Discussion of Malware
Prof. Calvin Skinner
The use of malware is a way for attackers to gain access to person information from a personal computer or company information from an organization. There are several types of malware which include virus, rootkits, and worms. Each malware serves different purposes to achieve the goal of an attacker. An attacker could be envious of a past lover and could send a virus to their email to shutdown the operations of their computer. A disgruntle employee could send a worm to their old company and slow down production of the company. A random person looking for a thrill could set up a rootkit on a company’s network to gain access to company secrets. Each malware is given a name specified for its cause, for example the Trojan Worm. The name is given to this virus because of the activity that happens once it is executed. Viruses are named by antivirus companies who avoid using proper names. The Melissa virus was named by its creator, David Smith, for a Miami stripper. This paper will discuss 5 different types of malware and inform the targets for these attacks.
Discussion of Malware
The first malware that will be discussed is the Melissa Virus. This virus was detected on the 26th of March 1999. This virus is a Microsoft Word macro virus that is delivered as an E-mail attachment. The virus is activated when an attachment named, list.doc is opened. When it is activated, the Melissa virus searches the Microsoft Outlook address book and sends a message to the first 50 names. This virus proliferates itself as users open the attachment. Melissa doesn’t work on Outlook Express, just Outlook.
The message appears to come from the person just infected, which means that the message will seem to come from a recognizable email address. Melissa doesn’t destroy files or other resources, but has the possibility to immobilize corporate and other mails servers. The origin of the Melissa virus is from an Internet alt.sex newsgroup and contains a list of passwords for various Web sites that require memberships. Melissa also has the ability to disable some security safeguards.
Users of Microsoft Word 97 or 2000 with Microsoft Outlook 97, 98, or 200 are most likely to be affected. When the virus attacks, it can infect the copy of Microsoft Word that is installed as well as any following Word documents that are created. It can also change the setting of Microsoft Word to make it easier for the computer to become infected by it and succeeding macro viruses. Users of Word 97 or 2000 containing any other E-mail programs can be affected also; the difference is that Melissa will not automatically redistribute itself to the contacts through other E-mail programs. It can still however infect the copy of Microsoft installed on the machine. This infected copy can still be shared with others if a document is created in the infected copy and distributed through E-mail, floppy disk, or FTP. Although the virus won’t appeal to the mailout on a Mac system, it can be stored and resent from Macs. To avoid this virus, it is suggested to not double-click any file, such as an E-mail attachment, without scanning it first with antivirus software, regardless of who it is from.
The next malware to be discussed is SQL injection which is an attack where malicious code is placed in within strings that are shortly passed on to an example of SQL Server for parsing and implementation. A form of SQL injection consists of direct placing of code into user-input variables that link with SQL commands and executed. An attack that is not as direct, inserts malicious code into strings that are intended for storage in a table or as metadata. The malicious code is executed once the stored strings are linked into a dynamic SQL command. In SQL Injection, the hacker uses SQL queries and ingenuity to get to the database of susceptible corporate data through the web application.
Websites with features as...
Please join StudyMode to read the full document