How do things like malware, spyware and trojans get onto computer?

tufffta

Senior Member
Joined
Oct 5, 2012
Messages
4
How do things like malware, spyware and trojans get onto computer?
Opening dodgy email attachmens or running executable files downloaded off the internet - ok, I get it. I understand the concept of an infected executable file. But except for that? How can stuff like possibly that get onto computer?
Can simply opening a website in a browser result in installation something like that?
 


Solution
Malware can get on your system in many many ways. Some of the more common.
  • You download software that is compromised (bundled with malware) this can be from legitimate sites or bit torrent/file sharing sites
  • Through email either spam or social engineering (this includes spoofing people you know to make it seem legitimate)
  • Through vulnerabilities (known and unknown) in any piece of software (Common: Browsers, java, adobe products, office, Windows)
  • Direct through vulnerabilities in hardware firmware
  • Removable media (USB, external drives, CDs that may be infected)
For Anti-Malware there are many techniques used to protect you
  • Using a filter driver that monitors read/writes to disk
  • Network filter driver...
Yes they can they're called driveby installs. They normally rely on browser faults or dodgy plugins

Sent from my Nexus 6 using Tapatalk
 


Yes they can they're called driveby installs. They normally rely on browser faults or dodgy plugins

Can anti-virus or firewall software prevent that from happenning (as opposed to stopping them after they have installed/started on my computer)?
 


Yes programs like malwarebytes stop that kind of infection.

Sent from my Nexus 6 using Tapatalk
 


Malware can get on your system in many many ways. Some of the more common.
  • You download software that is compromised (bundled with malware) this can be from legitimate sites or bit torrent/file sharing sites
  • Through email either spam or social engineering (this includes spoofing people you know to make it seem legitimate)
  • Through vulnerabilities (known and unknown) in any piece of software (Common: Browsers, java, adobe products, office, Windows)
  • Direct through vulnerabilities in hardware firmware
  • Removable media (USB, external drives, CDs that may be infected)
For Anti-Malware there are many techniques used to protect you
  • Using a filter driver that monitors read/writes to disk
  • Network filter driver (Ex: firewall)
  • Signature based detection (only works for known threats)
  • Behavior based detection (based on things like traffic generated, functions the application uses)
  • Sand boxing (program is contained, ran and analyzed for IoCs)
  • Cloud Analytics
  • Analyzing memory (some malware never touches your hard drive, or only writes an encrypted blob for persistence, and can be very difficult to find)
 


Solution
Very complete explanation, Neem. :up: Couldn't have said it better myself.:D

<<BIGBEARJEDI>>
 


Back
Top