August 8, 2010

Computer Viruses: Malware, Spyware, Adware, Worms

Computer Worm
A computer worm is a self-replicating computer program. It uses a network to send copies of itself to other nodes (computers on the network) and it may do so without any user intervention. Unlike a virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, if only by consuming bandwidth, whereas viruses almost always corrupt or devour files on a targeted computer.
XSS Worm
An XSS Worm, also known as a cross site scripting virus, is a malicious (or sometimes non-malicious) payload that propagates among visitors of a website in the attempt to progressively infect other visitors.

XSS Worms exploit a vulnerability known as cross site scripting (or XSS for short) within a website, normally infecting users whereas other users can be infected in a variety of ways depending on the vulnerability.

Cross-site scripting vulnerabilities are commonly exploited in the form of worms on popular social or commercial websites, such as MySpace, Yahoo!, Orkut,, and Twitter. These worms can be used for malicious intent, giving an attacker the basis to steal personal information, cookies, and other relevant data regarding the website or the infected visitor.

In the case of the Samy worm, the largest known XSS worm which infected over 1 million MySpace profiles in less than 20 hours, the virus author was sued and entered a plea agreement to a felony charge.

XSS worms start with a payload. This payload will normally be placed within sensitive user data or requested from other websites to the author's intent.

Computer Virus
A computer virus is a computer program that can copy itself and infect a computer without the permission or knowledge of the owner. The term "virus" is also commonly but erroneously used to refer to other types of malware, adware, and spyware programs that do not have the reproductive ability. A true virus can only spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive. Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer.

The term "computer virus" is sometimes used as a catch-all phrase to include all types of malware. Malware includes computer viruses, worms, trojan horses, most rootkits, spyware, dishonest adware, crimeware, and other malicious and unwanted software), including true viruses. Viruses are sometimes confused with computer worms and Trojan horses, which are technically different. A worm can exploit security vulnerabilities to spread itself to other computers without needing to be transferred as part of a host, and a Trojan horse is a program that appears harmless but has a hidden agenda. Worms and Trojans, like viruses, may cause harm to either a computer system's hosted data, functional performance, or networking throughput, when they are executed. Some viruses and other malware have symptoms noticeable to the computer user, but many are surreptitious.

Most personal computers are now connected to the Internet and to local area networks, facilitating the spread of malicious code. Today's viruses may also take advantage of network services such as the World Wide Web, e-mail, Instant Messaging, and file sharing systems to spread.

Linux Malware
The Linux operating system, Unix and other Unix-like computer operating systems are generally regarded as well-protected, though not immune, from computer viruses.

There has not yet been a single widespread Linux malware threat of the type that Microsoft Windows software currently faces; this is commonly attributed to the malware's lack of root access and fast updates to most Linux vulnerabilities.

The number of malicious programs—including viruses, Trojans, and other threats—specifically written for Linux has been on the increase in recent years and more than doubled during 2005 from 422 to 863.

Adware or advertising-supported software is any software package which automatically plays, displays, or downloads advertisements to a computer after the software is installed on it or while the application is being used. Some types of adware are also spyware and can be classified as privacy-invasive software.

Application of Adwares
Advertising functions are integrated into or bundled with the software, which is often designed to note what Internet sites the user visits and to present advertising pertinent to the types of goods or services featured there. Adware is usually seen by the developer as a way to recover development costs, and in some cases it may allow the software to be provided to the user free of charge or at a reduced price. The income derived from presenting advertisements to the user may allow or motivate the developer to continue to develop, maintain and upgrade the software product. Conversely, the advertisements may be seen by the user as interruptions or annoyances, or as distractions from the task at hand.

Some adware is also shareware, and so the word may be used as term of distinction to differentiate between types of shareware software. What differentiates adware from other shareware is that it is primarily advertising-supported. Users may also be given the option to pay for a "registered" or "licensed" copy to do away with the advertisements.

Adware can also download and install Spyware.

Spyware is a type of malware that is installed on computers and that collects information about users without their knowledge. The presence of spyware is typically hidden from the user. Typically, spyware is secretly installed on the user's personal computer. Sometimes, however, spywares such as keyloggers are installed by the owner of a shared, corporate, or public computer on purpose in order to secretly monitor other users.

While the term spyware suggests software that secretly monitors the user's behavior, the functions of spyware extend well beyond simple monitoring. Spyware programs can collect various types of personal information, such as Internet surfing habits and sites that have been visited, but can also interfere with user control of the computer in other ways, such as installing additional software and redirecting Web browser activity. Spyware is known to change computer settings, resulting in slow connection speeds, different home pages, and/or loss of Internet or functionality of other programs. In an attempt to increase the understanding of spyware, a more formal classification of its included software types is captured under the term privacy-invasive software.

In response to the emergence of spyware, a small industry has sprung up dealing in anti-spyware software. Running anti-spyware software has become a widely recognized element of computer security practices for computers, especially those running Microsoft Windows. A number of jurisdictions have passed anti-spyware laws, which usually target any software that is surreptitiously installed to control a user's computer. The US Federal Trade Commission has placed on the Internet a page of advice to consumers about how to lower the risk of spyware infection, including a list of "do's" and "don'ts."

About the Author


Author & Editor

Has laoreet percipitur ad. Vide interesset in mei, no his legimus verterem. Et nostrum imperdiet appellantur usu, mnesarchum referrentur id vim.

Post a Comment

Iwebslog Blog © 2015 - Designed by