Q1. Why was this post written?
To define Malwares and demonstrate the differences between Viruses, Trojans and Spams. Also, We will talk a bit about hacks and cracks.
Q2. What are Malwares?
Malware is a malicious, invisible and harmful piece of software like viruses, spams and trojans.
All malwares share one important property : Running behind your back without being noticed until it’s too late.
However, Each have it’s own unique strengths.
Q3. What are main types of Malwares?
Viruses
A Malware that spreads by embeding itself on other applications and run invisiabely to cause harm
A Virus is a piece of software that can embed itself into other files on the system so that It can run and spread invisibly.
Whenever an infected file is executed a virus can cause a very serious malicious harm. ( Deleting the system for example )
A successful virus must run under cover and fully invisible.. Either by running inside another program process by embedding itself, or creating a fake process name so as not to be hunted and killed down by a task manager. This can be done by so many ways one of them is to rename the process to a fake unsuspicious name like “vhosts.exe” or “ explorer.exe” in windows and “top” or “systemd” in linux.
Worms / Spams
A Spam/Worm is any kind of software, service or even a behavior which has only one objective :
To keep spreading not just on your local system but also on local networks, wide networks and even internet.
Spams may cause maximum level of harm to no harm at all yet it is annoying. Sometimes a virus is combined with a spam to form a dangerous bird : The spam spreading ability is the wing and the virus harm is the beak.
Trojans
A Malware that runs as if it’s a standalone useful application usually to open an invisible port and to cause harm
A Trojan is a very dangerous malware type, may be the most dangerous type. Our most talk will be about Trojans.
A Trojan is a malware that’s introduced to the victim as a useful software however it actually constructs a bridge or a tunnel for attackers to go in and out without being noticed by the victim.
A bridge to your computer is typically an open port which allows the attacker to send and receive data.
A simple way to make the process invisible is to rename the process to something like ‘vhost.exe’ in windows and ‘top’ in linux just like a typical virus however what makes trojans extremely difficult to craft is that the hacker who implements it must not only hide the trojan process but also the port used ( The tunnel ).
If the victim can know – by any mean – that a port is open in his computer then the intruder has failed to implement an invisible trojan.
Q4. What is hacking?
Hacking, in very simple words, is searching for weaknesses in a computer system or computer network.
Hackers are usually motivated by gaining reputation as being able to break into any kind of system.
There are three categories of hackers.
White Hat Hacker
White hacker uses hacking for safe, legal and non-malicious reasons like testing his own systems for backdoors or doing that for a 3rd party for a fee or for free. For example : Bug bounty hunters are a sort of white hackers.
White hacking is also called ethical hacking and security researching.
Gray Hat Hacker
A white hacker works after taking permission from the owner or the administrator of the tested system, in contrast to a gray hacker who tries to violate a system security without asking for permission, However He doesn’t use discovered weaknesses for bad purposes. He just notifies the administrator that a hole exists and may offer solving it for money or asking for an acknowledgement.
Black Hat Hacker
A black hacker is the bad guy who crafts viruses and trojans. He breaks into systems illegally without permissions and without notifying the owner to destroy and cause panic, However, Although considered as criminals, some black hackers groups are considered heroes for using hacking for political or social reasons.
Red Hat Hacker
Red Hat hacking is NOT a type of hacking, A Red hat hacked is the hacker who attempts to hack RedHat Linux.
Mutual accusations : You are a cracker! .. No No ! You are !
A Question may rise : Who deserves a hacker badge ! And who are crackers?
Computer programmers argue that someone who breaks into computers, whether computer criminal (black hats) or computer security expert (white hats), is more appropriately called a cracker instead. Some white hat hackers claim that they also deserve the title hacker, and that only black hats should be called “crackers”.
This is the case here, Legal hackers, pen testers and security researchers ( White hats in general ) are called hackers. Black hats are called crackers.
The term cracking is used more frequently nowadays to define the reverse engineering process which results in a patch used for pirating softwares.
Everything is vulnerable ( Part Zero) : Introduction
Everything is vulnerable ( Part Two) : Internet wars
Everything is vulnerable ( Part Three) : “Windows” with no fences
Everything is vulnerable ( Part Four ) : Linux is vulnerable as well!
“If the victim can know – by any mean – that a port is open in his computer then the intruder has failed to implement an invisible trojan.”
Maybe, the intruder will be succeed because he could hacking and took what he wants from the victim, or at least he caused some harm in the victim device!!
Yes, You are right. The intruder will be considered successful in causing harm. Yet, A Trojan is a Trojan only if it’s totally invisible to the victim.
So, in this case, the intruder couldn’t implement a good Trojan.
Aha, now I got it, thank you 🙂
I’m waiting for part three and four 😀
This has been a really wonderful post. Thank you for these details. Looking forward to reading next parts !