T 5.23 Malicious software

Malicious software is software designed specifically with the goal of executing unwanted and usually damaging functions. Common types of malicious software include, among others, viruses, worms, and Trojan horses. Malicious software is usually activated secretly without the knowledge and permission of the user.

Malicious software nowadays provides an attacker with extensive communication and control capabilities as well as a number of functions. Specifically, malicious software can be used to obtain passwords, remotely control systems, disable protective software, and spy on data, among other things.

The most serious damage that can be caused by such software is the loss or corruption of information or applications. However, the image loss and financial damage that can result from malicious software can also be significant.

Examples:

• In the past, the W32/Bugbear worm spread itself using two different methods. One method was to search in local networks for computers with shares for which write access was enabled and then copy itself to the share. In addition, it sent itself in an email in HTML format to the recipients in the email address book of the computers it infected. Due to an error in the HTML routine of certain email programs, the malicious software was executed when the message was opened without requiring any action by the recipient.
• The W32/Klez worm spread different versions of itself. Infected computers sent the virus to all recipients in the address book of these computers. Once this virus infected a computer, it prevented all further attempts to install the anti-virus software of typical manufacturers by continuously manipulating the operating system. The continuous manipulation of the operating system made disinfecting the infected computer significantly more difficult.