Skip to content
Skip to navigation menu

 

Security and Virus Terminology

What is a Virus?

A virus is a piece of malicious program code designed to disrupt or damage computer systems by adding itself (or a variant of itself) to commonly used system or program files. Viruses are self replicating, spreading from one ‘infected’ system to another. There are over 70,000 computer viruses in existence, with around 400-500 new viruses being discovered every month.

Back to top

 

What is a Trojan?

Unlike a virus, a Trojan is not a self replicating program.

A Trojan hides its malicious actions by masquerading as something useful or desirable — its name is derived from Greek mythology - Greek soldiers hide inside a wooden horse, which due to its desirability is brought into the city of Troy. Once inside, behind the defences, the Greek soldiers attack the previously impenetrable city.

A Trojan ‘virus’ uses the same principle; it relies on computer users sending the desirable (Trojan) program to friends and colleagues. You may think you have found and installed a fun new screensaver, cool free game or excellent new system utility, but you have in reality installed a harmful program onto your system designed to cause damage or disruption.

Back to top

 

What is a Worm?

A worm is a sophisticated piece of replicating code that requires no user interaction (such as opening an email or running a program) to spread.

Worms are designed to exploit vulnerabilities or security ‘holes’ in software applications or operating systems. With the advent of the internet, Worm viruses that exploit system ‘holes’ and require no user intervention can spread very quickly indeed!

The SQL Slammer worm, which exploited vulnerabilities in a Microsoft operating system, raced around the globe within 10 minutes of release, making it the fastest spreading computer virus ever!

Back to top

 

What are Adware or Spyware programs?

Adware or Spyware programs are designed to snoop on your internet surfing behaviour.

Originally designed to allow targeted advertising on selected web pages, they have become far more malicious. Adware or Spyware programs can force pop-up adverts or reconfigure your internet browser home page, often to gambling or pornographic web sites; track keystrokes, passwords, banking or credit card details and add additional toolbars to your browser. Even the less harmful ones can cause your computer to run slowly, cause your browser to hang or your computer to crash.

Back to top

 

What is Phishing?

Phishing is a technique whereby spammers or hackers imitate legitimate companies in an attempt to steal personal information such as bank details, credit card details, user names or passwords.

The scam usually takes the form of a carefully crafted email, designed to appear to come from a legitimate company, which contains a link to an external web page.  The user is encouraged to click on the link, and enter personal information such as credit or bank details on the resulting web page. 

Some Phishing scans are easily spotted due to bad grammar or poor spelling, but some can be very convincing indeed!  Repeatedly targeted companies include Barclays Bank, Lloyds TSB, Citibank and Ebay (the online auction web site). 

Examples of Phishing scams

Back to top

 

What is Spoofing?

Spoofing is a technique used by mass mailing viruses to ‘hide their tracks’ in an attempt to make detection more difficult. 

To spread, mass mailing viruses send out hundreds or even thousands of infected email messages from a victim’s computer.  If the victims genuine email address is used, the infection can be easily traced and the virus quickly removed.  

To get around this problem, mass mailing viruses use a technique known as spoofing.  The virus searches the victims computer for alternative email addresses (i.e. potentially anyone the victim has ever corresponded with by email) and uses these alternative email addresses to form the ‘FROM’ fields on outgoing infected messages.  Recipients of an infected email naturally look at the ‘From’ field to see where the infection came from, however if the virus uses spoofing, the ‘From’ field is false and the genuine source of the virus is undetectable.

Back to top

 

What are the worst type of viruses?

The worst types of viruses are those containing a ‘Remote Access’ or ‘Backdoor’ component.  Once infected, these types of viruses allow an attacker to gain control over or access into your computer. 

Once in, an attacker can pretty much do whatever they want including copy files to your computer, run programs on your computer and even drop additional backdoors into your computer that may not be detected and removed by your virus software.  

Following infection by a remote access or backdoor component virus, the only way to fully guarantee a system is ‘clean’ would be to completely wipe the system and re-install the entire operating system and all applications!

Back to top

 

What is Stinger?

Stinger is a small, standalone utility designed to scan for and repair specific viruses only.  Stinger is not an alternative for VirusScan Enterprise, and scanning with Stinger is not a guarantee the system is clean.  McAfee frequently release a version of Stinger to scan for and repair the worst 40 or 50 viruses current at that time. 

Stinger is designed to be used to remove specific viruses from individual infected systems not running the full version of VirusScan.  Stinger cannot receive updates and should not be considered as anything other than a one-off removal tool for a very small number of viruses.

Back to top

 

What is a Hoax Virus?

Electronic mail messages which warn of supposedly damaging viruses are now commonplace. These messages have become known as hoax viruses. The warnings they contain do not relate to any real viruses but burden electronic mail servers.

If you receive a message warning of a virus, please DO NOT pass it on to your friends and colleagues. If you are worried about a mail message, please send a single copy of the Email to postmaster@cardiff.ac.uk for evaluation or contact insrvConnect for further advice.

To find out more about the latest hoax viruses consult McAfee, Symantec or Data Fellows