Spyware, Botnets and Unix-Linux Malware
Module 5
...
57 of 69
9/15/2017, 2:00 PM
Historically most malware was developed by individuals for a number of reasons, including but not limited to:
Desire to embarrass a group, organization or business,
Revenge against a group, organization or business,
Disseminate a political or ideological message, and
Being able to brag to associates that this individual was able to, or responsible for, breaking into the target’s
systems.
Over the last 10 to 15 years, criminal organizations have come to see malware as a lucrative source of income.
Consequently, the majority of malware is now written with the goal of financial profit. However malware based
attacks for ideological and political reasons still occur.
Spyware
As general Internet access grown and use of search engines, with paid advertising, along with widespread
Ecommerce usage, a broad category known as spyware has come into existence. Some spyware programs are
commercially produced for the purpose of gathering information about computer users, showing them pop-up
ads, or altering web-browser behavior for the financial benefit of the spyware creator. For instance, some
spyware programs redirect search engine results to paid advertisements. Other spyware programs differ in that
their creators present themselves openly as businesses, for instance by selling advertising space on the pop-ups
created by the malware.
Another form of malware allows the creator to directly use the infected computers to perform activities the
legitimate owner knows nothing about. One example of this are "spammer" viruses which make infected
computers act as proxies to send out spam messages. The advantage to spammers of using infected computers
is that they are available in large supply (thanks to the virus) and they provide anonymity, protecting the
spammer from prosecution.
There is also malware designed to steal information about the person whose computer is infected. Some
malware programs install a key logger, which copies down the user's keystrokes when entering a password,
credit card number, or other information, useful when stealing identities and transmits the information to the
malware creator automatically, enabling credit card or bank account fraud and other theft. A relatively new form
of malware is the "phishing" Email which is constructed to induce the recipient to use a web link within the Email
so the targeted individual can log into the web site of their bank, brokerage or other account and verify account
information. These Emails are designed to very accurately appear to the reader to have come from their bank,
brokerage, etc. and even include fake logos and other graphics virtually identical to the legitimate web site.
You've reached the end of your free preview.
Want to read all 69 pages?
- Spring '19
- Transmission Control Protocol, Intrusion detection system, Deep packet inspection
