Thus, it is probably a kind of workaround the authors of these malwares have found: They try to break the 'sensors' of programs that are in theory able to block them, to prevent their install. This way, these malwares are free to install and to perform any changes they need on the system (for example, during tests with one program, after a simple process execution, a root kit was installed, undetected, and could install 2 other kernel-mode root kits, without any alerts from the HIPS; nothing in the logs either: The program was like dead).
Malwares
These malwares are then very dangerous, not only because they can bypass programs that are supposed to block them, but because once they're installed, nothing abnormal is showing on the system protected by an HIPS which was bypassed: If the HIPS was killed, the program interface is still showing its status as 'OK', 'running', leaving the user in a false sense of security (thinking he is protected, although he isn't). Note: These malwares are unable to perform unhooking, and to install, when run in a user-mode account.
One insidious type of Trojan horse is a program that claims to rid a computer of malwares but instead introduces malwares onto the computer. Although terms such as virus or anti-virus may be used for clarity, such terms are used only as example of malwares and the present invention contemplates any and all types of malware, including, but not limited to computer viruses, computer worms, Trojan horse programs. Most binary malwares only work on Linux on an Intel platform. For the same reason, binary malwares do not work on Linux for PowerPC. The second reason binary malwares do not work on Mac OS X is the executable format. Possibilities of binary malwares may work properly on Mac OS X if they are re-compiled for the OS.
Malware
Malware is a catch-all term for any kind of code that was written with malicious intent. To these date, the most popular form of Malware is the worm. Worms are self-propagating malwares that are usually executed as stand-alone code and they propagate by copying their executable codes to other PC’s, file shared on the Fileservers or to any web servers hosting FTP’s. Because worms are often implemented using VBA macros, they are the most common malwares associated with Office documents; one very common vector for spreading worms is the accidental release of an infected Word or Excel documents.
Thus, the challenge is how to prevent the malware from circulating and from spreading further. Doing so minimizes the threat of these malwares. Currently, they are not reported to be prevalent but is worth the effort to understand the threat pose by malwares. Information theft will be one of the biggest threats caused by malware. Upon execution, it connects to some predefined websites via TCP port 8080 to download malware.
Rob Houston is a successful Webmaster and publisher of www.ByeByeSpyware.net. He provides more information about spyware and spyware issues that you can research in your pajamas on his website.
Source: EzineArticles.com
Things You Need To Know About The Dangers Of Malware
Things You Need To Know About The Dangers Of Malware
2007-09-30T13:34:00-07:00
Bonitoo
Others
|
Security
|