivered via email attachments or compromised
websites.
Polymorphic Malware:
Self-changing malware: Alters its code or appearance with each iteration to evade
signature-based detection mechanisms.
Metamorphic malware: Completely rewrites its code upon replication, changing its
structure while preserving functionality to avoid detection.
Mobile Malware:
Android malware: Targets Android devices, often through malicious apps distributed
via third-party app stores or phishing.
iOS malware: Affects iPhones and iPads, typically through jailbroken devices or
malicious apps sideloaded from unofficial sources.
SMS trojans: Spread through text messages, often tricking users into installing
malicious apps or subscribing to premium services without their consent.
Mobile ransomware: Encrypts files or locks devices, demanding ransom for decryption
or access restoration.
Macro Malware:
Microsoft Office macro malware: Exploits macro functionality in Microsoft Office
documents to execute malicious code when opened.
Malicious macros in documents: Embedded in documents to perform various malicious
actions, such as downloading additional malware or stealing data.
Exploits:
Browser exploits: Target vulnerabilities in web browsers to execute malicious code,
often through drive-by downloads or malicious websites.
Operating system exploits: Exploit weaknesses in operating systems to gain
unauthorized access, escalate privileges, or execute arbitrary code.
Software exploits: Target vulnerabilities in third-party software applications to
compromise systems or install malware.
Zero-day exploits: Exploit previously unknown vulnerabilities, providing attackers
with a window of opportunity before patches or defenses are available.
Phishing Malware:
Phishing emails: Deceptive emails that mimic legitimate entities to trick users
into divulging sensitive information, clicking on malicious links, or downloading
attachments containing malware.
Phishing websites: Fake websites designed to impersonate legitimate ones, aiming to
steal login credentials or financial information.
Spear phishing: Highly targeted phishing attacks tailored to specific individuals
or organizations, often using personalized information to increase credibility and
effectiveness.
Scam Malware:
Tech support scams: Deceptive tactics used to trick users into believing their
computer is infected, leading them to pay for unnecessary services or installing
malicious software.
IRS scams: Impersonate tax authorities, threatening victims with legal action or
fines to extort money or sensitive information.
Fake antivirus scams: Present false alerts claiming the system is infected and
prompt users to purchase fake antivirus software.
Lottery scams: Notify victims of fake lottery winnings, requiring them to pay fees
or taxes upfront to claim the prize, which doesn't exist.
Drive-by Downloads:
Malicious redirects: Redirect users from legitimate websites to malicious ones,
often hosting exploit kits or malware downloads.
Malvertising: Distribute malware through online advertisements displayed on
legitimate websites, exploiting vulnerabilities in ad networks or browsers.
Watering hole attacks: Compromise websites frequented by target individuals or
organizations, infecting visitors with malware to gain unauthorized access or steal
data.
Droppers:
Downloader Trojans: Download and install additional malware onto infected systems,
often acting as a first-stage payload.
Binder Trojans: Bind malicious code with legitimate files or applications to evade
detection and execute alongside trusted processes.
Malicious scripts: Execute scripts, often delivered via email attachments or
compromised websites, to download and execute malware payloads on target systems.
Firmware Malware:
BIOS/UEFI malware: Infect firmware components like BIOS or UEFI to gain persistence
and control over infected systems, often challenging to detect and remove.
HDD firmware malware: Manipulate hard drive firmware to conceal malicious
activities or evade detection by security software.
Router firmware malware: Infect network routers or other network devices to
intercept traffic, steal data, or perform other malicious activities within a
network.
AI-Based Malware:
Generative Adversarial Networks (GAN) malware: Utilizes AI techniques to generate
and modify malware variants, evading detection by traditional security measures.
AI-driven phishing attacks: Employ machine learning algorithms to craft convincing
phishing emails or messages tailored to individual targets, increasing the
likelihood of successful attacks.
AI-powered malware detection evasion: Develops evasion techniques based on AI to
bypass machine learning-based security solutions, adapting to evolving detection
methods.
Scam Malware:
Tech support scams: Deceptive tactics used to trick users into believing their
computer is infected, leading them to pay for unnecessary services or installing
malicious software.
IRS scams: Impersonate tax authorities, threatening victims with legal action or
fines to extort money or sensitive information.
Fake antivirus scams: Present false alerts claiming the system is infected and
prompt users to purchase fake antivirus software.
Lottery scams: Notify victims of fake lottery winnings, requiring them to pay fees
or taxes upfront to claim the prize, which doesn't exist.
Man-in-the-Middle (MitM) Attacks:
DNS changer malware: Modifies DNS settings on infected devices to redirect users to
malicious websites or phishing pages.
DNS spoofing: Manipulates DNS responses to redirect users to malicious servers,
enabling various attacks, such as phishing or malware distribution.
Browser Malware: