Security Testing - Malicious Software


Malicious software (malware) is any software that gives partial to full control of the system to the attacker/malware creator.


Various forms of malware are listed below −

  • Virus − A virus is a program that creates copies of itself and inserts these copies into other computer programs, data files, or into the boot sector of the hard-disk. Upon successful replication, viruses cause harmful activity on infected hosts such as stealing hard-disk space or CPU time.

  • Worm − A worm is a type of malware which leaves a copy of itself in the memory of each computer in its path.

  • Trojan − Trojan is a non-self-replicating type of malware that contains malicious code, which upon execution results in loss or theft of data or possible system harm.

  • Adware − Adware, also known as freeware or pitchware, is a free computer software that contains commercial advertisements of games, desktop toolbars, and utilities. It is a web-based application and it collects web browser data to target advertisements, especially pop-ups.

  • Spyware − Spyware is infiltration software that anonymously monitors users which enables a hacker to obtain sensitive information from the user's computer. Spyware exploits users and application vulnerabilities that is quite often attached to free online software downloads or to links that are clicked by users.

  • Rootkit − A rootkit is a software used by a hacker to gain admin level access to a computer/network which is installed through a stolen password or by exploiting a system vulnerability without the victim's knowledge.

Preventive Measures

The following measures can be taken to avoid presence of malware in a system −

  • Ensure the operating system and applications are up to date with patches/updates.

  • Never open strange e-mails, especially ones with attachments.

  • When you download from the internet, always check what you install. Do not simply click OK to dismiss pop-up windows. Verify the publisher before you install application.

  • Install anti-virus software.

  • Ensure you scan and update the antivirus programs regularly.

  • Install firewall.

  • Always enable and use security features provided by browsers and applications.

Anti-Malware Software

The following software help remove the malwares from a system −

  • Microsoft Security Essentials
  • Microsoft Windows Defender
  • AVG Internet Security
  • Spybot - Search & Destroy
  • Avast! Home Edition for personal use
  • Panda Internet Security
  • MacScan for Mac OS and Mac OS X