Sick Computer
Help, my computer is sick? Malware, or malicious software, often referred to simply as a virus by the media, can cause everything from computer instability, to slowdowns, to hardware failure in some extreme cases. Malware appears in many forms, a virus is just a type of malware.
Computer viruses infect programs and files on the system that they run on. They generally spread as e-mail attachments, or when infected files are moved from computer to computer. Viruses target computer software in such a way that whenever the infected software program is opened, it runs the virus and the virus infects other files or software until the system is consumed. Viruses almost always spread through social engineering.
Worms are a very prevalent form of malware in modern computing. A worm is essentially a stand alone software program that modifies a computer's operating system so that the worm starts itself whenever the computer is turned on. Additionally, worms do not always have to wait for user interaction to spread, as they exploit errors in computer software to infect other systems over the Internet or on a local area network (LAN). Worms are very dangerous because they can spread across the Internet incredibly quickly, it is not unheard of for a worm to double the number of infected machines every few minutes.
Trojan horse software, a term derived from the myth of the Trojan Horse, is elicit software that masquerades as legitimate software and may have some other functionality to hide their malicious nature. Trojan horses are unable to replicate themselves, but are very difficult to get rid of. Additionally, Trojan's are known to download and install viruses, worms, and other Trojan's creating large, difficult to contain infections. These types of Trojan's are known as droppers. Visible symptoms of Trojan's usually include large amounts of spyware, strange pop up ads, computer instability, web browser instability, slow computer speeds, and home pages being reset.
Spyware is software that tracks a user and reports their activity without permission. Spyware generally spreads the same way that Trojan's do, or is sometimes installed by other Trojan software.
Adware is a form of malware designed to get referral fees for the advertising that they display. Adware sometimes spreads as a Trojan, is installed as a trojan, or in some cases even operates like a worm or a virus. Visible symptoms of adware are the same as the visible symptoms of a Trojan, as adware is propagated by Trojan's.
There are other types of malware as well. Keyloggers track and report all of the keys that a user presses, listening for credit card numbers, social security numbers, or passwords. A backdoor is sometimes found in computer software to allow unauthorized access to computer systems.
Malware is possible for several reasons. Malware usually spreads through social engineering, by tricking someone into opening an email attachment with an intriguing name or installing software that installs more than it says it does, or by exploiting flaws in computer software. Many software programs are composed of millions upon millions of lines of code, and small errors in that code can be abused to allow software to run without permission, especially in the case of worms. Open source software does a lot to relieve this difficulty because any number of people can review the code and fix any bugs that are discovered.
Malware is usually written today for commercial gain. Malware is often used to create massive networks of computers to perform various tasks, called botnets. Botnets are often used to send unsolicited commercial email or attack websites for a ransom, forcing the site offline until the owner pays up. It is not uncommon for a botnet operator to control 20,000 or more computer systems. Spyware and adware are usually used to accrue advertising revenue through referral fees. While rare, some malware is also used to invade computers for the purpose of causing destruction by deleting files or stealing private information.
New studies suggest that an unprotected and patched Windows XP computer connected to the Internet will be infected by malware in about eleven minutes if no preventative measures are taken. Preventing malware is a difficult task, but can be accomplished. It is important to keep computers and all software on them up to date. The vast majority of computer worms exploit a bug that has had a patch released for some time, but has not been commonly applied. It is recommended to run Windows Update regularly and to update the other software that is used regularly as well. Email attachments should never be opened unless the sender can be contacted to ensure that the files were really sent by them. Computer software should also only be downloaded and installed from trusted and reputable sources.
Malware infections are not usually deadly, but they can be if action isn't taken at the onset of a problem while the infection is still manageable. Anti-virus software, anti-spyware software, and anti-Trojan software packages are all available, and when used together can usually clean up even the most infected of systems.
The newest Internet worm, Zotob, targets mainly Windows 2000 business systems. There are close to ten different versions of Zotob worms in the wild at this point, with more on the horizon. The simplest way to prevent a Zotob infection is to run Windows update, a patch was made available prior to the first worm. Once infected, most anti-virus software can remove Zotob and there are free removal tools available on the Internet.
While malware is a serious problem, with due diligence it can be avoided, and if caught early enough can be removed before any real harm is done. As always, don't run untrusted software, steer clear of email attachments, and regularly check for software updates.
August 19, 2005 5:41 PM posted by J. Michael Cunningham
|
