Time
1 hour 51 minutes
Difficulty
Beginner
CEU/CPE
3

Video Description

Types of Malware (part 2) In this second part of our lesson on Malware, we explore in detail Adware, Ransomware, Trojans, Spyware and other types of Malware. Form this lesson you'll learn what each type does, points of entry into the network and you'll learn the various ranges of damage these Malware types can cause. [toggle_content title="Transcript"] Hello again. My name is John Oyeleke. I am a subject matter expert for the CompTIA security plus S-Y-0-4-0-1. Today WE WILL BE LOOKING AT "TYPES OF MALWARE". This is section 3.1 in the CompTIA syllabus. Types of malware. We have different types of malware to review. We will be discussing things like ad-ware, ransomware, viruses, spyware and Trojans, rootkits, backdoors, logic bombs, botnets. Let's start with Ad-ware. The term ad-ware comes from advertising software. So we can see the term ad-ware comes from advertising software. People need to put adverts in front of your eyeballs. You visit a website and you have pop-ups appear on your screen. Pop-ups could be very irritating and some of them could come with a malicious payload. You spend your time, waste your time, trying to click on the pop-ups to close them off. What if you activate a malicious payload? Ad-ware, we experience this in the form of pop-ups. There are methods by which we could prevent against adware, in the form of pop-ups. We go to--you click on start, control panel. You go to internet options within the control panel. On the internet options you have on the privacy tab you could turn on pop-ups or disable popups from there. The issue with popups is that when you visit some sites they would request the use of the pop ups. "Oh, you must have pop-ups turned on to use this site." For such sites, on that same page you could selectively click on, "settings" to allow those specific websites. This is how you take care of the pop-ups. Our next one we have there, malware. We look at viruses. Viruses are malicious program designed to cause harm to your systems. They have numerous types of effects. Some will slow down your pc. Your files will start to disappear. Files start to change size. The icons start to look different. Those are different symptoms about malware in the form of a virus. There are distinct characteristics about viruses. Viruses are said to be dormant in that they need human interaction. A virus needs a file to attach to. The virus would attach to the file, one of the reasons why we see files increase in size and every time you move the file you are moving the virus. You open the file you are running the virus. You copy the file you've copied the virus, so Viruses need human interaction. Worms on the other hand are also malicious programs designed to cause harm to your system. However, worms unlike viruses do not require human interaction. These worms are designed to self-replicate. They know how to move from one media to the next. They know how to propagate themselves on the system. We also have Trojans. Trojans are software designed. They appear to do good, but they're also doing bad. An unknowing person would go to a website, you download a software make your computer run faster. You think this software is going to make your computer run faster not knowing that it's also doing some other things in the background. Those are called Trojans. They are malicious. They are presented as doing good but they also have bad properties they have to offer. We also look at rootkits. Rootkits are tools used by malicious persons to gain root access to your systems and also hide their presence within the system. When we say root access, we mean administrative access. You remotely gain administrative access to a system and also hide the presence within the system because the longer they can stay in the system the better. The earlier you can detect them you want to kick them out, so they want to mask their presence within your system. Another type we look at is logic bomb. A logic bomb is a piece of code inserted in your software. A piece of code inserted in your software to activate at a future date or event. Maybe at a specified date as programed by the attacker. The systems, maybe your network might go down, a server might shut down or the server gets the impression it's filling up on space and is giving an alert. Malicious persons would use this probably put themselves on your payroll. That way every time you invite them to solve the problem they get paid for it. That is the logic bomb. A piece of code inserted in your software. A logic bomb is usually very difficult to detect. Best way is that they can stay dormant until the triggers are alerted. Until the triggers, whatever situation, time day or event, program to trigger them shows up. We also have something called Ransomware. Malicious persons would infect your systems, with viruses or Trojans that disable all possible use of your system. This way they either threaten you. We have different types of ransomware. We have something called the MoneyPak virus, we have something called the Cryptal Lock virus, we have something called the FBI virus. Effectively they lock your screen. Giving you maybe the option, somewhere on your screen a button. The only thing that would work is pay here. They want you obtain some form of card, load the card with money, scratch up the card and give them the digits. Effectively you are transferring money out of your pockets into theirs across the internet. They'll lock your screen, disable all possible use of your system. They could also lock your database. Then you are held ransom. Unless you pay you don't have access to your system. This is a new form of attack now widely spreading across the internet. It's called a ransomware. Some other types of virus, we have what is called a Polymorphic Virus. These are viruses that change their form. They change their signatures. Periodically, such that the antivirus used in detection becomes incapable of detecting them. Polymorphic viruses, they'll change their form frequently to beat antivirus software. We also have armored viruses. Armored viruses are viruses that encrypt themselves to avoid detection. By encrypting themselves their signatures become unreadable. This is also another method to beat your antivirus such that they can stay longer in the system. You hide by encrypting the code of the virus. We also have Botnets. Botnets are malicious code inserted in systems across the internet. They are usually employed in a distributed denial of service attack. The malicious person will install botnets over multiple systems across the internet such that they can remotely control these systems to act in a specific fashion. They're used in a distributed denial of service attack. This is it for section 3.1, "Types of Malware". We look forward to seeing you in the next videos thank you for now. [/toggle_content]

Video Transcription

00:04
Hello again. My name is John Lake, a subject matter expert for the county of Security. Plus, that's why +0401
00:12
today we would be looking at types off malware.
00:15
Is this section 3.1? In the county of syllabus
00:19
types off malware, we have different types of malware to review. We will be discussing things like hardware around somewhere Viruses, spyware on dhe Trojans, root kits, backdoors, logic bombs.
00:33
But Nets.
00:35
Let's start with hardware.
00:37
The term hardware comes from advertising software so we can see the term adware come from advertising
00:44
software
00:45
on.
00:46
These
00:48
people need to put adverts in front of your eyeballs. So you obviously the website
00:54
and you have pop ups appear on your screen.
00:57
Pop ups could be very irritating on some of them could also come with a malicious payload. You you spend your time with your time trying to click on the pop ups toe. Close them off. What if
01:11
you activate
01:12
malicious payload?
01:14
So I wear
01:15
We experience these in the form of pop ups.
01:19
There are methods by which we could prevent against hardware in the form of pop ups.
01:25
We go toe, um,
01:26
you click on Start control panel, you goto Internet options within the control panel on the Internet options you have on the privacy top
01:37
you have. You could turn on pop ups or disabled pop ups from there. The issue with pop ups is that when you visit some sites, they would require the use off the pop up, so you must have pop ups turned on to use this site for such sight. On that same page, you could selectively click on settings
01:56
toe, allow do specific websites,
01:59
and this is how you take care off
02:01
the pop ups. Our next one. We have their malware. We look at viruses viruses, a malicious program designed to cause harm to your systems. They have numerous times of effects. Some will slow down your PC.
02:15
Your files will start to disappear.
02:19
Files start to change size. The I can't start to look different.
02:24
Those are different symptoms about
02:29
mile wet in the form of a virus.
02:30
There are distinct characteristics about viruses. Viruses are said to be
02:36
dominant in that they need human interaction. The various needs a file to attach to the various would attach to the fire. One of the reasons why we see files increasing size on every time you move the file, you are moving the virus. You open the file, you are running the virus,
02:54
you puppy the fire.
02:57
You've copied the virus. So viruses need human interaction. Warms, on the other hand, are also malicious. Programs designed to cause harm to your system. However, warms on like viruses do not require human interaction.
03:14
These worms are designed to self replicate. They know how to move from one media to the next. They know howto propagate themselves on the system. We also have Trojans. Trojans are software designed.
03:29
They appear to do good, but they're also doing bad. So unknowing person will go to a website. You download the software, make your computer on faster.
03:40
You think that software is gonna make your computer on faster, not knowing that it is also doing some other things in the background.
03:49
Those are called trojans. They're malicious. They are presented as doing good, but they also have bad properties they have to offer.
03:59
We also look at root kids route. Kids are tools used by malicious persons to gain root access to your system's on also hide their presence within the system. When we say root access, we mean administrative access. So you remotely gain administrative access to a sister
04:18
on Also hide the presence within the system because the longer they can stay in the system, the better
04:25
the earlier you can detect them. You want to kick them out so they wantto mask
04:30
their presence within your system.
04:32
Another type we look at is
04:35
logic. Bump.
04:38
A logic bomb is a piece off coat inside it in your software.
04:43
This is a software a piece off court inside it in your software toe. Activate at a future date or event.
04:49
So maybe at a specified date as programmed by the
04:55
attacker,
04:57
the system's Maybe your network might go down and sever my shot down. Or the summer gets the impression it's filling up on space and is given an alert. Malicious persons will use this. Probably put themselves on your payroll.
05:13
So that way, every time you invite them to solve the problem, they get paid for it.
05:17
That is the logic bomb a piece off software, a piece off court inside it. In your software, a logic bomb is usually very difficult to detect. Best way is that they can stay dormant until
05:30
the triggers are
05:31
alerted. I mean, until the triggers,
05:34
whatever situation, time or day or event program to trigger them shows up. We also have something called Run Somewhere. Malicious persons will infect your systems with viruses or Trojans
05:50
that disable all possible use of your system.
05:56
This way,
05:57
they either threatening you. We have different types off around somewhere. We have something called the money Part virus. We have something called a crypto log virus. We have something called the FBI virus. So effectively they lock your screen. Giving you may be the option. Somewhere on your screen.
06:15
A button.
06:17
The only thing that will work is pay here, so they want you obtain some form of card.
06:24
Load the card with money. Scratch off the card on. Give them the digits
06:29
effectively. You're transferring money out of your pocket into this across the Internet so they lock your screen, disable all possible use of your system. They could also look your database. Then you are held ransom. Unless you pay, you don't have access to your system. This is a new form of attack now
06:48
widely spreading across the Internet.
06:50
It's called around somewhere. Some other types of viruses we have, what is called polymorphic virus. These are viruses that change their form.
07:00
They changed their signatures periodically, such that the anti virus used in detection is becomes
07:09
in capable of detecting them. Polymorphic viruses there change their form frequently
07:15
to beat
07:17
antiviral software.
07:19
We also have a more viruses.
07:23
I'm what viruses? Viruses that in Crete themselves
07:28
tow. Avoid detection. So by encrypting themselves,
07:31
their signatures become unreadable. This is also another method to beat your antivirus. Suck that *** and stay longer in the system.
07:43
You hide by encrypting the code off the virus.
07:48
We also have button. It's
07:50
but now it's our sister
07:54
Malicious, called incited in systems across the Internet
07:58
they usually employed in a distributed denial of service attack
08:03
the malicious person will install but nets over multiple systems across the Internet,
08:11
such that they can remotely control these systems.
08:15
Toe act in a specific fashion
08:16
they used in a distributed denial of service attack.
08:20
Well, this is it for section 3.1 types off malware.
08:26
We look forward to seeing you in the next videos.
08:28
Thank you for now.

Up Next

Fundamental Vulnerability Management

Vulnerability Management is a continuous information security risk process that requires management oversight and includes a 4-tier approach of: discovery, reporting, prioritization, and response

Instructed By

Instructor Profile Image
John Oyeleke
Lead IT Security Instructor
Instructor