Basics
A Layman's Glossary of Malware Terms
Baffled by bots? Vexed by variants? Some working definitions for the non-technical.
By Scott Berinato
September 01, 2007 — CSO — 76service – A group that orchestrated attacks using the Gozi Trojan and pioneered a service used to provide clients with subscriptions to stolen data feeds provided by those attacks.
Blind Drop – A drop that is well hidden and is designed to run while unattended, until an attacker comes to collect the data. In the case of remote access Trojans, can also refer to file hidden locally.
Bot – A computer infected with software that allows it to be controlled by a remote attacker. Also used to refer to the malware itself which allows that control.
Carder – Someone who trades in stolen credit card and cardholder data.
Downloader – A small piece of code, usually a single instruction, used in the payload of an exploit to silently fetch a malicious EXE file from the attacker's server.
Drop – A clandestine computer or service [such as e-mail account] that collects data stolen by a Trojan.
Dump – As a noun, used interchangeably with “drop.” As a verb it means to transfer data onto a machine for analysis, or to discard an exe after reverse engineering.
exe – A Windows executable program. In a malware attack, the "exe" refers to the malicious progam which infects the victim's PC.
Exploit – Code used to take advantage vulnerabilities in software code and configuration, usually to install malware.
Form-grabber – A program that steals information submitted by a user to a web site. (Originally forms were the only way to submit user input to a web server, but now the meaning has changed to encompass any HTTP communication using a POST request.)
Gozi – One of a family of Trojans written by Russian RATs known as the HangUp Team, used in a string of attacks orchestrated by a group known as 76service.
iFrame – A special tag used to load one web page into a part of another webpage. Used by iFramers to load malicious code, often JavaScript, onto an otherwise trusted page.
iFramer – A person who places a malicious IFRAME (in-line frame) tag into web pages, usually on compromised web sites, and then charges malware developers for access to those iFrames as a distribution method for Trojans.
Keylogger – A program that logs user input from the keyboard, usually without the user's knowledge or permission.
Malware – Any executable code that uses a computer in a way not authorized by it's owner. Includes Trojans that install backdoors, spyware, bot clients, keyloggers, worms, viruses, or other malicious code.
$firstKeyword
Log Management in a Cyber World
With so many potential cyber villains poking around the gates, enterprises must have strong protections and pristine visibility into what's happening on the network. Explore the increasing importance of log management as cybercrime and other malicious threats grow.
Comparing Research in Motion and Microsoft Mobile Solutions
Organizations must look carefully at the requirements of mobile devices and accompanying middleware that can increase cost, complexity and administrative overhead. This white paper provides an independent analysis and detailed comparison of RIM and Microsoft's mobile solution.
- PCI DSS Compliance in the UNIX/Linux Datacenter Environment
- The Pursuit of a Standardized Solution for Secure Enterprise RBAC
- Building a Secure and Compliant Windows Desktop
- Root Access Risk Control for the Enterprise
- Cyber Crime: A Clear and Present Danger
- Gene Kim's Practical Steps to Achieve and Maintain NERC Compliance
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
CSO Perspectives
-
April 5-7, 2010Hyatt Regency Santa ClaraClick here for more information!
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
