1 00:00:08,200 --> 00:00:11,560 Welcome to a brand new section of malware threats. 2 00:00:13,330 --> 00:00:20,720 In this lecture, we learn to describe autism, malware, different ways of malware can get into a system, 3 00:00:21,430 --> 00:00:26,560 common techniques to deploy malware and components of malware. 4 00:00:27,070 --> 00:00:28,930 So let's get started. 5 00:00:29,560 --> 00:00:30,580 What is a malware? 6 00:00:31,360 --> 00:00:40,690 Malware is a software intentionally designed to cause damage to a computer server client uninsured to 7 00:00:40,690 --> 00:00:41,830 harm a system. 8 00:00:43,050 --> 00:00:51,000 Malware is malicious software that damages or disables computer systems and gives limited all full control 9 00:00:51,000 --> 00:00:59,010 of the systems, you might have heard of the term cyber attacks on network devices or computers. 10 00:00:59,670 --> 00:01:04,470 These attacks are carried out by deploying malware on these systems. 11 00:01:05,550 --> 00:01:14,190 The main intention of malware is to gain credentials, information, data breaches and obviously money. 12 00:01:14,490 --> 00:01:20,250 Malware is a malicious software, including any software that acts in the interest of the user. 13 00:01:20,670 --> 00:01:27,510 Malware can affect not only the infected computers, but potentially any other device the infected device 14 00:01:27,510 --> 00:01:28,650 can communicate with. 15 00:01:29,520 --> 00:01:32,850 So malware forms are kind of ch'ien. 16 00:01:33,510 --> 00:01:41,250 Whenever you deploy a malware, it may affect other devices which are not directly affected by a man 17 00:01:41,250 --> 00:01:51,810 with a few examples of malware that can be Trojans, viruses, worms, spyware as botnet Hardaway's 18 00:01:52,140 --> 00:01:53,880 rootkit and Minimoog. 19 00:01:54,380 --> 00:02:00,290 They are going to talk about viruses, worms, Trojans in our upcoming lectures. 20 00:02:00,990 --> 00:02:04,470 So how can your system get affected because of malware? 21 00:02:05,630 --> 00:02:08,480 Insecure patch management, what does that mean? 22 00:02:09,230 --> 00:02:15,900 Whenever I use this term download update patches for software is the website from which the software 23 00:02:15,980 --> 00:02:16,970 are being downloaded. 24 00:02:17,370 --> 00:02:24,860 If the website is infectious or it is attacked by an attacker, instead of downloading a patch, you 25 00:02:25,100 --> 00:02:29,780 can download malware then network propagations. 26 00:02:29,780 --> 00:02:31,610 Like I said, it forms a gene. 27 00:02:32,420 --> 00:02:40,310 If one computer is infected, it can potentially in other computers on the same network email attachments. 28 00:02:41,540 --> 00:02:48,380 Nowadays you have always heard about the word phishing attacks, which are mostly carried out because 29 00:02:48,380 --> 00:02:50,240 of emails, spam emails. 30 00:02:51,040 --> 00:02:57,350 Suppose an attack sends you an email saying here's the opportunity to get a thousand dollars, download 31 00:02:57,350 --> 00:03:00,320 this software and win thousand dollars. 32 00:03:00,850 --> 00:03:08,180 A normal person would surely go for that software, execute the file and he may get, you know, some 33 00:03:08,180 --> 00:03:10,820 advertisement or something or any other thing. 34 00:03:11,300 --> 00:03:16,850 But at the back end, that software may install a backdoor, which in turn is a malware. 35 00:03:17,730 --> 00:03:25,380 And then potentially harm your system, decoy applications like Trojans, for example, if the website 36 00:03:25,380 --> 00:03:32,100 is download or Plenel for the app, which can clean your PC, which can make your PC fast run like a 37 00:03:32,100 --> 00:03:34,290 super computer, but who knows? 38 00:03:34,290 --> 00:03:43,290 It can be a malware portable hardware media, for example, if an attacker has a way to insert a USB 39 00:03:43,290 --> 00:03:48,210 drive to your PC, he can harm your PC by that USB drive. 40 00:03:49,190 --> 00:03:55,370 Instant messenger applications, these applications have also proved to be potentially harmful. 41 00:03:56,150 --> 00:03:59,270 So how do attackers deploy Malawi's? 42 00:04:00,590 --> 00:04:06,890 Black hat search engine optimization, whenever you search anything on the Internet, the results, 43 00:04:06,890 --> 00:04:14,000 it appears on the screens and you click on those links and they lead you to somewhere and by mistake, 44 00:04:14,000 --> 00:04:19,160 a pop up appears and you try to clues that pop up in something gets downloaded. 45 00:04:19,790 --> 00:04:26,630 Well, that is black hard search engine optimization, which means suppose if you are searching for, 46 00:04:26,630 --> 00:04:30,080 let's say, software, which you want as a free of cost. 47 00:04:30,590 --> 00:04:39,710 So attacker can o analyze the results of search engines and try to guess which victim is searching the 48 00:04:39,710 --> 00:04:41,060 word maximum times. 49 00:04:41,510 --> 00:04:44,090 And he can send a malicious link to that software. 50 00:04:44,660 --> 00:04:48,810 And you may end up downloading a malware then social engineering. 51 00:04:49,040 --> 00:04:56,570 The attackers and hackers who are pretty intelligent have a decent skill of social engineering, which 52 00:04:56,600 --> 00:05:03,920 will be learning, which is an art of, you know, humans to tell them to reveal their identity, their 53 00:05:03,920 --> 00:05:12,080 pursuit, then drive by downloads, download from unnecessary websites, non trusted websites, spam 54 00:05:12,080 --> 00:05:12,500 emails. 55 00:05:12,500 --> 00:05:21,770 Again, I told you that spam emails are one of the most highest rated R types of deployment malware 56 00:05:21,920 --> 00:05:25,760 where people end up you downloading some files. 57 00:05:26,660 --> 00:05:29,450 Now, you will ask the question, but Gmail is secure. 58 00:05:29,690 --> 00:05:38,330 Yes, even if Jimin is secure, the application doesn't literally scan through the websites or emails 59 00:05:38,330 --> 00:05:45,050 or files an attacker can send, doesn't have that much of time to scan Laks. 60 00:05:45,050 --> 00:05:48,850 And then millions and thousands of emails which are sent every day. 61 00:05:49,430 --> 00:05:53,630 So educating people about phishing attacks is very important. 62 00:05:55,960 --> 00:05:57,670 What are the components of malware? 63 00:05:58,480 --> 00:06:10,510 Well, crypto downloader, drapeau exploit injector, obfuscatory Bako payload and malicious code. 64 00:06:12,010 --> 00:06:19,240 Components of a malware software relies on the requirements of the malware Otto, who designed it for 65 00:06:19,240 --> 00:06:27,610 a specific target to perform the intended task so may depend upon what task is supposed to be executed. 66 00:06:29,010 --> 00:06:36,330 The first thing is Krypto Krypto is a software that protects malware from undergoing reverse engineering 67 00:06:36,330 --> 00:06:47,110 or analysis, thus making the task of security mechanism harder in the detection downloader download 68 00:06:47,150 --> 00:06:52,880 or type of Trojan that downloads other malware from the Internet onto the PC. 69 00:06:53,730 --> 00:06:59,550 Usually attackers install downloaded software when they first gain access to a system. 70 00:07:00,600 --> 00:07:07,830 Drop, drop, what is a type of Trojan that installs other malware files onto the system, either from 71 00:07:07,830 --> 00:07:10,310 the malware package or on the Internet? 72 00:07:11,360 --> 00:07:17,840 Extortive, we have heard about the bomb exploded in the security terms, let's have a quick revision 73 00:07:17,840 --> 00:07:18,160 here. 74 00:07:19,430 --> 00:07:26,660 Excellent is a malicious code that breaches the system security where software Wednesday's to access 75 00:07:26,660 --> 00:07:28,940 information or install malware. 76 00:07:29,930 --> 00:07:38,150 Injector program that injects its core into other vulnerable running processes and changes the way of 77 00:07:38,150 --> 00:07:44,630 execution in order to hide or prevent its removal obfuscate. 78 00:07:45,530 --> 00:07:53,600 It is a program that concealed its core, an intended purpose, where various techniques and does makes 79 00:07:53,600 --> 00:08:00,710 it really hard for security mechanisms to remove the software from the P.C. payload. 80 00:08:01,940 --> 00:08:03,410 We have also seen Pilou. 81 00:08:03,440 --> 00:08:04,910 Let's have a quick revision. 82 00:08:06,370 --> 00:08:14,370 A payload is a piece of software that allows control over a computer system after it has been exploded. 83 00:08:15,460 --> 00:08:23,860 And finally, a malicious code, a malicious code is a command that defines malware as basic functionalities, 84 00:08:24,280 --> 00:08:27,800 such as stealing data and creating back doors. 85 00:08:28,990 --> 00:08:33,910 So these are the components of malware that are commonly present, namely malware. 86 00:08:35,660 --> 00:08:42,740 In the next election, we will actually see one of the types of malware that is a Trojan.