page 13
SECTION  7

Spyware, Malware, Drive-by Downloads, Browser Hijacking

a virus, Trojan or worm is a small program written to cause harm to one or more computers or networks. A Virus, Worm or Trojan can also be designed to retrieve information from your computer to be delivered to an attacker for future use. For example credit card information, passwords, and security access codes to name a few.
ActiveX Malicious Code controls allow Web developers to create interactive, dynamic Web pages with broader functionality such as HouseCall, Trend Micro's free on-line scanner. An ActiveX control is a component object embedded in a Web page which runs automatically when the page is viewed. In many cases, the Web browser can be configured so that these ActiveX controls do not execute by changing the browser's security settings to "high." However, hackers, virus writers, and others who wish to cause mischief or worse may use ActiveX malicious code as a vehicle to attack the system. To remove malicious ActiveX controls, you just need to delete them.
Browser Hijacking here is a despicable trend that is becoming more and more common where the browser settings of web surfers are being forcibly hijacked by malicious web sites and software which modifies your default start and search pages. Sometimes internet shortcuts will be added to your favorites folder without asking you. The purpose of this is force you to visit a web site of the hijacker's choice so that they can artificially inflate their web site's traffic for higher advertising revenues.
Dialers are Trojans that, upon execution, connect the system to a pay-per-call location in which the unsuspecting user is billed for the call without his/her knowledge. Dialers often arrive in porn-related or other enticing service-related applications.
Drive-by downloads is a program that is automatically downloaded to your computer, without your consent or even your knowledge. This is carried out invisibly to the user: it can be initiated by simply visiting a Web site or viewing an HTML e-mail message. Frequently, a drive-by download is installed along with another application. For example, a file sharing program might include downloads for a spyware program that tracks and reports user information for targeted marketing purposes, and an adware program that generates pop-up advertisements using that information. If your computer's security settings are lax, it may be possible for drive-by downloads to occur without any action on your part.
Java Malicious Code are java applets allow Web developers to create interactive, dynamic Web pages with broader functionality. Java applets are small, portable Java programs embedded in HTML pages. They can run automatically when the pages are viewed. However, hackers and virus writers may use Java malicious code as a vehicle to attack the system. In many cases, the Web browser can be configured so that these applets do not execute by changing the browser's security settings to "high." HTML viruses use the scripts embedded in HTML files to do their damage. These embedded scripts automatically execute the moment the HTML page is viewed from a script-enabled browser. HTML refers to the technical name for a webpage.
Keyloggers are Trojans that, upon execution, log every keystroke or activity in a system. Although similar to third-party parenting/monitoring software, some malware actually employ the same technique to gather valuable data from unsuspecting users.
Malware  is a general term used to refer to any unexpected or malicious programs or mobile codes such as viruses, Trojan, worm, or Joke programs.
Proof of concept is a virus or Trojan indicates that something is new or that it has never seen before. For example, VBS_Bubbleboy was a proof of concept worm, as it was the first email worm to automatically execute without requiring a user to double-click on an attachment. Most proof of concept viruses are never seen in-the-wild. However, virus writers will often take the idea (and code) from a proof of concept virus and implement it in future viruses.
Spyware  is a software applications that monitors a user’s computing habits and personal information and sends this information to third parties without the user’s authorization or knowledge.

Previous Page

 Return to Index Page Next page