Submitted by katherine.boucher on Thu, 09/30/2010 - 14:47
By: Kaspersky Américas on 30/09/2010
Malware. Hackers. Spam. Oh my! But what do all these terms actually
mean? This glossary provides definitions and explanations for those terms and
ADWARE The general term applied to programs that either launch advertisements
(often pop-up banners) or re-direct search results to promotional web
sites. Adware is often built into freeware or shareware programs:
if you download a freeware program, the adware is installed on your system
without your knowledge or consent. Sometimes a Trojan will secretly
download an adware program from a web site and install it on your
computer. If your web browser isn't up to date, and contains
vulnerabilities, hacker tools (often referred to as Browser Hijackers because
they subvert the web browser to install a program without your knowledge), can
download adware to your computer. Browser Hijackers may change browser settings,
re-direct incorrectly typed or incomplete URLs to a specific site, or change
the default homepage. They may also re-direct searches to pay-to-view
(often pornographic) web sites. Typically, adware programs do not show themselves in the system in any way:
there will be no listing under Start | Programs, no icons in the system tray
and nothing in the task list. They seldom come with a de-installation
procedure. Attempts to remove them manually may cause the original carrier
program to malfunction.
BOTNET The term used for a network of computers controlled by cyber criminals
using a Trojan or other malicious program.
CRIMEWARE Any malicious program used by cyber criminals to make money.
DENIAL-OF-SERVICE A Denial-of-Service (DoS) attack is designed to hinder or stop the normal
functioning of a web site, server or other network resource. There are
various ways for hackers to achieve this. One common method is to flood a
server by sending it more requests than it is able to handle. This
prevents it from operating normally, and may crash the server completely. A distributed-Denial-of-Service (DDoS) attack differs only in the fact that
the attack is conducted using multiple machines. The hacker typically uses
one compromised machine as the ‘master’ and co-ordinates the attack across
other, so-called ‘zombie’, machines. Both master and zombie machines are
typically compromised by exploiting a vulnerability in an application on the
computer, to install a Trojan or other piece of malicious code.
DRIVE-BY DOWNLOAD In a drive-by download, you become infected just by visiting a
web-site. Cyber criminals scour the Internet looking for vulnerable web
servers and inject their malicious code (often in the form of malicious script)
into one of the pages. If your operating system, or one of your
applications, is un-patched, a malicious program is downloaded to your
computer automatically when you brose to the infected web page.
HACKER This term was originally used to describe a talented programmer. It
now refers to those who exploit security vulnerabilities to break into a
IDENTITY THEFT Identity theft is where a criminal steals confidential personal data that
lets them obtain goods and services fraudulently in your name. The
criminal could, for example, open a bank account, obtain a credit card or apply
for a driving licence or passport. Or they could simply steal money
directly from your bank account.
KEYLOGGER These are programs which record key presses and can be used by a hacker to
obtain confidential data (login details, passwords, credit card numbers, PINs,
MALWARE This is short for malicious software. The term refers to any
program that is deliberately created to perform an unauthorized, often harmful,
action. Viruses, worms and Trojans are all examples of malware.
PEER-TO-PEER The term peer-to-peer (P2P) refers to a temporary connection shared by
people running the same application. This enables them to share files that are
stored on each other’s computers (P2P is typically used to share music, video
or other files over the Internet; Napster, Gnutella and Kazaa are all
well-known file sharing applications).
PHISHING Phishing is a very specific type of cyber crime designed to trick you into
disclosing personal financial details. Cyber criminals create a fake web
site that looks just like a bank’s web site (or any other web site where online
financial transactions are conducted e.g. eBay). They then try to trick
you into visiting this site and typing in your confidential data, such as your
login, password or PIN. Typically, cyber criminals send out a large
numbers of e-mails containing a hyperlink to the fake site.
RANSOMWARE Ransomware is malicious code used by cyber criminals to extort money.
The virus, worm or Trojan encrypts data on your hard disk. It creates a
‘readme’ file that contains instructions on how you should contact the cyber
criminals. They promise to tell you how to get your data back, but only
if you pay them some money, using an online payment system like e-gold or
ROGUE DIALER Rogue dialers are programs that divert the computer's modem connection from
the normal number you use to connect to your ISP (Internet Service Provider) to
a premium rate phone number. Such programs are installed without your knowledge
and consent and they operate in stealth mode. The first time you notice
anything amiss will probably be when the phone bill arrives and it’s
substantially bigger than normal. There will also be premium rate
telephone numbers listed on the bill that you don’t recognize.
ROOTKIT This term describes a collection of programs used by a hacker to evade
detection while trying to gain unauthorized access to a computer. The
term originated in the Unix world, although it has since been applied to the
techniques used by authors of Trojans that run under Microsoft® Windows® to
conceal their actions. Rootkits have been used increasingly as a form of
stealth to hide Trojan activity. The fact that many people log into their
computers with administrator rights, rather than creating a separate account
with restricted access, makes it easier for cyber criminals to install a
SPAM Spam is anonymous, unsolicited bulk e-mail, the electronic equivalent of
SPYWARE As the name suggests, this is software designed to harvest your data and
forward it to a third party without your consent or knowledge. Such
programs may monitor key presses, collect confidential information (passwords,
credit card numbers, PIN numbers, etc.), harvest e-mail addresses or track
browsing habits. In addition to all of this, spyware inevitably affects
your computer’s performance.
TROJAN The term Trojan refers to the wooden horse used by the Greeks to sneak
inside the city of Troy and capture it. The classic definition of a Trojan is a
program that appears to be a legitimate program but does something harmful. Trojans can't spread by themselves. This is what distinguishes them
from viruses and worms. In the early days, Trojans were relatively
uncommon since the author had to find some way of distributing the Trojan
manually. The widespread use of the Internet and the development of the
World Wide Web provide an easy way to distribute Trojans widely. Today, Trojans are very common. They are typically installed secretly
and deliver their malicious payload without your knowledge. There are many
different kinds of Trojan, all purpose-built to carry out a specific malicious
function. The most common are Backdoor Trojans (often they include a
keylogger), Trojan Spies, password stealing Trojans and Trojan Proxies that
convert your computer into a spam distribution machine.
VIRUS Today the term virus is often loosely used to refer to any type of
malicious program. Strictly speaking, however, a virus is defined as
program code that can copy itself, either within the computer, or to other
VULNERABILITY The term used to describe a bug or security flaw in an application or
operating system that lets a hacker break into a computer. The hacker
creates code that is tailored to make use of a specific vulnerability.
Once a vulnerability has been identified (either by the developer of the
software or someone else) the vendor of the application typically creates a
patch to block the security hole. As a result, vendors, security experts
and virus writers are in constant competition with each other to see who can
find new vulnerabilities first.
WORM Worms are generally considered to be a subset of viruses, but with certain
key differences. A worm is a computer program that replicates, but does
not infect other files: instead, it installs itself once on a computer
and then looks for a way to spread to other computers. In the case of a virus, the longer it goes undetected, the more infected
files there will be on the computer. Worms, however, create a single
instance of their code. Moreover, worm code is stand-alone rather than
being added to existing files on the same disk.