Glossary

Term

Definition

Appender

A Virus that inserts its malicious coding at the end of a file. The file entry is adjusted so that the coding is executed before the rest of the file.

Behaviour

A method of malware detection – a security solution will search for file actions that are often associated or similar to malicious activity.

BIOS

The Basic Input/Output System is a chip in the Motherboard that instructs the computer on how to boot correctly. The computer would not be able to operate without the BIOS.

Bitcoins

A form of digital currency – used to buy products online or are exchanged for real-world currency.

 Bitcoin Miners/Bitcoin Mining

The process of creating Bitcoins – Malware uses special software known as Bitcoin miners to create and collect Bitcoins. The process requires a lot of computer processing power, and thus causes system slowdowns.


Blacklist

A list of malicious programs for Security Solutions to use to help detect malware.

Boot-Sector

A sector on a bootable disk drive that contains instructions for the computer on how to boot from the drive.

Bot

A program (usually malicious) controlled by Hackers. A large network of Bots creates a Botnet.

Botnet

A large network of Bots/Zombie Computers – usually used for malicious purposes such as DDoS attacks.

Buffer Overflow

When a Buffer (temporary data storage area) receives more data than it can hold, causing errors, instability and crashes.

Cavity Filler

A Virus that fills any empty or unused space in a file. The method of infection prevents the file size from changing.

Chain Letter

A message distributed online, with instructions for the recipient to continue spreading the message to their friends. Some Chain Letters are automated or malicious. Social Networking websites and E-Mail providers are examples of targets of Chain Letters.

Clickers

Trojans that make a system visit a specific web page consistently and frequently. – Helps increase revenue from advertising.

Click Fraud

When a system or network of computers pay large amounts of visits/clicks to a particular web page or advertisement to illegally increase advertisement and revenue profits.

Cookie

A piece of information sent from a website you visit for the first time. The Cookie tells the website about your last visit. Some are placed onto your system for a better browsing experience. Usually harmless.

Definitions

A set of signatures that Security Solutions use to detect malware.

DDoS (DoS)

A Distributed Denial of Service attack is usually related to a malicious Botnet – when a huge network of computers send random or useless data towards an IP address or website hyperlink in an attempt to disrupt operations and cause annoyance.

Dialers

A type of Trojan that uses modems to dial expensive numbers and Premium-Rate numbers.

Dictionary Attack

An attempt to guess a password by trying as many words or phrases possible. Usually, words found in a common Dictionary are used to guess the password.

Downloader

A Trojan that downloads other malware onto your computer system.

Drive-By-Download

When something is downloaded onto a computer accidentally or without a users proper consent. Usually, a malicious Drive-By-Download is installed onto the user’s system without the user even knowing.

Dropper

A Trojan that installs other malware onto your computer system (without the need for an internet connection).

Exploit

An attempt to take advantage of an un-patched vulnerability in a computer system, software or hardware. The exploitation allows malware to be injected into the system.

Generic

A type of malware signature that can detect other pieces of malware within the same family.

Greyware

Software with the potential to be both malicious and legitimate – Usually annoying but harmless.

Heuristic

A technique that identifies common malware patterns. – can benefit generic detections to confirm a potential malware family.

Hijack

When a Hacker takes over a communication channel – A Browser Hijack is an example.

Hoax E-Mail

A fake E-Mail message that “warns” you about a possible malicious detection or security breach – May be linked to Spam or include a malicious attachment.

(Malware) Family

A group of malware variants for one malware name. For example, the ZeuS/Zbot family with many variants.

Joke (Joke Malware)

A piece of software that acts as a joke – may pretend to be malware but in fact be harmless.

Logic Bomb

Malicious code that activates and delivers a payload in response to a trigger (such as a specific date and time). Usually associated with employees placing code into company systems, set to destroy or corrupt data after they’ve left the company’s employment.

Macro Virus

A Virus that uses a Macro Language. For example, a Virus that affects Microsoft Office Documents and Spreadsheets.

Malware

Short for Malicious Software – Any program designed to cause annoyance or harm is Malware. This covers Viruses, Trojans, Worms and more!

Mass-Mailer

A piece of software that purposely sends copies of itself via E-Mail. Usually malicious.

Man-In-The-Browser Attack

When malware makes changes to a website without the website owner knowing. The malicious software is usually a Trojan.

Man-In-The-Middle Attack

When a hacker gets into the middle of network communications. A form of malicious eavesdropping.

Microvirtualizatrion

The concept that we can virtualize, not only an operating System, but all the Processes within it too, under strict rules. Such a concept could help “freeze” and eliminate malware and trace the creators.

Obfuscate

A method of hiding or making code unclear/unreadable. Used by malware writers to make detection difficult.

Payload

The actions of malware – What the specific malware does once installed on your system. For example, the malware may install other malware onto the system or trace keyboard strokes.

Pharming

An attempt to direct Internet users to a fake website that mimics the appearance of a legitimate one, in order to obtain personal information such as passwords. An example of this would be a website that mimics “Ebay” to obtain passwords and potentially financial information.

Phishing

Any attempt to steal money or personal information online – Usually via E-Mail or a fake website mimicking a real one. Sometimes similar to Pharming.

Polymorphic Virus

A Virus that encrypts itself differently each time it infects something.

 Potentially Unwanted Program (PUP)

A program that is not necessarily malicious, but poses an unwanted, potentially malicious or annoying purpose. The program may be fake, have no benefit or simply be irritating. Detected by most Antivirus solutions.

Registry

A database of locations and settings in Windows Operating Systems. It stores all the information about the system, hardware and installed software.

Remote Access Trojan (RAT)

A Trojan that allows Hackers to remotely monitor and control an infected system.

Reverse Engineering (Malware)

The process of purposely analysing malware to find out what it does, what it uses and how to remove/prevent it. Otherwise referred to as Malware Analysis.

Rogue Security Software

Malware or fake software that pretends to be a Security Solution. The software may alert the user to non-existent problems or prevent the user access to files and web pages.

Sandbox(ing)

Isolation of a file under set rules – Used to test software and files for potentially malicious actions.

Signature

A small piece of data extracted from malware to uniquely identify it. Helps Security Solutions detect malicious software or malicious activity.

Spam

Unwanted E-Mail – Usually distributed in high quantity and sent to many addresses. Sometimes targeted. Some include malicious attachments.

Variant

An individual piece of malware.

Virtualization

The process of virtualizing something – Something that is not real. In computing, you can run full software or even an Operating System so that it is virtualized. Nothing is saved unless manually saved by the user. Easily removed.

Web Bug

Code in a web page or E-Mail message used to track data of users viewing the page or message. Usually seen as an invasion of privacy.

Whitelist

A list of legitimate programs used by Security Solutions to narrow down potentially malicious programs and to determine whether a program trying to run is safe or not.

Zero-Day Exploit

An exploit for a vulnerability that has not had a patch released yet. Malware can exploit the vulnerability without any problems.

Zip Bomb

A compressed file that, when uncompressed, expands (on a continuous loop) to an enormous size. Causes the computer system to use up all its resources and processing power; The computer will slow to a halt.

Zombie Computer

A computer system infected with a Backdoor, Bot or RAT. Usually under Remote Control and part of a Botnet.