The name Malware itself stands for “Malicious Software” which means “software that is opposed”. Despite its understanding as a “program”, but this Malware can also form scripts / code. But in essence, the term Malware is used to evaluate a program or code that has been suspected that can control a computer for example such as taking important information that is there. The program published is also for code that is dangerous, destructive, conflicting, and enforced. so, malware is a program that is designed with the aim of damaging it by infiltrating computer systems. Malware can infect many computers through email, internet downloads, or the programs involved. Malware can cause damage to the computer system and also allows data / information theft to occur. Disasters generally occur causing software downloads from illegal places where malware is inserted. Malware includes viruses, worms, Trojan horses, most rootkits, spyware, dishonest adware, and other software that is dangerous and unwanted by PC users.
1) Computer Virus
Viruses have the ability to manipulate data, infect, change and damage computer programs. It can copy itself by inserting a program from a copy from where it belongs to another program on the computer. For example like Win32 / sality, Win32 / virut, Win32 / alman, Trojan.Loader, Backdoor.Zagaban
• Macrovirus: viruses that are in software, such as word processing applications.
• Retrovirus: Malicious application to turn off antivirus on a computer.
• HLL Virus: Viruses that create high-level programming languages such as C ++, C, Pascal, Delphi, Basic, Visual Basic, and so on.
Worm is a computer program that has the ability to copy itself through copies and automatically the virus will spread quickly on various computer networks through open security ports. worms have characteristics similar to viruses. The difference, if the virus is very dependent on the program, then if the worm is not.
Worm is a program that stands alone without relying on another program (independent) to find the nest of its spread. Worms can damage files that are in a computer more patent than a virus and are also often referred to as branches of a computer virus. Examples of worms are as follows.Nimda
- Code Red
The impact that can be stolen is the documents that are in the device, antivirus and security systems that are in the system will die, making the infected system become unused and useless. consumes the bandwidth that is in the system, and can duplicate themselves quickly which causes the computer’s memory runs out / fullness. After that, the computer hangs.
3) Trojan Horse
Trojan horse or often referred to as a Trojan is a computer program that has the ability that can not be tracked and as if good for use that ultimately damage the system. Which generally aims to get information that was taken from the victim secretly (stealing) which then hijacked it. An example of this Trojan is as follows.Win-trojan/SubSeven
- Win-trojan/Back Orifice
Keylogger is a program whose purpose is to record all activities from pressing buttons (input) that appear from the keyboard. Keyloggers can actually be good and bad programs, depending on the user in using them.KGB Key Logger 5.2
- Keylogger Douglas 1.1
- Revealer keylogger Free Edition 1.4
Adware is an advertisement software that is secretly entered by program makers with the ability to automatically download and display advertising material without the user’s knowledge. This adware is generally shaped like a Pop-Up advertisement on a site. Examples of Adware as follows.Win32/adware.registrycleanfix2008
- AOL Mail
- MyWay Searchbar
Dialer is a program that is made to redirect from the user’s telephone connection to the internet, for example like some premium numbers. Usually a computer affected by a dialer virus, it will force to connect to the internet even though there is no connection. Dialer fraud often occurs without the user realizing it. If you have been hit by a dialer, surely the victim feels very loss. Vice versa, if the hijacker is very profitable for him.
Wabbit is a program that has features like worms. Does not require a network connection Because it only works in the local network system. Wabbit will always duplicate until the memory in the hard disk is full.
7) BOTS (robot)
BOTS is a process that works automatically which then interacts with other networks. These bots can usually be used for good or evil purposes, depending on the manufacturer. If it is used for malicious purposes, it will work like a worm that can duplicate itself and infect / spread viruses to the computer. The difference is that the BOTS requires an order or direction from the bot maker himself so that he reacts. Examples such as getting important information, DoS, Spam and so on.
8) Browser Hijacker
Hijacker browser is a program created with the aim to change or add functionality to the browser application by making direct directions from certain sites while the Internet Explorer application is running.
Example of the Hijacker browser:
• Conduit Search
Spyware is a program that works as a spy to find out the habits of the computer user and to provide the information to other parties. This information can be monitored secretly without the victim’s knowledge. The aim is to conduct surveillance which then provides the information to the hijackers about all activities that occur on the victim’s computer.
• Parental Control Software
• Detective Software
• Surf saver10) Backdoor (pintu belakang)
Backdoor adalah salah satu metode yang di pakai untuk melewati suatu proses yang biasanya di lakukan seperti login dan juga berusaha supaya tidak terlacak. Malware jenis ini masuk dengan memanfaatkan celah pintu belakang (Backdoor) dari sebuah perangkat yang sering di selipkan melalui Trojan atau Worm. Contoh dari Backdoor misalnya seperti: BackOrifice, NetCut, Ratware dan akibat yang di timbulkan dari Backdoor seperti.
- Mengacaukan lalu-lintas jaringan.
- Mendistribusikan serangan distributed denial of service.
- Melakukan brute force untuk melakukan crack password atau enkripsi.
11) Rootkit & Exploit
Exploit is a software that can be infected through open security holes. This exploit is generally used by researchers to demonstrate that a system has a gap. The results of the research are then given to the producer, then the manufacturer fixes or neutralizes the gap. But sometimes the task of Exploit becomes one of the parts of Malware whose job is to attack the security hole that has now been misused by the user.
Rootkits are different from Exploit, because they don’t attack the system directly like Exploid. This rootkit is inserted into the computer by the hacker after the computer is hijacked. What is the purpose of Rootkit? The goal is to remove traces of the hacker.
Sometimes, Rootkits also contain backdoor malware that acts as an attacker so that the attacker can come back to attack the system later. In addition, the Rootkit also has unique characteristics that are embedded in the core of the operating system. This is what makes Rootkits hard to track. Rootkits can also examine various processes that are currently running. When he suspects an antivirus, he can hide for a moment. Then reactivate when the process is complete and the example of Rootkit & Exploit is as follows.
• DOS attack