Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:01,210 --> 00:00:02,590
Welcome to the Mahler lecture.
2
00:00:02,800 --> 00:00:03,460
Let's dive in.
3
00:00:05,180 --> 00:00:09,760
So what is Möller, the term malware is a combination of the words malicious and softer.
4
00:00:10,500 --> 00:00:16,520
Basically, it's any software intentionally designed to cause damage to the software and or hardware
5
00:00:16,520 --> 00:00:18,510
of a computer or a computer network.
6
00:00:19,250 --> 00:00:24,560
Of course, when I'm saying computers, I'm referring to a wide range of devices from microcontrollers,
7
00:00:24,650 --> 00:00:31,100
wearables such as smartwatches to mobile phones, tablets, consoles, personal PCs, servers and so
8
00:00:31,100 --> 00:00:31,280
on.
9
00:00:33,700 --> 00:00:37,960
What can Mallory do, depending on the purpose for which the malware was built?
10
00:00:37,990 --> 00:00:40,600
It can do one or more of the following things.
11
00:00:42,010 --> 00:00:44,860
Some malware can tamper or even destroy data.
12
00:00:45,250 --> 00:00:49,060
In some rare cases, malware can even damage or destroy harder.
13
00:00:50,230 --> 00:00:55,900
It can make systems vulnerable by creating vectors that can be then used by even more malware.
14
00:00:56,860 --> 00:00:59,740
In some cases, malware can install other malware.
15
00:01:00,280 --> 00:01:03,340
It can generate spam or create denial of service attacks.
16
00:01:04,180 --> 00:01:09,490
It can also deplete the resources of the system and use these resources for malicious purposes, such
17
00:01:09,490 --> 00:01:10,780
as denial of service attacks.
18
00:01:12,070 --> 00:01:17,380
Last on our list, malware can be used to spy on users extracting confidential information about the
19
00:01:17,380 --> 00:01:17,800
users.
20
00:01:20,400 --> 00:01:28,140
In this lecture, we'll have a look at eight of the most common types of malware virus or Trojan horse,
21
00:01:28,260 --> 00:01:33,180
malicious, both ransomware, spyware, adware and rootkit.
22
00:01:33,420 --> 00:01:37,290
So let's start with the most widely known malware, the virus.
23
00:01:39,200 --> 00:01:44,150
The easiest way to understand the computer virus is to make a parallel with the biological virus.
24
00:01:44,390 --> 00:01:45,770
Let's take covid, for example.
25
00:01:46,430 --> 00:01:52,070
covid, like any other virus, needs a host so that it can replicate itself in order for someone to
26
00:01:52,070 --> 00:01:52,880
get infected.
27
00:01:52,880 --> 00:01:58,370
Some kind of interaction with an infected person needs to happen, like, for example, a handshake,
28
00:01:58,670 --> 00:02:04,340
staying in close proximity without a mask or touching something that the infected person touched.
29
00:02:04,970 --> 00:02:10,490
Once the virus gets inside the person's system, it attaches itself to healthy human cells and uses
30
00:02:10,490 --> 00:02:14,770
these cells to create other instances of the virus infecting even more cells.
31
00:02:15,230 --> 00:02:20,550
A computer virus is a malicious program or code which works in pretty much the same way.
32
00:02:20,930 --> 00:02:25,370
First, a computer virus requires a host program, which it needs to infect.
33
00:02:26,060 --> 00:02:31,540
For example, a computer virus could infect the operating system, such as, for instance, Windows.
34
00:02:32,000 --> 00:02:36,860
Second, a computer virus requires user action to transmit itself from one system to another.
35
00:02:37,160 --> 00:02:43,640
Viruses cannot spread without some sort of action from a user like, for example, opening an infected
36
00:02:43,640 --> 00:02:44,290
word document.
37
00:02:44,690 --> 00:02:51,200
And third, similar to biological virus, a computer virus infects other programs, inserting its malicious
38
00:02:51,200 --> 00:02:51,530
code.
39
00:02:52,660 --> 00:02:56,480
Now that we know what the virus is, let's have a look at some types of viruses.
40
00:02:57,220 --> 00:02:59,620
First, we have the polymorphic virus.
41
00:02:59,950 --> 00:03:03,640
A polymorphic virus changes its code each time it replicates itself.
42
00:03:04,180 --> 00:03:07,960
It does this to evade detection by antivirus programs.
43
00:03:08,320 --> 00:03:11,800
Because of this reason, modern viruses are usually polymorphic.
44
00:03:13,420 --> 00:03:19,810
Next, we have the boot sector piracy, this type of virus is triggered whenever the victim starts their
45
00:03:19,810 --> 00:03:20,320
computer.
46
00:03:21,240 --> 00:03:27,840
After that, we have the following Fekter virus, which inserts malicious code into executable files,
47
00:03:27,840 --> 00:03:32,470
such as, for example, media player Word Excel or the operating system.
48
00:03:33,240 --> 00:03:38,420
Another type is the browser highjacker, which alters certain web browser functions.
49
00:03:38,730 --> 00:03:43,230
The other functions could, for example, automatically direct the user to malicious website.
50
00:03:44,130 --> 00:03:46,440
Next on the list, we have the resident virus.
51
00:03:46,950 --> 00:03:53,070
This type of virus inserts itself as part of the operating system and is loaded into memory whenever
52
00:03:53,070 --> 00:03:54,240
the operating system load.
53
00:03:54,990 --> 00:03:57,930
Next, we'll discuss about direct action virus.
54
00:03:58,590 --> 00:04:03,290
This type of virus is triggered when the user executes a file containing the virus.
55
00:04:03,300 --> 00:04:05,700
Otherwise, the virus remains dormant.
56
00:04:06,330 --> 00:04:08,520
Yet another type is the macro virus.
57
00:04:09,530 --> 00:04:15,680
Macro viruses are written in the same macro language used for softer applications such as word, PowerPoint
58
00:04:15,680 --> 00:04:22,160
or Excel, these type of viruses spread when the victim opens an infected document, which often spread
59
00:04:22,160 --> 00:04:23,510
via email attachments.
60
00:04:24,020 --> 00:04:26,370
Last on our list is the multi-party virus.
61
00:04:27,080 --> 00:04:30,110
This kind of virus infects and spreads in multiple ways.
62
00:04:30,440 --> 00:04:35,600
For example, such a virus can infect both document files as well as operating system files.
63
00:04:37,850 --> 00:04:40,730
Another famous type of malware is the computer worm.
64
00:04:41,420 --> 00:04:44,590
What exactly is a worm, a computer worm?
65
00:04:44,600 --> 00:04:49,960
It's a standalone, malicious program that self replicates in order to spread to other computers.
66
00:04:50,450 --> 00:04:55,350
A worm can replicate itself without any human interaction and is a standalone program.
67
00:04:55,820 --> 00:04:57,920
So a worm does not need the host.
68
00:04:59,550 --> 00:05:03,600
Let's have a quick look at some warm types grouped by means of spreading.
69
00:05:04,460 --> 00:05:07,430
First type is Internet terms, Internet worms.
70
00:05:07,550 --> 00:05:14,150
Can the network using infected computers in order to find other vulnerable computers, if such a computer
71
00:05:14,150 --> 00:05:18,470
is found, the worm will then attempt to connect and infect the vulnerable machine.
72
00:05:19,700 --> 00:05:25,850
Next, we have e-mail worms which spread through email messages which contain malicious attachments
73
00:05:25,940 --> 00:05:27,620
or links to malicious websites.
74
00:05:28,980 --> 00:05:35,700
Yet another type is instant messaging worms, which spread by sending malicious links via instant messaging
75
00:05:35,700 --> 00:05:36,480
applications.
76
00:05:37,890 --> 00:05:44,850
Last on our list is the file sharing network Worms, which place a copy of themselves in a shared folder
77
00:05:44,850 --> 00:05:47,070
and spread via peer to peer network.
78
00:05:49,010 --> 00:05:56,030
Let's also have a brief look at the concrete computer worm example, Stuxnet, Stuxnet is a computer
79
00:05:56,030 --> 00:05:58,060
worm first discovered in 2010.
80
00:05:58,460 --> 00:06:04,700
It targeted the programmable logic controllers, which are industrial control systems used for industrial
81
00:06:04,700 --> 00:06:09,320
processes such as the centrifuges used for separating nuclear material.
82
00:06:10,250 --> 00:06:17,040
Stuxnet exploited several zero their abilities in Windows and infected over 200000 computers.
83
00:06:17,630 --> 00:06:24,170
It is reported that Stuxnet caused over 1000 machines to physically degrade, ruining almost one fifth
84
00:06:24,170 --> 00:06:26,240
of Iran's nuclear centrifuges.
85
00:06:27,640 --> 00:06:30,460
Next, we'll discuss the Trojan horse malware.
86
00:06:31,860 --> 00:06:38,130
Similar to the Trojan horse of the ancient Greek story, a Trojan horse or a Trojan is a deceptive malware
87
00:06:38,130 --> 00:06:40,440
which misleads the user of its true intent.
88
00:06:40,950 --> 00:06:45,600
Trojans usually spread through social engineering, for example, through malicious email attachments
89
00:06:45,630 --> 00:06:49,230
or from malicious websites as opposed to viruses and worms.
90
00:06:49,350 --> 00:06:51,480
Trojans do not attempt to propagate themselves.
91
00:06:52,700 --> 00:06:58,880
Let's explore some Trojan types first on our list, we have the backdoor Trojan, which gives malicious
92
00:06:58,880 --> 00:07:03,410
users remote control over the infected computer depending on the Trojan.
93
00:07:03,630 --> 00:07:09,410
This enables cyber criminals to do things like send, receive and delete files, launch programs or
94
00:07:09,410 --> 00:07:10,190
display data.
95
00:07:10,550 --> 00:07:15,960
Backdoor Trojans are often used to create botnet that can be used for cyber criminal purposes.
96
00:07:17,000 --> 00:07:19,670
Another type that's running on the victim's computer.
97
00:07:20,770 --> 00:07:26,500
Next on our list is the Trojan banker, which, as you already probably guessed from the name, is designed
98
00:07:26,500 --> 00:07:30,700
to steal credit card information or the credentials for online banking systems.
99
00:07:31,630 --> 00:07:38,140
Yet another type is a Trojan distributed denial of service, or Trojan Horse, which is used to conduct
100
00:07:38,140 --> 00:07:41,050
denial of service attacks against targeted Web applications.
101
00:07:41,680 --> 00:07:44,950
You'll learn more about denial of service attacks in another lecture.
102
00:07:45,870 --> 00:07:51,730
Now, let's talk about the Trojan downloader and the Trojan dropper, these Trojans are used to install
103
00:07:51,750 --> 00:07:56,100
other malware in the infected machine, such as other Trojans or viruses.
104
00:07:56,850 --> 00:08:00,720
That Trojan downloader basically downloads and installs other malware.
105
00:08:00,990 --> 00:08:07,320
While the Trojan dropper contains other malware source code embedded inside of it, the dropper uses
106
00:08:07,320 --> 00:08:11,010
embedded source code to install new mother on the infected computer.
107
00:08:11,760 --> 00:08:16,760
Next, we have the Trojan fake antivirus, which pretends to be legitimate antivirus software.
108
00:08:17,280 --> 00:08:22,440
They are usually designed to obtain money from their victim in return for detection and removal of threats,
109
00:08:22,770 --> 00:08:26,310
even though the threats that they report are actually nonexistent.
110
00:08:27,200 --> 00:08:33,230
After that, let's have a look at the Trojan ransom, this type of Trojan can modify data on the victim's
111
00:08:33,230 --> 00:08:36,060
computer so that the victim cannot use the data anymore.
112
00:08:36,440 --> 00:08:41,060
The cyber criminals will only restore the data after ransom money is paid.
113
00:08:42,130 --> 00:08:48,970
Last on our list is the Trojans, by which, as the name implies, spies on the victim, for example,
114
00:08:48,970 --> 00:08:54,160
it can do that by tracking the data entered via the keyboard, taking screenshots or getting a list
115
00:08:54,160 --> 00:08:55,330
of the running applications.
116
00:08:56,980 --> 00:09:03,430
Let's move on to the next malware, the malicious bot first in order to define what the malicious bodies
117
00:09:03,430 --> 00:09:04,300
we have to know.
118
00:09:04,300 --> 00:09:09,790
What the body's about is a software application that runs automated and repetitive tasks.
119
00:09:10,750 --> 00:09:15,640
The most common use of pot is Web crawling in which both gather information from the Web.
120
00:09:16,310 --> 00:09:20,380
Another type of boats are chad boats, which are used more and more recently.
121
00:09:20,890 --> 00:09:26,540
These kind of boats are often used by organizations to automate part of the support offered to customers.
122
00:09:27,130 --> 00:09:31,240
OK, now that we know what the boat is, we can have a look at the malicious spot.
123
00:09:31,660 --> 00:09:35,170
As the name implies, it's a boat used for malicious purposes.
124
00:09:35,590 --> 00:09:39,790
Malicious bots are usually self-propagating malware that infects computers.
125
00:09:40,790 --> 00:09:46,700
These boats then are used for cyber criminal activities, multiple computers infected with malicious
126
00:09:46,700 --> 00:09:49,670
bots can form a botnet or called botnet.
127
00:09:50,000 --> 00:09:52,260
Botnet can have different types of architectures.
128
00:09:52,310 --> 00:09:58,400
Some of the first botnet use the client server architecture in which the bots act as clients and connect
129
00:09:58,400 --> 00:10:01,520
to a server also known as Command and Control Center.
130
00:10:02,150 --> 00:10:05,420
The command and control center then issues commands to the bot.
131
00:10:05,810 --> 00:10:09,990
The boards execute the commands, relayed the results back to the command and control center.
132
00:10:10,790 --> 00:10:16,560
We can see an example of a client server architecture on the top right part of the slide in the middle.
133
00:10:16,580 --> 00:10:21,020
We have the server, the command and control center and around it we have the clients.
134
00:10:21,260 --> 00:10:22,810
The bot infected computers.
135
00:10:23,420 --> 00:10:27,950
The main disadvantage of this type of botnet architecture is that if the command and control center
136
00:10:27,950 --> 00:10:31,250
is compromised, the whole botnet can be potentially shut down.
137
00:10:31,760 --> 00:10:38,000
Since the control center issues commands the whole botnet, a more resilient architecture is peer-to-peer.
138
00:10:38,270 --> 00:10:43,610
This botnet do not have a centralized server and each bot behaves both this client, which receives
139
00:10:43,610 --> 00:10:46,390
commands and a server which issues commands.
140
00:10:46,880 --> 00:10:47,780
How does this work?
141
00:10:48,680 --> 00:10:50,390
One way can be as follows.
142
00:10:50,390 --> 00:10:54,670
Each bot searches the network for other bots, adding them to a contact list.
143
00:10:54,690 --> 00:11:00,710
When found, the owner of the botnet can issue commands from one of the bots and then the bot spreads
144
00:11:00,710 --> 00:11:02,330
the command to its noncontact.
145
00:11:02,630 --> 00:11:08,330
Then each of the contacts press the command further in order to make sure that the commands are genuine,
146
00:11:08,480 --> 00:11:12,570
the owner of the botnet can use a secret key to digitally signed documents.
147
00:11:12,920 --> 00:11:16,640
This way, the bots can verify that the command is indeed genuine.
148
00:11:17,650 --> 00:11:24,190
We can see an example of a peer to peer botnet in the bottom right part of the slide, each computer
149
00:11:24,190 --> 00:11:26,410
in the diagram is infected with the bot.
150
00:11:27,100 --> 00:11:32,230
In the diagram, we can see that we do not have the central server anymore and that each bot has several
151
00:11:32,230 --> 00:11:34,660
connections to other bots in the botnet.
152
00:11:35,560 --> 00:11:37,940
Now let's explore some malicious types.
153
00:11:38,350 --> 00:11:44,680
First, we have the spambots, which, as the name implies, are designed to propagate spam emails or
154
00:11:44,680 --> 00:11:45,250
messages.
155
00:11:46,330 --> 00:11:52,570
Another type is distributed denial of service spots or dead spots, which are used to initiate distributed
156
00:11:52,570 --> 00:11:57,580
denial of service attacks against specific targets, you will learn more about this type of attack and
157
00:11:57,580 --> 00:11:58,920
the denial of service lecture.
158
00:11:59,710 --> 00:12:01,570
Next on our list is registration.
159
00:12:01,570 --> 00:12:08,200
But these are not your specific email addresses to sign the victim up to numerous services in order
160
00:12:08,200 --> 00:12:09,940
to flood their email inbox.
161
00:12:10,690 --> 00:12:14,950
This can be used to distract from important messages such as a security breach.
162
00:12:15,760 --> 00:12:18,820
Now let's talk about malicious websites, crappers.
163
00:12:19,360 --> 00:12:23,740
Besides legitimate purposes, websites, crappers can also be used maliciously.
164
00:12:24,310 --> 00:12:29,680
For example, malicious websites crappers can be used to obtain the content of websites in order to
165
00:12:29,680 --> 00:12:32,170
create malicious copies of said websites.
166
00:12:32,920 --> 00:12:37,660
Related to this, there are bots that crap the Internet for information about individuals.
167
00:12:38,230 --> 00:12:43,720
For example, such a bot could scrap information from social media such as LinkedIn and Facebook so
168
00:12:43,720 --> 00:12:47,440
that cyber criminals can use this information to prepare spearfishing attacks.
169
00:12:48,110 --> 00:12:54,280
Other types of bots can open back doors on the infected computers so that even more malware can be installed.
170
00:12:55,400 --> 00:13:01,160
Last on our list, we have your boats, which are used to generate fake views, comments and likes on
171
00:13:01,160 --> 00:13:01,780
the Internet.
172
00:13:04,170 --> 00:13:07,120
It's a concrete example of a botnet and a Trojan.
173
00:13:07,140 --> 00:13:08,700
We will talk about emoted.
174
00:13:09,210 --> 00:13:12,810
Emoted is a malware which was first detected in 2014.
175
00:13:13,950 --> 00:13:20,200
It started as a banking Trojan that was designed to steal banking credentials and that evolved into
176
00:13:20,200 --> 00:13:26,580
a downloader Trojan used to install other malware, then Emoted was also configured as a botnet, delivering
177
00:13:26,580 --> 00:13:28,400
malware as a service to cyber criminals.
178
00:13:28,830 --> 00:13:34,230
The cyber criminals using emoted could, for example, obtain banking credentials of victims using malware
179
00:13:34,350 --> 00:13:37,140
or installed ransomware on infected computers.
180
00:13:37,840 --> 00:13:39,960
And what that spread through spam emails.
181
00:13:40,680 --> 00:13:46,560
The emails contained infected attachments such as malicious word documents that contained the malware.
182
00:13:47,070 --> 00:13:53,130
Recently, it even used the fear of covid to spread itself via spam emails pretending to educate victims
183
00:13:53,130 --> 00:13:57,640
about covid emoted was one of the most active and dangerous threats.
184
00:13:57,660 --> 00:14:05,430
Up until recently, Emoted has suffered a major disruption in January 2021, after a major collaborative
185
00:14:05,430 --> 00:14:11,490
effort from international police, police has captured several hundred servers around the world, which
186
00:14:11,490 --> 00:14:17,700
were used to manage infected computers, spread the malware, surf cyber criminal groups and improve
187
00:14:17,700 --> 00:14:18,240
emoted.
188
00:14:19,430 --> 00:14:21,890
Next on the malware list is ransomware.
189
00:14:23,330 --> 00:14:29,270
Ransomware is a type of malware that threatens its victims with blocking access to the data or threatens
190
00:14:29,270 --> 00:14:34,250
them with publishing confidential data on the Internet unless a ransom is paid to the attackers.
191
00:14:35,060 --> 00:14:41,750
The most common types of ransom are encrypting ransomware, known, encrypting ransomware and exfiltration.
192
00:14:42,200 --> 00:14:47,790
The encrypting ransomware basically encrypts the victim's data, making it unavailable to anyone.
193
00:14:48,290 --> 00:14:53,900
Then the cyber criminals behind the ransomware ask for a ransom in order to provide the decryption key
194
00:14:53,900 --> 00:14:56,330
to the victim using the decryption key.
195
00:14:56,360 --> 00:15:00,360
In theory, the victim can decrease the data and have access to it again.
196
00:15:01,040 --> 00:15:06,410
However, be aware that even if the victim pays, there is no guarantee that the cyber criminals will
197
00:15:06,410 --> 00:15:08,060
actually provide the decryption key.
198
00:15:08,720 --> 00:15:12,450
The second type is not encrypted ransomware, also known as Calver.
199
00:15:13,190 --> 00:15:18,170
This is a less dangerous malware which just pretends that it has encrypted the victim's data.
200
00:15:18,710 --> 00:15:24,680
For example, such careworn can display an image on the victim's computer saying that the files have
201
00:15:24,680 --> 00:15:26,100
been encrypted by ransomware.
202
00:15:26,600 --> 00:15:29,950
This would be done in order to scare the victim into paying the ransom.
203
00:15:30,440 --> 00:15:34,590
However, in case of Scherba, the victim's data is still intact.
204
00:15:35,450 --> 00:15:38,290
Last type is exfiltration or neckwear.
205
00:15:38,690 --> 00:15:44,420
This type of ransomware threatens to leak online personal data of the victim, such as, for instance,
206
00:15:44,660 --> 00:15:48,870
private pictures or private conversations unless a ransom is paid.
207
00:15:49,550 --> 00:15:55,010
However, similar to encrypting ransomware, the victim has no guarantee that the attacker won't leak
208
00:15:55,010 --> 00:15:55,900
the data anyway.
209
00:15:57,560 --> 00:16:00,400
Let's have a quick look at the concrete example of ransomware.
210
00:16:01,040 --> 00:16:06,210
One is an encrypted ransomware, which was first discovered in May 2017.
211
00:16:06,950 --> 00:16:12,020
One is an encrypted ransomware, which was first discovered in May 2017.
212
00:16:12,860 --> 00:16:19,070
It spread through the Internet using an exploit named Internal Blue, which targeted Windows operating
213
00:16:19,070 --> 00:16:19,550
systems.
214
00:16:19,970 --> 00:16:26,870
The internal blue exploit was allegedly leaked from the US National Security Agency, even though Microsoft
215
00:16:26,870 --> 00:16:34,800
released a patch in March 2017 that fixed the vulnerability exploited by one Akroyd in May 2017, one
216
00:16:34,820 --> 00:16:40,220
crisis still spread to over two hundred and thirty thousand unpatched computers around the world.
217
00:16:40,940 --> 00:16:46,130
You can see on the left side a picture with the countries affected by the initial want to attack.
218
00:16:46,790 --> 00:16:48,980
The affected countries are colored in red.
219
00:16:49,910 --> 00:16:56,930
One impacted many companies and organizations such as the Spanish Telecom, Telefonica and the British
220
00:16:56,930 --> 00:17:03,230
National Health Service, impacting multiple hospitals which had to turn away patients and cancel scheduled
221
00:17:03,230 --> 00:17:03,920
operations.
222
00:17:04,460 --> 00:17:10,940
One Okri also infected FedEx, Deutsche Bank, Honda, Renault, the Russian Interior Ministry and the
223
00:17:10,940 --> 00:17:12,440
Russian Telecom Megafaun.
224
00:17:12,980 --> 00:17:18,590
The original attack of one Okri was stopped a few days later after a killswitch was found, which prevented
225
00:17:18,590 --> 00:17:20,060
one aircraft from spreading further.
226
00:17:20,870 --> 00:17:22,760
Next, we'll talk about spyware.
227
00:17:23,210 --> 00:17:28,190
Spyware is malware that infects devices in order to gather information about its victims.
228
00:17:28,640 --> 00:17:33,860
For instance, depending on the spyware, it can gather information such as credentials to different
229
00:17:33,860 --> 00:17:39,980
websites, browser history, a list of applications installed, emails sent and received, the input
230
00:17:39,980 --> 00:17:42,920
introduced from the keyboard or credit card information.
231
00:17:44,260 --> 00:17:52,270
Next on our list is Adver Adwar stands for advertising supported software and is basically software
232
00:17:52,270 --> 00:17:54,010
that is designed to generate ads.
233
00:17:54,790 --> 00:18:00,190
Adwar can also encourage users to install additional software promoted by third party users.
234
00:18:00,760 --> 00:18:02,620
Adwar is not necessarily mahrer.
235
00:18:03,010 --> 00:18:08,800
It can be used in legitimate use cases in which developers obtain extra income from ads.
236
00:18:09,370 --> 00:18:12,460
These ads can be embedded in their websites or applications.
237
00:18:13,120 --> 00:18:17,980
There are also other types of hardware which can be potentially unwanted applications.
238
00:18:18,640 --> 00:18:21,970
First, we have legal but abusive or deceptive adver.
239
00:18:22,840 --> 00:18:28,630
These type of Adwar might make it difficult for the user to opt out of installing additional software.
240
00:18:29,290 --> 00:18:35,520
Also in this category we might have Adwar, which displays ads that might be direct to malicious websites.
241
00:18:36,130 --> 00:18:41,530
In these cases, the creator of the Adwar might not be aware of the malicious third party ads.
242
00:18:42,280 --> 00:18:44,440
Another type of abusive but legal.
243
00:18:44,440 --> 00:18:47,140
Adwar is Adwar that produces excessive.
244
00:18:47,140 --> 00:18:53,050
At an example of such, Adwar can be a browser toolbar that bombards you with ads.
245
00:18:53,980 --> 00:19:00,250
Finally, we have illegal, malicious software in which the Adwar intentionally distributes malware
246
00:19:00,310 --> 00:19:01,810
or links to malicious websites.
247
00:19:02,470 --> 00:19:05,440
This type of hardware is often accompanied by spyware.
248
00:19:06,730 --> 00:19:08,620
Last on our list is rootkit.
249
00:19:09,890 --> 00:19:15,950
The term rootkit is a combination of the word truth, which is the name of privileged account in Unix
250
00:19:15,950 --> 00:19:21,640
like operating systems, and the work kit, which refers to the collection of software that implements
251
00:19:21,800 --> 00:19:28,190
all a rootkit, is a set of software tools used to gain privileged access or control over a host.
252
00:19:28,790 --> 00:19:33,710
It is usually classified as malware, since it's often used for malicious purposes.
253
00:19:34,460 --> 00:19:39,530
Malicious rockets are designed to stay hidden and conceal themselves as well as other malware.
254
00:19:40,310 --> 00:19:46,310
There are, however, some legitimate utilities using rootkit, for example, some applications that
255
00:19:46,310 --> 00:19:52,100
emulate hardware or software or some applications that are used to detect cheating in online games.
256
00:19:52,820 --> 00:19:55,990
With that, we conclude the exploration of different types.
257
00:19:57,360 --> 00:20:03,060
Before we wrap up, let's have a look at the malware metrics, you might have already noticed that some
258
00:20:03,060 --> 00:20:04,680
types of malware can overlap.
259
00:20:05,560 --> 00:20:11,620
To better understand the relations between different types, today, we will explore the following malware
260
00:20:11,620 --> 00:20:12,070
matrix.
261
00:20:12,580 --> 00:20:20,970
A virus cannot be worm y because a virus requires a host, while a worm, which is a standalone program
262
00:20:21,010 --> 00:20:28,210
that's not a virus, cannot be a Trojan either because the virus can replicate itself, while a Trojan
263
00:20:28,210 --> 00:20:37,390
cannot be says that a virus can be a malicious both ransomware, spyware, adware and finally can use
264
00:20:37,390 --> 00:20:40,930
a rootkit to gain privileged access and or conceal itself.
265
00:20:41,520 --> 00:20:43,990
Next, let's have a look at the computer worm.
266
00:20:44,560 --> 00:20:46,890
As we discussed, it cannot be a virus.
267
00:20:47,590 --> 00:20:54,710
Also, a worm cannot be a Trojan horse because a worm can self replicate while a Trojan cannot again.
268
00:20:54,760 --> 00:21:03,430
Besides that, a worm can be any other type of malware, such as a bot, ransomware, spyware, adware,
269
00:21:04,090 --> 00:21:07,930
and similarly to the virus, it can use a rootkit to gain privileged access.
270
00:21:08,930 --> 00:21:15,770
After the warm let's talk about Trojan, as we already mentioned, a Trojan cannot be a virus or a worm,
271
00:21:16,160 --> 00:21:23,450
but similarly to the worm and virus, it can be other types of malware, such as both ransomware, spyware,
272
00:21:23,930 --> 00:21:26,140
adware and rootkit.
273
00:21:26,870 --> 00:21:32,250
Next on the metrics, we have the malicious bot, which can also be any other type of malware.
274
00:21:33,080 --> 00:21:38,090
After that, we have ransomware, which similarly can be any other type of malware.
275
00:21:38,960 --> 00:21:40,600
One small note for ransomware.
276
00:21:40,760 --> 00:21:45,260
While technically possible, it does not make much sense for a ransomware to also be a nightmare.
277
00:21:46,760 --> 00:21:51,200
Next, we have spyware, which can also be any other type of malware discussed today.
278
00:21:52,220 --> 00:21:54,110
After that, we have a look at that.
279
00:21:54,740 --> 00:22:00,290
Similarly, it can be any other type of malware discussed today with the note that for Adwar, it does
280
00:22:00,290 --> 00:22:02,540
not make much sense to also be ransomware.
281
00:22:03,770 --> 00:22:09,140
Last, we have the rootkit which can be used by any other type of malware to discuss today in order
282
00:22:09,140 --> 00:22:12,420
to gain privileged access and or conceal the malware.
283
00:22:13,460 --> 00:22:19,340
I hope that after discussing this matrix, you now have a better understanding of relationships between
284
00:22:19,340 --> 00:22:21,060
different types of malware discussed today.
285
00:22:21,890 --> 00:22:25,800
To recap, in this lecture, we learn what mulberries, what it can do.
286
00:22:26,210 --> 00:22:31,940
We explore the most common types of malware, looking at their capabilities and some concrete examples.
287
00:22:32,340 --> 00:22:37,610
Finally, we had a look at the malware metrics to better understand the relationship between different
288
00:22:37,610 --> 00:22:38,360
types of malware.
289
00:22:39,080 --> 00:22:40,790
With that, we conclude this lecture.
290
00:22:41,270 --> 00:22:43,590
If you have any questions, don't hesitate to ask us.
291
00:22:43,970 --> 00:22:45,320
See you soon in the next lecture.
32123
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.