Basics
A Layman's Glossary of Malware Terms
Baffled by bots? Vexed by variants? Some working definitions for the non-technical.
By Scott Berinato
Packer – A tool used to compress and scramble an EXE file. Used to hide the malicious nature of malware and thwart analysis by researchers.
Padonki – A kind of Russian hacker slang in which words, often obscene ones, are purposefully misspelled or bastardized.
Pesdato – English transliteration of a Padonki interjection.
RAT - Remote Access Trojan, malware that allows an attacker to remotely control a infected PC or "bot".
RATs – The nickname for people who write remote access trojans.
RBN – The Russian Business Network. An infamous ISP used by primarily Russian malware groups to host malware and drops. The ISP is reportedly run out of Panama and owned a company operating from the islands of Seychelles, off the eastern coast of Africa. Variously described as "opaque," "dubious," and "shady."
Redirect – A feature of HTTP used to automatically forward someone from one web site to another. In the case of malware, redirects are done invisibly, sometimes inside iFrames.
Rootkit – Code that plugs into and changes the low-level functions of an operating system. Used by malware to hide itself from users and even the operating system itself.
Torpig – A relatively new family of Trojans representing the latest in malware capabilities, including the ability to hide itself and provide backdoor access for installing other configurations, components, or even other Trojans.
Trojan – A program that attempts to hide its malicious code by masquerading as an innocuous program most commonly through the use of a "packer."
Variant – Malware that is produced from the same code base (or "family") as a previous version but is different enough to require new signatures for detection by anti-virus and anti-malware products.
VXer – Originally, a virus writer. Now refers to anyone involved in the production or use of malware.
--Source: SecureWorks, CSO Reporting
Other stories by Scott Berinato
$firstKeyword
Security Directions: A Virtual Conference
Available On Demand Sept. 30 - Dec. 30
Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.
Protecting PII: How to Work with IT to Manage Risk
Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.
- Log Management in a Cyber World
- Implementing Best Practices for Web 2.0 Security
- Upgrading to VMware vSphere with vWire
- Removing Barriers To Better Server Virtualization Efficiency
- Practical Approaches for Securing Web Applications across the Software Delivery Lifecycle
- Staying A Step Ahead of the Hackers: The Importance of Identifying Critical Web Application Vulnerabilities
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
CSO Perspectives
-
April 5-7, 2010Hyatt Regency Santa ClaraClick here for more information!
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
