Learning malware for fun and profit

Tags:

Preview:

Click to see full reader

Citation preview

LearningMALWARE !for fun and

profitSRINU

sr1nu@ymail.com

OVERVIEW

What is malware?

Types of malwares.

How to create your own malware (Educational purpose only)

Writing signatures to antiviruses.

Evading antiviruses. (Educational purpose only)

What is a malware ? Malware short for malicious software . malware is a piece of software that is designed to disrupt operation , gather information , gain unauthorized access to system resources, and for exploitation purposes.

The malware is a general term used by a computer professionals to mean a variety of forms of hostile , intrusive, or annoying software or programming code.

In simply malware is a set of instructions that run on your computer and make your system do something that an attacker wants it to do.

Types of malwareThere are many types of malwares are there. most common are :

VirusesWormsRootkitsTrojansBackdoors SpywareKeyloggerAdwareCrimewareScareware

This list goes on …………………

What is a Virus?

A computer virus is a program that can replicate itself and spread from one computer to another.

if a computer program is called as a virus it most have the capability to spread from one file to another file and one computer to another computer by means of Network or internet or carried it by a removable devices like CD’s, DVD’s, Floppy disks and USB devices.

in simply virus is a program that can infect other programs by modifying them to include a, possibly evolved, version of itself.

Indications of Virus attack

Hard drive is accessed even when not using the computer.Computer freezes frequently or encounters errors.Computer slows down when programs starts.Files and Folders are missing (god has to know what happened to files).Unable to load operating system files.Browser window freezes.

When computer get infected by Viruses

Don’t having proper antivirus application.Not updating antivirus and operating system and applications.Installing pirated software's and rouge applications.Opening an infected E-Mail attachments.

How to create your own Virus (Educational purpose only)

DEMO

What is a Worm

A computer worm is a self-replicating malware which uses a computer network to send copies of itself to another computer.

However, a computer worm does not need to attach itself to a program in your system like a computer virus does in order to function. A computer worm generally localizes its damage to the computer network by causing increased bandwidth(only applicable to old worm types )

Indications of worm attacks

• Unusual network traffic in pc• Not able to visit websites due to bandwidth is

flooded by worm.• Unusual files in network shares.• Unable to update antiviruses.

How Worm spreads

Peer 2 peer (p2p) networks like uTorrent.

Infected USB devices.

Network shares. Emails

How to create your own Worm (Educational purpose only)

DEMO

Rootkit

Rootkit is a stealthy type of malware designed to hide its existence from processes viewer and other monitor software's.

Types of rootkits

• There are two different types of rootkits. they are :–User Mode rootkit–Kernel Mode rootkit

User Mode

Supervisor /Kernel Mode

Backdoors• A Backdoor is a way in to the system that

allows an attacker to access the victim machine.

• after penetrating the victim machine the attacker installs the backdoor in it.

• it used to access the victim machine.

• Example: NetCat

Backdoor !!!!

Hey got the backdoor. PWNED

Trojan

• Trojan is a piece of software which contains both legitimate code and malicious code.

• performs covert and overt actions.• Frequently embedded in applets, games and

email attachments.• Examples

– Beast– ProRat

Small story about Trojan

How to create your own Trojan (Educational purpose only)

DEMO

Best Tips to Defend Against Malware

Protect your computer with strong security software and

keep updated.

Enable automatic Windows updates.

Be careful when engaging in peer-to-peer (P2P) file-

sharing.

Beware of spam-based phishing

schemes.

Back up your files

regularly.

Writing signatures to antiviruses

Mostly antivirus signature writers use three methods to create signatures They are:

MD5 hashes Byte code Heuristic

AgainDEMO

Evading Antiviruses

AgainAn Awesome

DEMO

Any Queries

SpecialThanks

to

Raghu

chaitu

Imran

Recommended

LOGGING FOR FUN, AND PROFIT
Data & Analytics
Manipulating Memory for Fun & Profit
Documents
XSS for Fun and Profit
Documents
FFT for Fun and Profit
Documents
Prototyping for Fun & Profit
Documents
for Fun and Profit - pages.cs.wisc.edu
Documents
Hacking printers: for fun and profit - andreicostin.comandreicostin.com/papers/Conf - EuSecWest2010_AndreiCostin... · Hacking printers: for fun and profit ... Corporate/Enterprise
Documents
Malware and anti-malware (fun with Trojans) - Z. …z.cliffe.schreuders.org/edu/FS/Malware and anti-malware... · 2014-04-02 · Malware and anti-malware (fun with Trojans) ... with
Documents
Microapps for Fun and profit
Economy & Finance
Hashing for Fun and Profit
Technology
Programming Android for fun and profit · Tristan Roddis, Cogapp. Barcamp Brighton Programming Android for fun and profit
Documents
Abusing RFID for fun & profit. - conference.hackinthebox.orgconference.hackinthebox.org/hitbsecconf2011kul/materials/D1 SIGINT... · Abusing RFID for fun & profit. Youri ”iTdeal”
Documents
Model Transformations for Fun & Profit
Documents
Abusing File Processing in Malware Detectors for Fun and Profit
Documents
Hacking Android for fun & profit -
Documents
Calendars for fun and profit
Documents
Subverting Vista Kernel For Fun And Profit€¦ · Subverting Vista TM Kernel For Fun And Profit Joanna Rutkowska Advanced Malware Labs Black Hat Japan 2006 October 5th, 2006, Tokyo,
Documents
LinuxCNC for Fun & Profit
Engineering
NoSQL For Fun & Profit
Technology
Wikimedia Commons for Fun & Profit
Technology