Flashcards - M6: Malware Threats

Define malware.

Malicious software designed to disrupt, damage, or gain unauthorized access to systems (viruses, worms, trojans, etc.).

How do worms differ from viruses?

Worms: Self-replicating across networks, no user interaction required.
Viruses: Require user action (e.g., opening an infected file) to spread.

What is a trojan horse?

A program disguised as legitimate software that performs malicious activities once installed.

What is ransomware?

Malware that encrypts files and demands payment (usually in cryptocurrency) for decryption.

Give an example of a malware analysis technique.

Sandboxing (e.g., using Cuckoo Sandbox) or static/dynamic code analysis (e.g., IDA Pro).

What is spyware?

Software that secretly gathers user information (keystrokes, browsing habits) and sends it to a third party.

How can malware commonly be delivered?

Phishing emails, malicious links/attachments, drive-by downloads, or infected USB devices.