Malware Introduction

00:00

Hey, everyone, welcome back to the course. So in the last video we went through the introduction to the course. We talked about some of the prerequisites again. You just wanna have a foundation of knowledge of computers and how they work along with operating systems, file structures and also be mindful of some basic computer networking Sika. So you can fully understand some of things we're going through in this particular course

00:19

and this video, we're gonna take a brief introduction to Mao and I want to stress very brief,

00:23

just to give you some highlights of some terminology and some key points that were gonna make throughout the course.

00:29

So what is Malware will mail where just stands for malicious software. And there's several variants of that and you'll see the media will talk about malware a lot. And we're gonna go through this list here, and some of these air not actually malware their displays to do attacks.

00:42

So the virus is the 1st 1 up on. Most people are familiar with that, and unfortunately, the media, a lot of times will call like Trojans et cetera, viruses, but they're not actually that, but they'll they'll name that that way. But just understand that a virus is similar to a human virus, right? So if we have to flu or something like that, it needs a host to survive. So

01:02

a virus needs a host. So as an example with the flu,

01:04

if I cough and sneeze on you, I'm currently hosting the virus. And now I'm doing the user interaction part of putting the virus towards you, right? So when we think of computer viruses, it needs that user interaction. So maybe somebody clicking on a link in an email, somebody installing some free software that actually contains a virus in it.

01:22

So those are the types of ways, but it needs that human interaction to actually

01:26

propagate across the systems.

01:29

Now, when we talk about worms, they're self propagating. So what we mean by that is they can spread themselves. They don't need me to click a link. Ah, worm can actually spread itself. So it's a notable ones in the past, or things like SQL Slammer, They I love you, the M s Blaster. And then, of course, who can forget Stuxnet from back in 2010? I believe

01:49

so. Next up, Trojan. So you'll hear about like banking Trojans and that sort of stuff out in news articles. So these also need some kind of user interaction. So again, that's, you know, clicking a link in an email or visiting like a website that's infected. And a lot of times when you do the websites that are infected, you visit those. They'll do a pop up that will say, Oh,

02:07

your anti virus has found a virus and a computer click this link

02:10

to solve all your problems, right? And of course, that link is malicious and it's gonna download something. So just be mindful of that. If you're somebody out there that's not in security industry, just watching this course. Just be mindful of those things. If it looks too good to be true, it probably is.

02:25

So many of the pieces of malware out there nowadays air actually hybrid, so I'll combine like a Trojan and ah virus or a worm or something like that. And so their hybrid things you'll see that a lot with botnets. So they use different forms of Mauer to take over your computer and then plug it into their master baht net and a lot of botnets are rented out to other criminal hackers out there.

02:46

The mirror Barnett is one that most people know about because it took down a good part of the Internet

02:50

for a period of time, using I ot devices

02:53

ransomware something you'll definitely hear about in the media. And, in fact, as I'm filming this course, there was a recent attack on the Louisiana government. But there's been many hospital in health care related attacks, many government attacks, a cz well on government agencies. So ransomware is just nasty, right? It's encrypting your data, encrypting your file so you can access those

03:13

you see. It can become a very big problem when we're talking about things like government agencies as well as health care

03:17

working, actually blocking from performing patient care.

03:22

So some notable ones out there and there's many of them out there want to cry and lock. You were some notable ones that you probably have heard of from different media outlets.

03:30

Finalist malware, which is really not malware. It's just a different way to attack. So what this is doing is it's actually launching the malware in memories was just running it in memory and not actually doing it at the file level where, like anti Mau work solutions can actually find it.

03:46

So it's using things like a register keys. You're a P I scheduled task and is some estimates out there to the showing roughly 50% arm or off theme. Our attacks out there actually file us around this time.

04:00

I'm advertising. This is just drive by downloads, and it's using reputable sources. So, like you go to like New York Times or The Wall Street Journal and you're getting hit with these maverick rising attacks, some of them are just a simple as trying to get you to click a link to download something. All the ones are actually executing code on your system without any user interaction.

04:19

So I can tell you that the reason I go to new sites and I use a virtual machine is because

04:25

I've been a victim in the past of Malvo ties ing. So just keep that in mind,

04:30

and then next up we have adware, so this is kind of an older thing. You might see this out there if using like freeware and that sort of stuff. But this is an older type of attack out there, and it's just those little pop up she would get on your local system there and also in your browser as well.

04:44

And then finally, we have spyware. So this is gonna be your covert monitoring type of sulfur rights or behind the scenes you don't recognize that is going on, and this will a lot of times effect. It'll harvest your browsing information. So as I've it's a different websites you're capturing that might do screen captures as well.

05:00

Uh, one of the common things is gonna be stealing your credentials. So, like the banking Trojans,

05:04

that's a former spyware that's gonna steal your credentials. And then, of course, capturing your email data as well, seeing how your email et cetera.