Classification of Computer Viruses / Computer Virus
Methods of Infection
Computer Virus Classification is easy when you understand the different types.
A Computer Virus is a term used to generically identify a number of types of malicious software programs. These malicious software programs can be classified based on their method of infection. Malicious programs can be identified by their intent to steal information and damage a computer system or network. Computer Viruses belong into two categories Viruses, and Worms. These have then been divided into sub-categories
A virus is a small snippet of code that has no ability to function on its own and needs a host executable or document in order to function, thrive, propagate, and ultimately deliver its payload.
A virus is a self-replicating program that injects itself into software programs. Once the virus has infected a host program it waits till a pre-determined time to deliver its payload, meanwhile replicating itself throughout the computer or network that it is has penetrated. Executable viruses are no longer as prevalent in current operating system as they once were; though they are still found in the wild on rare occasions.
A macro virus is a class of infection that infects Microsoft office based products utilizing the embedded functionality of Visual Basic in order to transmit itself throughout a company’s network and e-mail system. This category of virus was seen in the wild during the late 90’s before finally being brought under control through a combination of security updates in Microsoft products, and by enhanced detection methods by anti-virus vendors.
Boot sector viruses were notorious in the late 80’s through the late 90’s for being the most difficult to detect, and clean. Their ability to load and then camouflage themselves in order to hide themselves from sophisticated detection techniques allowed them to flourish longer than other types of viruses. In the last 2 years a resurgence of this style of attack has been seen in the wild and often isn’t detected by even the highest rated anti-virus vendors.
A computer worm is a class of computer virus that can propagate itself not only on intranets, but also through external networks such as the internet. A worm can be a stand-alone program that functions independently of a host executable.
A Trojan horse virus is so named due to the fact that the actual malicious software is programmed inside of an innocent piece of software, browser toolbar's being one of many techniques. Once the carrier software has installed the virus on the host system the virus will then deliver its payload. Trojan viruses don’t always replicate, they often simply wait for the end-user to initiate an action that allows them to install themselves.
Malware falls into a category of viruses that came about in the first decade of the 21st century with the advent of social networking and daily computer use the harm that could be spread and inflicted through the internet grew at an exponential rate. This prompted malicious coders to create sophisticated programs that would take over your computer flooding systems with ads and other nefarious programs in order to create mayhem. This morphed into another version of malware sometimes referred to as ransom-ware, these sophisticated programs would mimic legitimate anti-virus programs and security programs in an attempt to extort money from the computer user. (Sanders, 2010)
Browser redirects are malicious code embedded into websites that adjust your internet browsers home page and search defaults to websites that were not selected by the end user, this in turn generates search revenue for the entity responsible for the malicious code.
Malicous software is widely disseminated and the previous threats indicated are just the tip of the iceberg, there are many variants on the previous themes prevalent in the wild. Authors of malicious software often use a variety of techniques that involves multiple categories in order to spread their viruses.