What is the difference between a virus and a worm?
A virus is a program that replicates, i.e. it spreads from file to file on your system and from PC to PC. In addition, it may be programmed to erase or damage data.
Worms are generally considered to be a subset of viruses, but with certain key differences. A worm is a computer program that replicates, but does not infect other files. Instead, it installs itself once on a computer and then looks for a way to spread to other computers.
In the case of a virus, the longer it goes undetected, the more infected files there will be on the computer. Worms, however, create a single instance of their code. Moreover, unlike a virus, a worm code is stand-alone. In other words, a worm is a separate file while a virus is a set of code which adds itself to existing files.
What is MALWARE?
Malware - short for malicious software - is an umbrella term that refers to any software program deliberately created to perform an unauthorized and often harmful action. Viruses, backdoors, key-loggers, password stealers and other Trojan horse programs, Word and Excel macro viruses, boot sector viruses, script viruses (batch, windows shell, java, etc.) and Trojans, crime-ware, spyware and adware are but a few examples of what is considered malware.
It was once sufficient to call something a 'virus' or 'Trojan horse', but infection methods and vectors evolved and the terms virus and Trojan no longer provided a satisfactory definition for all the types of rogue programs that exist.
Adware is the general term applied to programs that either launch advertisements (often pop-up banners) or re-direct search results to promotional web sites. Adware is often built into freeware or shareware programs: if you download a freeware program, the adware is installed on your system without your knowledge or consent. Sometimes a Trojan will secretly download an adware program from a web site and install it on your computer.
Web browsers that aren’t up-to-date often contain vulnerabilities. Such browsers are vulnerable to hackers tools (often referred to as Browser Hijackers) that can download adware to your computer. Browser Hijackers may change browser settings, redirect incorrectly typed or incomplete URLs to a specific site, or change the default homepage. They may also redirect searches to pay-to-view (often pornographic) web sites.
Typically, adware programs do not show themselves in the system in any way: there will be no listing under Start | Programs, no icons in the system tray and nothing in the task list. They seldom come with a de-installation procedure and attempts to remove them manually may cause the original carrier program to malfunction.
What is SPYWARE?
As the name suggests, this is software that is designed to harvest your data and forward it to a third party without your consent or knowledge. Such programs may monitor key presses ('key-loggers'), collect confidential information (passwords, credit card numbers, PIN numbers, etc.), harvest e-mail addresses or track browsing habits. In addition to all of this, spyware inevitably affects your computer’s performance.
What is PHISHING?
Phishing is a very specific type of cyber-crime designed to trick you into disclosing personal financial details. Cyber-criminals create a fake website that looks just like a bank’s website (or any other web site where online financial transactions are conducted e.g. eBay). They then try to trick you into visiting this site and typing in your confidential data, such as your login, password or PIN. Typically, cyber-criminals send out a large numbers of e-mails containing a hyperlink to the fake site.
What is a KEY-LOGGER?
These are programs which record key presses (i.e. what a user types on the keyboard) and can be used by a hacker to obtain confidential data (login details, passwords, credit card numbers, PINs, etc.). Backdoor Trojans typically come with an integrated key-logger.
In a drive-by download, your computer becomes infected just by visiting a website which contains malicious code. Cyber-criminals search the Internet looking for vulnerable web servers that can be hacked. On such servers, cyber-criminals can inject their malicious code (often in the form of malicious script) onto the web pages. If your operating system or one of your applications is un-patched, a malicious program is downloaded to your computer automatically when you access the infected web page.
The term Trojan refers to the wooden horse used by the Greeks to sneak inside the city of Troy and capture it. The classic definition of a Trojan is a program that poses as legitimate software but when launched will do something harmful. Trojans can't spread by themselves, which is what distinguishes them from viruses and worms.
Today, Trojans are typically installed secretly and deliver their malicious payload without your knowledge. Much of today’s crime-ware is comprised of different types of Trojans, all of which are purpose-built to carry out a specific malicious function. The most common are Backdoor Trojans (often they include a key-logger), Trojan Spies, password stealing Trojans and Trojan Proxies that convert your computer into a spam distribution machine.
What is a ROOTKIT?
This term describes a collection of programs used by a hacker to evade detection while trying to gain unauthorized access to a computer. The term originated in the Unix world, although it has since been applied to the techniques used by authors of Trojans that run under Microsoft® Windows® to conceal their actions. Rootkits have been used increasingly as a form of stealth to hide Trojan activity. When installed on the system, rootkits are not only invisible to users, but they are designed to escape detection of security software as well. The fact that many people log into their computers with administrator rights, rather than creating a separate account with restricted access, makes it easier for cyber-criminals to install a rootkit.
What is a BOTNET?
The term used for a network of computers controlled by cyber-criminals using a Trojan or other malicious program.