Subscriptions | RSS Feeds | Discussions | Polls | Site Map




All Threats

Viruses

Hackers

Spam
Whole site    Viruses
  
Virus Encyclopedia
Riskware
Alerts
Analysis
News
Glossary
Weblog


Malware Environment
Malware Descriptions
Who Creates Malware
History of Malware
Malware Trends
If Your Computer Is Infected

 
Malware Description Search

 

  Home / Viruses / Virus Encyclopedia / Malware Descriptions / Non-Malware

Malware-Related Programs

This is a tricky category, since it includes any legal software that hackers use to penetrate computers. There is no predicting what software might fall into this group, as it depends on the inventiveness of the computer underground. Once software has been identified as usable by hackers, they can download it without the knowledge or consent of a user to a victim machine and control it without triggering antivirus solutions or other security software. If legal software is used skillfully for illegal means, it can be extremely difficult to detect.

Dialers

These programs do not harm the machine they are installed on. However, there can be serious financial consquences if such programs are not detected and deleted. Website owners use such programs to cause infected machines to call pay-to-view sites. More often than not these are pornographic sites. Although the computer itself is undamaged, a large phone bill makes these programs extremely unwelcome to computer and network owners.

Dialers come in two varieties: Trojan dialers and malicious dialers. Trojan dialers are installed without the knowledge or consent of the user and dial pay-to view sites automatically. Dangerous dialers, on the other hand, inform the user of what calls are being made, and how much the calls will cost. Such diallers can be deinstalled using standard procedures. This second group could be classifed as malicious, since the initial installation occurs without the consent of the user, but they offer the user a chance to decide what action to take.

Downloaders

Even legal downloading utilities can be dangerous, since they are usually programmed to function in background regime, without direct intervention from the user. It is easy for a hacker to substitute links to infected resources for safe download sites, leading to malware being downloaded to the victim machine without the user's knowledge.

FTP Servers

These are utilities which can be used to gain remote access to files. Once installed on a system by a hacker, it is possible for remote users to download any files from the victim machine, and also track activity on the infected computer.

Proxy Servers

These utilities were originally developed to secure internal networks by separating internal addresses from external users. However, hackers use them to connect anonymously to the Internet: the address of the proxy-server will be substituted for the hacker's real address.

Telnet Servers

These utilities were developed to provide remote access to resources on other machines. Hackers use them to gain full access to victim machines.

Web Servers

Web servers are utilities providing access to Web pages which are located in a defined area of the file system. They are used by hackers to gain full access to the victim machine file system.

IRC Clients

These utilities provide access to IRC channels. Many IRC clients, especially mIRC, incorporate powerful script languages which automate the IRC client. This functionality can be exploited to write Trojans and IRC worms. When installing a Trojan IRC program on a victim machine, hackers will often also surreptitiously install an IRC client as well.

Monitor

These are legal utilities which monitor computer and user activity. Commercial versions of such utilities exist. Normally information on activity is saved to disk or sent to a specified email address. Monitoring programs differ from Trojan spy programs only in that they do not mask their presence in the system, and it is possible to deinstall them.

PSWTool

Such utilities restore lost passwords. They normally display information about the password on screen or save it to disk. When used in a hacker attack, this information will be sent to the remote attacker.

RemoteAdmin

These remote administration tools provide hackers full control over the victim machine.

Tools

This category includes other free and commercial programs which are frequently used for malicious purposes.

Crackers

These programs are not viruses or trojans, but hacker's programs to hack different kinds of software. Usually they are harmless for installed software and just remove copy and/or key protection in the protected programs.

Bad Jokes and Hoaxes

This group includes programs that do not cause any direct damage to the infected machine. However, they launch fake warnings about purported damage that has or will be done. These can be messages warning users that drives have been reformatted, that a virus has been found, or symptoms of infection have been detected. The possibilities are limited only by the so-called sense of humor of the virus writer responsible for a program.

 

Copyright © 1996 - 2010
Kaspersky Lab
Industry-leading Antivirus Software
All rights reserved
 

Email: webmaster@viruslist.com