ITM 820 Study Guide - Midterm Guide: Exploit Kit, Adware, Botnet

It"s used to ge(cid:374)e(cid:396)ate a la(cid:396)ge (cid:448)olu(cid:373)e of data to atta(cid:272)k (cid:374)et(cid:449)o(cid:396)ked (cid:272)o(cid:373)pute(cid:396) s(cid:455)ste(cid:373)s (cid:894)dos (cid:272)lie(cid:374)t(cid:895). The code is inserted into malware by an intruder. The zeus crimeware toolkit was used to capture and exploit banking credentials. When attached to an executable program, a virus can do anything that the program is permitted to do. It"s the e(cid:448)e(cid:374)t o(cid:396) (cid:272)o(cid:374)ditio(cid:374) that dete(cid:396)(cid:373)i(cid:374)es (cid:449)he(cid:374) the pa(cid:455)load is activated or delivered, sometimes known as a logic bomb. The virus is idle and will eventually be activated by some event. It"s (cid:449)he(cid:374) the (cid:448)i(cid:396)us pla(cid:272)es of (cid:272)op(cid:455) of itself i(cid:374)to othe(cid:396) p(cid:396)og(cid:396)a(cid:373)s o(cid:396) i(cid:374)to (cid:272)e(cid:396)tai(cid:374) s(cid:455)ste(cid:373) a(cid:396)eas o(cid:374) the disk. It i(cid:374)fe(cid:272)ts files i(cid:374) (cid:373)ultiple (cid:449)a(cid:455)s. t(cid:455)pi(cid:272)all(cid:455), it"s (cid:272)apa(cid:271)le of i(cid:374)fe(cid:272)ti(cid:374)g (cid:373)ultiple t(cid:455)pes of files so that virus eradication must deal with all of the possible sites of infection. When an infected program is invoked, the virus uses the stored random key to decrypt the virus.