Spywares & Virus

Done By : Noura Hamed Alhaila`aSuperviser : D . Rawya Alhmedan

How can Spyware reach our computer?

What spyware can do ?

How can we know if we have spyware?

How can we prevent them ?

Spyware and viruses both infections can damage your computer , and the differences between them

indeed subtle , SO :

Types of Spyware

Difference Between spyware and virus

What`s Spyware?

Documented cases

Different Types of Computer Viruses

References

What is spyware ?

Spyware is computer software that is installed on a user's computer without the user's express consent with the purpose of collecting information about the user, their computer or browsing habits .

What spyware can do ?

As the term implies, spyware is software capable of secretly monitoring the user's behavior, but can also collect various types of personal information, including web surfing habits and websites visited. Spyware can also impede the user's control of his computer by installing additional software, and redirecting web browser activity. Spyware is known to cause other interference by changing computer settings that slow connection speeds, load different home pages, and lose Internet connectivity or program functionality.

Spyware, adware and other malware infiltrate your computer through websites, email and attachments, pop ups and physical devices like USB drives.It may also be linked to another software application you knowingly download.

How can Spyware reach our computer?

•You notice new toolbars, links, or favorites that you did not intentionally add to your web browser.

•Your home page, mouse pointer, or search program changes unexpectedly.

•You type the address of a specific website into your web browser, but you are taken to a completely unrelated website.

•You see pop-up ads, even if your computer is not connected to the Internet.

•Your computer suddenly starts running more slowly that it usually does. Not all computer performance problems are caused by spyware, of course, but spyware can cause a noticeable change in processing speed

How can we know if we have spyware?

To keep your computer clear of harmful software, never open any email that lookslike spam, leave websites that appear suspicious and close pop-up windows or advertisements without clicking inside of them. When you do download software, read through the terms and agreement first before completing the installation. If you are unsure about the language, avoid the download. Installing and consistently running a virus protection program will also help to keep your computer free of malware.

How can we prevent them ?

Spyware Virus

The Difference Between :

1- Spyware Seeks To Embed .2- Doesn't spread by itself .3- Spyware is more malicious and evilintentioned and is designed to steal something from you.

Spyware

Differences

1-Virous Seeks to Spread . A virus seeks to infect a computer; to replicate; and ultimately, to infect as many computers as possible, as quickly as possible. 2-It`s a software code written to cause some kind of damage to a computer system or network or even the Internet itself .

Virus

Differences

1 -Trojans . 2- Backdoor Santas .3- Malware .4- cookies.5- Browser Hijackers . 6- Dialers . 7- Keyloggers .8- Phishing9- adware .

Types of Spyware

What’s a Trojan Horse virus?

A Trojan Horse is an email virus usually released by an email attachment. If opened, it will scour your hard drive for any personal and financial information such as your social security, account, and PIN numbers. Once it has collected your info, it is sent to a thief’s database.

Types

Backdoor

A backdoor is a method of bypassing normal authentication procedures. Once a system has been compromised (by one of the above methods, or in some other way), one or more backdoors may be installed in order to allow easier access in the future. Backdoors may also be installed prior to malicious software, to allow attackers entry. The idea has often been suggested that computer manufacturers preinstall backdoors on their systems to provide technical support for customers, but this has never been reliably verified. Crackers typically use backdoors to secure remote access to a computer, while attempting to remain hidden from casual inspection. To install backdoors crackers may use Trojan horses, worms, or other methods

Types

Malware

Malware is slang for malicious software. Malware is software designed specifically to disrupt a computer system. A trojan horse , worm or a virus could be classified as Malware. Some advertising software can be malicious in that it can try to re-install itself after you remove it. For the purpose of simplicity Malware is software specifically engineered to damage your machine or interrupt the normal computing environment. Examples of Malware include:1-Dialers2-Page Hijackers

Types

Dialers

A dialer is a type of software used by pornographic vendors. Once dialer software is downloaded the user is disconnected from their modem's usual Internet service provider and another phone number and the user is billed. While dialers do not spy on users they are malevolent in nature because they can cause huge financial harm to the victim.

Page Hijackers

Hijackers are applications that attempt to usurp control of the user's home page and reset it with one of the hijackers choosing. They are a low security threat, but obnoxious. Most Hijackers use stealth techniques or trick dialogue boxes to perform installation.

What is Cookies

Cookies are small text files that websites leave on your system so that when you return they can customize the page that loads or they can count you as a returning visitor. They are harmless and most of them are useful. They can be easily removed by deleting them in your browser settings .

Different Types of Computer Viruses

There are different types of computer viruses which can be classified according to their origin, techniques, types of files they infect, where they hide, the kind of damage they cause, the type of operating system or platform they attack etc. Let us have a look at few of them.

Resident Virus

This type of virus is a permanent as it dwells in the RAM. From there it can overcome and interrupt all the operations executed by the system. It can corrupt files and programs that are opened, closed, copied, renamed etc.

Examples: Randex, CMJ, Meve, and MrKlunky.

Direct Action Viruses

The main purpose of this virus is to replicate and take action when it is executed. When a specific condition is met, the virus will go into action and infect files in the directory or folder that it is in as well as directories that are specified in the AUTOEXEC.BAT file path. This batch file is always located in the root directory of the hard disk and carries out certain operations when the computer is booted.

Examples: Vienna virus.

Overwrite Viruses

Virus of this kind is characterized by the fact that it deletes the information contained in the files that it infects, rendering them partially or totally useless once they have been infected. The only way to clean a file infected by an overwrite virus is to delete the file completely, thus losing the original content.

Examples: Way, Trj.Reboot, Trivial.88.D.

Macro Virus

Macro viruses infect files that are created using certain applications or programs that contain macros. These mini-programs make it possible to automate series of operations so that they are performed as a single action, thereby saving the user from having to carry them out one by one.

Examples: Relax, Melissa.A, Bablas, O97M/Y2K.

File Infector Virus

This type of virus infects programs or executable files (files with .EXE or .COM extension). When one of these programs is run, directly or indirectly, the virus is activated, producing the damaging effects it is programmed to carry out. The majority of existing viruses belong to this category, and can be classified depending on the actions that they carry out.

Examples: Cleevix and Cascade.

Documented cases

1-One of the highest profiled banking computer crime occurred during a course of three years beginning in 1970. The chief teller at the Park Avenue branch of New York's Union Dime Savings Bank embezzled over $1.5 million from hundreds of accounts.

2-Between 1995 and 1998 the Newscorp satellite pay to view encrypted SKY-TV service was hacked several times during an on-going technological arms race between a pan-European hacking group and Newscorp. The original motivation of the hackers was to watch Star Trek re-runs in Germany; which was something which Newscorp did not have the copyright to allow .

3- The Russian Business Network (RBN) was registered as an internet site in 2006. Initially, much of its activity was legitimate. But apparently the founders soon discovered that it was more profitable to host illegitimate activities and started hiring its services to criminals. The RBN has been described by VeriSign as "the baddest of the bad".[11] It offers web hosting services and internet access to all kinds of criminal and objectionable activities, with an individual activities earning up to $150 million in one year. It specialized in and in some cases monopolized personal identity theft for resale. It is the originator of MPack and an alleged operator of the Storm botnet

http://www.spywareterminator.com/support/what-is-spyware.aspx

http://www.networkliquidators.com/article-virus-or-spyware-whats-the-difference.asp

References :