. Trojan Horse
▪ Malicious software that is
disguised as a piece of harmless
or desirable software
▪ Trojans perform desired functions and
malicious functions
o Remote Access Trojan (RAT)
▪ Provides the attacker with remote
control of a victim computer and
is the most commonly used type
of Trojan
• Ransomware
o Ransomware
▪ Malware that restricts access to
a victim’s computer system
until a ransom is received
▪ Ransomware uses a vulnerability
in your software to gain access
and then encrypts your files
▪ Example
• $17 million: SamSam cost the
City of Atlanta
• Spyware
o Spyware
▪ Malware that secretly gathers
information about the user
without their consent
▪ Captures keystrokes made by the
victim and takes screenshots that
are sent to the attacker
o Adware
▪ Displays advertisements based
upon its spying on you
o Grayware
▪ Software that isn’t benign nor
malicious and tends to behave
improperly without serious
consequences
• Rootkits
o Rootkit
▪ Software designed to gain
administrative level control
over a system without detection
▪ DLL injection is commonly used
by rootkits to maintain their
persistent control
o DLL Injection
▪ Malicious code is inserted into a
running process on a Windows
machine by taking
advantage of Dynamic Link Libraries
that are loaded at runtime
o Driver Manipulation
▪ An attack that relies on
compromising the kernel-mode
device drivers that operate at a
privileged or system level
▪ A shim is placed between two
components to intercept calls and
redirect them
o Rootkits are activated before
booting the operating system and
are difficult to detect
Tags:
WHAT IS TORJAN VIRUS