Net Wire : MALWARE

Q. What is Net Wire?

• Net Wire, which first surfaced in 2012, is a well-known malware.
• It is also one of the most active ones around.
• It is a remote access Trojan, or RAT, which gives control of the infected system to an attacker. Such malware can log keystrokes and compromise passwords.

Q. What are threats posed by it ?

This malware essentially does two things:

1. One is data exfiltration, which means stealing data. Most anti-virus software is equipped to prevent this.
2. The other involves infiltrating a system, and this has proven to be far more challenging for anti-virus software.

• Net Wire is described as an off-the-shelf malware, while something like Pegasus, which used a bug in WhatsApp to infiltrate users’ phones in 2019, is custom-made and sold to nations.

Q. What are Viruses? 

• A computer virus is a type of malware that propagates by inserting a copy of itself into and becoming part of another program.
• It spreads from one computer to another, leaving infections as it travels.
• Viruses can range in severity from causing mildly annoying effects to damaging data or software and causing denial-of-service (DoS) conditions.
• Almost all viruses are attached to an executable file, which means the virus may exist on a system but will not be active or able to spread until a user runs or opens the malicious host file or program.
• When the host code (alternative word for a computer program) is executed, the viral code is executed as well.

Q. What is Ransomware? 

• Ransomware is a type of malicious software that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid.
• While some simple ransomware may lock the system in a way that is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called crypto viral extortion.
• This encrypts the victim’s files, making them inaccessible, and demands a ransom payment to decrypt them.

Q. What are Worms? 

• Computer worms are similar to viruses in that they replicate functional copies of themselves and can cause the same type of damage.
• In contrast to viruses, which require the spreading of an infected host file, worms are standalone software and do not require a host program or human help to propagate.
• To spread, worms either exploit the vulnerability on the target system or use some kind of social engineering to trick users into executing them.
• A worm enters a computer through a vulnerability in the system and takes advantage of file-transport or information-transport features on the system, allowing it to travel unaided.
• More advanced worms leverage encryption, wipers, and ransomware technologies to harm their targets.

Q. What are Trojans? 

• A Trojan is a harmful piece of software that looks legitimate.
• After it is activated, it can achieve any number of attacks on the host, from irritating the user (popping up windows or changing desktops) to damaging the host (deleting files, stealing data, or activating and spreading other malware, such as viruses).
• Trojans are also known to create backdoors to give malicious users access to the system.
• Unlike viruses and worms, Trojans do not reproduce by infecting other files nor do they self-replicate.
• Trojans must spread through user interaction such as opening an email attachment or downloading and running a file from the Internet.

Q. What are Bots? 

• “Bot” is derived from the word “robot” and is an automated process that interacts with other network services.
• Bots often automate tasks and provide information or services that would otherwise be conducted by a human being.
• A typical use of bots is to gather information, such as web crawlers, or interact automatically with Instant Messaging (IM), Internet Relay Chat (IRC), or other web interfaces.
• They may also be used to interact dynamically with websites.