Malware, Virus

For Testing Only

Member of

Saudi Arabia Trade and Business Directory

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.

Malware Overview

There are many kinds of software that are written just to be troublesome and can be dangerous to an unprotected system. We call these programs malware as shorthand for "malicious software".

The most common kinds of malware programs are listed below. Some kinds of software are written to mimic behavior of simple living organisms. That is, they reproduce themselves or live parasitically in other systems. We don't mean to imply these programs are actually alive, but they can be just as annoying and hard to deal with as the living kind of pest. The level of threat associated with malware corresponds to the intent and skill level of the programer.

Trojan Horse Program

A Trojan horse program is named after the legendary Trojan horse used by the ancient Greeks to slip past the defenses of the city of Troy. A Trojan horse program appears to be a program that is useful or desirable, but actually hides malicious software that can harm a system. A Trojan horse program can do significant damage to a computer system, including deleting files or stealing private data such as passwords or credit card numbers. A Trojan horse program that hosts a server is referred to as a Remote Access Trojan.

Virus

A virus is a program fragment that uses other programs to run and reproduce itself. A typical virus is inserted into the code for an otherwise normal program. When the affected program runs, the virus code also runs, allowing the virus to operate. Usually the first thing a virus will do is try to insert copies of itself into other programs or even the system code. Viruses can cause problems on systems just by existing, but do not usually pose a threat to network security.

Worm

A worm is a program that uses the networking facilities of a computer to reproduce itself. E-mail is a common mechanism for worm reproduction. Even if a worm carries no hostile payload, it can easily duplicate itself enough to the point where network traffic involved in its reproduction consumes the bulk of resources available.

Modern Trojan horse programs act as network servers to allow remote access to a computer system.

A Trojan horse program is an application, disguised as something useful or desirable, whose main purpose is to let an invader past your defenses. The modern incarnation accomplishes this by acting as a network server — listening for, and accepting, connection requests from the Internet. These are programs to be aware of and to be concerned about because they can corrupt your system, steal information, or use your computer to hack into other computers. ZoneAlarm protects you from these programs, as long as it is configured properly. Make sure you read the alerts as they happen. Do not let programs you don't recognize act as servers. If you have a program that you don't think needs Internet access, don't give it access to the Internet!

Antivirus programs and typical Trojan detection software fight this threat by maintaining extensive libraries of "signatures", or fingerprints, that identify specific known Trojans. They may even include "heuristic" detection schemes, which attempt to identify potentially dangerous behavior of unknown trojans. The problem is, remote access Trojans are doing nothing out of the ordinary. Chat programs, conferencing programs, streaming media, remote access programs like pcAnywhere — all need to be able to accept connections from outside of your computer in order to function normally. How do you let these programs work, while keeping an unknown Trojan from opening a port and compromising your security?