CHFI-14
CHFI Chapter 14 summary
CHFI
Chapter 14 Malware
Malware:
- damages or disables computer systems
- gives limited or full control of the systems to the malware creator
Distribution of malware:
- Instant Messenger and Internet Relay Chat
- Removable Devices
- Email & Attachments
- Browser Bugs
- Bluetooth
- Downloads
- Network shares (NetBIOS)
Malware Components
- Crypter conceals malware, evades av. Works by encrypting the malware
- Downloader Trojan that downloads more malware/code. Used when the attacker has first access to the system
- Dropper- install malware covertly/download additional files
- Exploit- code that exploits a vuln/bug
- Injector- program that injects the malware in other processes
- Obfuscator- conceals the code so it’s not detected
- Packer- compresses into not readable
- Payload- performs the actual activity
- Malicious Code- defines the basic function of malware
- Fileless- Malware live in memory
Web distribution methods
Blackhat Search Engine Optimization -rank malware pages in search
Comments