Saturday, March 12, 2011

Malware Glossary

Our Glossary contains many terms that may be used throughout the ESG website in addition to the software applications that we offer. This Glossary will assist you on defining many technical terms used to describe various computer security-related aspects.

Below are common online security terms in alphabetical order:

A

ActiveX Controls
Small applications that add interactive functions and features to web pages. ActiveX can be used for multimedia and animation effects in addition to being used to display pop-ups or applied to desktop applications and software development tools. ActiveX is usually automatically installed and activated without computer user interaction or permission allowing malicious code to be installed initiated in some cases.

Adware
Programs designed to display or launch advertisements. Displays advertisements in the form of pop-ups, image banners or text banners. Adware programs are built into other shareware or freeware applications. Trojans can download and install malicious adware programs automatically without the computer users permission. Web browser vulnerabilities are also used to download and install adware programs silently.

Alias
An alternative Trojan, virus or other malware name used by other anti-virus or anti-spyware vendors. A security organization may give a computer parasite a different name for a specific computer virus.

Application
A program that can be installed onto a computer consisting of executable, data, DLL files and registry settings. Most applications are accompanied by install and uninstall files.

Attack
An assault that causes damage or theft of stored data. Some attacks may result in sabotage of a computer network.

Automatic Download Software
An application used to download and install software without permission or interaction from the computer user.

Backdoor
Remote control software that allows an attacker or third part to gain access to the infected computer. Backdoors can compromise a victim's computer allowing theft of personal information. Trojans are considered to be Backdoor infections as they bypass security mechanisms.

Background task
An application or process that continually runs without intrusion, visible windows or user interfaces visible to the computer user. Malicious applications can run in the Background without alerting the computer user of its operation.

Batch files
A batch or sequence of commands carried out by a file that contains operating system commands. The .bat extension is used for batch files. Batch files are compatible with Windows operating systems.

BIOS
A small piece of software stored on the motherboard of a computer providing basic functions to the operating system or functionality of the system.

Block list
A list of web addresses or e-mail messages that are believed to be malicious in content or known to send spam messages.

Boot disk
A disk containing specific files or programs that allow a computer to startup. A boot disk can be in the form of a bootable CD, floppy disk or physical hard drive. Boot disks are usually required to effectively remove viruses with an antivirus application.

Boot record
A part of the boot area or files that contain the instructions needed to start up a computer. Boot records are infected by viruses allowing a virus to install itself into memory during startup.

Boot sector infector
A type of virus that corrupts the boot sector on a drive or disk allowing the virus to load into memory at startup. This type of virus is known to spread very quickly.

Botnet
A group of networked computers pre-programmed to automatically perform actions such as send out spam messages. A botnet can send out thousands of spam messages from a single computer.

Browser Helper Object (BHOs)
A type of Dynamic Link Library (DLL) file that Internet Explorer allows to alter or modify the way it acts or functions. A BHO can include adding menu items, toolbars and the modification of HTML data.

Browser hijacker
Programs that replace the set browser home page, search results page, error page, search page or other browser content with unexpected or unwanted content.

Browser Plug-in
A software component that interacts with a Web Browser application that provides additional functions or capabilities otherwise not included in the browser. Types of browser plugins can include ActiveX Controls and Browser Helper Objects.

Bundling
A practice of distributing multiple pieces of software or files together. In some cases unwanted software is distributed spreading malicious applications or parasite infections through a bundle without notice or consent to the computer user.

Certificate
An electronic document that contains and proves the identity of a website. Certificates are used to prove weather a website is authentic and contains a user's name and public key.

Cookie
A piece of data that a website uses to save on the hard drive for retrieval during visits to the a specific website. Unique identifiers are used by some cookies linking information such as registration, login data, user preferences, shopping care info etc.

Denial of Service (DoS) attack
Concentrated efforts to make a computer resource or website unavailable to its intended users. DoS attacks consist of bombarding the target machine with a large amount of external communication requests preventing normal traffic from accessing the machine or source.

Dialing Software
Programs that use a computer's modem to make calls or access services. Dialers can contact malicious sources where the download of unwanted files or theft of personal information can occur.

Distributed Denial-of-Service (DDoS) Attack
In addition to a DoS attack this is a processes involving botnets or a group of compromised systems to make a resource or website unavailable to its intended users.

Downloader
An application designed to download and install files in an automated process. Unwanted files or applications can be downloaded by downloaders potentially infecting a computer with a parasite.

Drive-by-Download
An automatic download of software or files when a specific website is visited. This process is typically performed by exploiting security holes or modified security settings on a specific computer.

Droneware
Applications used to remotely control a computer for malicious actions such as sending spam messages or running DDoS attacks.

Dropper
Malicious file that carries a Virus or Trojan infection dropping it onto a specific computer for malicious intent.

End User License Agreement (EULA)
A legal agreement or contract between the author and user of a particular program. The software license specifying the parameters and limitations of use of an application.

Exploit/Security Exploit
Software that takes advantage of a vulnerability within a user's system for gaining access to the system.

Hacker Tool
Tools or programs used by a hacker to gain access to a computer so it can be attacked. Hacker tools are commonly used to gain information or access hosts bypassing security mechanisms put in place for protection. Also they are used to disable a computer preventing normal use.

Hijacker
Software that modifies a computer without notice or consent to the user. Normally hijackers modify browser setting changing the home page or redirecting users to unwanted web pages.

Host File
A file used to look up the IP address of a device connect to a computer network. Parasites may use host files to redirect computer users to malicious websites.

JavaScript virus
A virus obtained from a JavaScript running from either a website or other malicious source. A JavaScript Virus may not require much interaction from the computer user for infection.

Keylogger (or Keystroke Logger)
Tracking software that records keyboard activity. A Keylogger can essentially compromise logins and passwords where they are transmitted to a remote user. Some Keylogger software is legitimate but is mostly used for malicious actions leading to identity theft.

Malware
Malicious Software programs that are designed to perform unwanted actions or compromise your system. Popular examples of malware include Viruses, Trojans and unwanted programs.

Master Boot Sector virus
A virus infection affecting the master boot record on a hard drive or disk. This type of virus infection loads into memory at boot before an antivirus application is able to detect or remove it.

MD5
A one-way operation hash function transformed into a shorter, fixed–length value. Verifies the data integrity by performing a hash operation on the data after received. No two or more strings will produce the same hash value.

Objective Criteria
Criteria used by anti-spyware companies determining behavioral factors in consideration of a process.

Packer
A program used to compress a group of files and encrypt the original code. Packers perform this process to prevent matching the memory image of a file so that it may be difficult to detect.

Password Cracker
Software designed to decrypt a forgotten, lost or unknown password. Password Cracker identifies a password by running a brute-force attack, a method of testing each character combination to find the password. If used for illicit purposes a Password Cracker could pose a serious security and privacy risk.

Phishing
Fraudulent activity that acquires personal information such as credit card numbers, social security numbers and passwords. Phishing comes in the forms of email and websites. A phishing website has a faux interface that usually resembles a legitimate site that the computer user is not able to identify in most casts. A phishing email message usually spoofs a legitimate sender or company that the computer user identifies as legitimate.

Port Scanner
A security software used to discover the computer network services a remote system provides.

Potentially Unwanted Program (PUP)
A program that performs malicious actions and compromises the security and privacy of a computer.

Privacy Policy
A notice that is legally binding providing how a company deals with personal information of a user. Privacy Policies disclose how the uses of data, including secondary data, is used and shared with other parties.

Registry
A database used by an operating system that stores certain user information, settings and license information about all installed hardware and software on a computer.

Registry Keys
Individual entries in the Registry that includes values for specific settings of installed programs. Registry keys are susceptible to be changed by computer infections which can impact the usability of your computer.

Remote Access/Administration Tool (RAT)
A program that allows remote access of a system. If used by attackers, a remote access program can be used to install unauthorized programs or perform malicious actions.

Remote Control Software
Any type of application used to give remote access of a computer.

Rootkit
An application that maliciously gains and/or maintains administrator level access without detection. Rootkits can be used to create a Backdoor where a computer could be compromised. Once a program has gained access it can be used to record keystrokes and monitor internet activity thus stealing personal information.

Scam
Scams are usually referred to as a form of fake email messages that mislead computer users promising material or luck to future recipients of the message. Scams are also associated with money-based hoaxes or far-fetched promises.

Screen Scrapers/Screen Capturers
A type of tracking software that records desktop activity in addition to keystrokes. Screen Capture programs are used to record videos of on-screen computer activity for viewing at a later time. If used for malicious purposes a screen scraper or screen capture program can lead to theft of personal information.

SkypeSkraping
SkypeSkraping is a computer exploit in the Skype application that allows attackers to take control over another person's account.

Spam
Junk mail or email messages that are unwanted or unrequested. Spam is usually sent to multiple recipients advertising products. Spam messages also include emails containing malicious attachments that if opened could infect the recipients computer.

Spoofing
A method of faking an email address, IP or legitimate website to acquire personal information or access to a secure system.

Spyware
Tracking applications that send information about personal details without the computer user's permission. The use of common spyware is to emulate commercial software impairing a users ability to control their computer and greatly affect system security.

System Monitor
A type of tracking software that monitors computer activity. If used by attackers a system monitor program could be used to compromise a user's computer thus stealing personal information such as passwords, visited websites, emails and bank account numbers.

Tracking Cookies
A type of cookie used for tracking users' web surfing habits. Tracking Cookies are typically used by advertisers analyzing data for marketing purposes. Tracking Cookies used for malicious purposes could arm an attacker with a text file containing details on a computer user's internet activity.

Tracking Software
Computer software that monitors a computer user's behavior and actions including recording personal information.

Trojan
A malicious program that appears to be legitimate and do certain action but actually performs another. Trojans are mostly downloaded from websites or P2P communication.

User
The computer owner or assigned system administrator. This is the person who mainly operates and has full access to the computer.

Virus
A dangerous program containing code that replicates a copy of itself.

Worm
A virus that creates a copies on other drives or networked computers to perform malicious actions.

Thanks to EnigmaSoftware / ESG Website

No comments: