356lecture09

To explode when certain conditions are met payload

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: m infecting Windows 95 to XP systems –  on trigger date causes files on the hard drive to become empty •  ransomware –  encrypts the user’s data and demands payment in order to access the key needed to recover the information –  PC Cyborg Trojan (1989) –  Gpcode Trojan (2006) Payload System Corruption •  real-world damage •  causes damage to physical equipment –  Chernobyl virus rewrites BIOS code •  Stuxnet worm –  targets specific industrial control system software •  there are concerns about using sophisticated targeted malware for industrial sabotage •  logic bomb •  code embedded in the malware that is set to “explode” when certain conditions are met Payload – Attack Agents Bots •  takes over another Internet attached computer and uses that computer to launch or manage attacks •  botnet - collection of bots capable of acting in a coordinated manner •  uses: •  •  •  •  •  •  distributed denial-of-service (DDoS) attacks spamming sniffing traffic keylogging spreading new malware installing advertisement add-ons and browser helper objects (BHOs) •  attacking IRC chat networks •  manipulating online polls/games Remote Control Facility •  distinguishes a bot from a worm •  worm propagates itself and activates itself •  bot is initially controlled from some central facility •  typical means of implementing the remote control facility is on an IRC server •...
View Full Document

This note was uploaded on 02/11/2014 for the course CS 356 taught by Professor Danmassey during the Spring '13 term at Colorado State.

Ask a homework question - tutors are online