Multipartite Virusesinfect the boot sector or Master Boot Record and also infect program files.
Such a virus typically has two parts, one for each type.
When it infects an executable, it acts as an executable infector.
When it infects a boot sector, it works as a boot sector infector.
Such viruses come in through infected media and reside in memory then they move on to the boot sector of the hard drive. Form there, the virus infects executable files on the hard drive and spreads across the system.
A well known multipartite virus is Ywinz.
10. Polymorphic Virus
Polymorphic Viruseschange their own code each time they duplicate themselves.
In this way, each new copy is a variation of the original virus, in order to evade detection by antivirus software.
Polymorphic viruses encrypt or encode themselves in a different way (using different algorithms and encryption keys) every time they infect a system.
This makes it impossible for antivirus to find them using string or signature searches (because they are different in each encryption) and also enables them to create a large number of copies of themselves.
Some examples include: Elkern, Marburg, Satan Bug, Tuareg and Dark Avenger.
11. File infectors
File Virusesinfect program files and device drivers by attaching themselves to the program file or by inserting themselves into the program code.
This type of virus infects programs or executable files (files with an .EXE or .COM extension).
When one of these programs is run, directly or indirectly, the virus is activated, producing the damaging effects it is programmed to carry out.
The majorities of existing viruses belong to this category, and can be classified according to the actions that they carry out.
12. Trojan Horse
Malicious program that hides within a friendly program
A Trojan horse is a file that appears harmless until executed.
Can erase or overwrite data on a computer
Corrupting files & Spreading other malware, such as viruses.(Trojan horse is called a 'dropper)
Installing a backdoor on a computer system.
13. Trojan Horse(Contd)
The Trojan Horse gets its name from Greek history and the story of Trojans war.
Greek warriors hide inside a wooden horse, which the Trojans took within the walls of the city of Troy.
When night fell and the Trojans were asleep, the Greek warrior came out of the horse and open the gates to the city, letting the Greek army enter the gates and destroy the city of Troy.
14. Worms Attacks
A program or algorithm that replicates itself over a computer network or through e-mail
Sometimes performs malicious actions such as using up the computer and network resources and possibly destroying data.
Can spread itself over a network, doesnt need to be sent
Slow down the computer or network
Some examples of worms include:
Klez, Nimda, Code Red, PSWBugbear.B, Lovgate.F, Trile.C, Sobig.D and Mapson.
15. Famous Viruses
Two of the most famous viruses to date were
Mellissa, struck in March, 1999,
ILOVEYOU virus, hit in May, 2000
Both viruses cost organization and individuals billion of dollars
Mellissa virus spread in MS Word documents sent via e-mail
When the document was opened, the virus was triggered
Mellissa accessed the MS Outlook address book on that computer and automatically sent the infected Word attachment by e-mail to the first 50 people in the address book. Each time another person opened the attachment, the virus would send out another 50 messages.
The ILOVEYOU virus was sent as an attachment to an e-mail posing as a love letter.
The message in the e-mail said Kindly check the attached love letter coming from abc
16. Famous Viruses(Contd)
These viruses corrupt all type of files, including system files.
Network at companies and government organizations world wide were shut down for days trying to remedy the problem.
Estimates for damage caused by the virus were as high as $10 to $15 billion, with the majority of the damage done in just few hours.
In June, 2000, a worm named Timofonica that was propagated via e-mail quickly made its way into the cellular phone network in Spain, sending prank calls and leaving text messages on the phones
17. Web Defacing
Another popular form of attack by hackers is web defacing
Hackers illegally change the content of a Web site
One notable case of Web defacing occurred in 1996 when Swedish hackers changed the Central Intelligence Agency Web site (www.odci.gov/cia) to read Cent