Introduction

advertisement
Introduction
First of all we know that the viruses are similar to the virus in the human it can damage
the body and copy it self to anther human , so I’d like to say do you know what it’s the
virus !! .
I think in this course you know what the virus mean , but did you know how you can
protect yourself from it .
I don’t care I know or not .
Just me and my friends want to till you about the OS and the virus in it .
Hope you enjoy it .
• The vast majority of viruses target systems running windows . This is due
to Microsoft's large market share of desktop users. The diversity of
software systems on a network limits the destructive potential of viruses
and malware. Open-source operating systems such as Linux allow users to
choose from a variety of desktop environments, packaging tools, etc.,
which means that malicious code targeting any of these systems will only
affect a subset of all users. Many Windows users are running the same set
of applications, enabling viruses to rapidly spread among Microsoft
Windows systems by targeting the same exploits on large numbers of
hosts.
• Only a few major viruses have hit Macs in the last years. The difference in
virus vulnerability between Macs and Windows is a chief selling point, one
that Apple uses in their Get a Mac advertising
Microsoft Window viruses
The most windows viruses known :
• Archiveus
• CIH (computer virus)
• CTX (computer virus)
• Fun.exe virus
• Nimda
• Simile (computer virus)
• Archiveus is a computer virus for Microsoft Windows operating
systems that is used as a method of extortion.
• It is a Trojan horse-type ransomware virus that encrypts the user's
files. The user must then purchase something on specific Web sites to
obtain the password to decrypt the files. In May 2006, it was reported
that the password protection had been cracked and that the
password for restoring the affected files
was:mf2lro8sw03ufvnsq034jfowr18f3cszc20vmw.
• The Fun.Exe virus is of the w32.Assarm family of computer viruses.
According to Symantec[1] it registers itself as a Windows system
process then periodically sends mail with spreading attachments as a
response to any unopened emails in Outlook Express. This virus first
appeared in early 2008 and is now recognized by most anti virus
programs.
• Nimda is a file infecting computer worm. It quickly spread, surpassing
the economic damage caused by previous outbreaks such asCode
Red. Nimda utilized several types of propagation techniques and this
caused it to become the Internet’s most widespread virus/worm
within 22 minutes.
• Win32/Simile (also known as Etap and MetaPHOR) is
a metamorphic computer virus written in assembly
language for Microsoft Windows. The virus was released in the most
recent version in early March 2002. It was written by the virus writer
"Mental Driller". Some of his previous viruses, such
as Win95/Drill (which used the Tuareg polymorphic engine), have
proved very challenging to detect.
Windows Phone
• Whether it’s the Discussions community, with over 600,000 members
or the Nokia Care guys and girls on the ground, you’ll always find
someone to help you get the most from your device .
• If you have one of our award-winning Lumia phones or the excellent
range of Nokia feature phones including Asha, then you have an
operating system that cannot be overwritten by an external program,
and also nothing can be installed without your knowledge, so you are
quite safe from viruses.
Can a Windows Phone handset gat a virus?
• Windows Phone 8 has no known exploits or viruses and the app
sandboxing, chain of trust from the bootloader, and lack of legacy code
from the classic Windows platform make it extremely unlikely to get a
virus. Windows Phone has some of the same stuff that's in Windows,
but it is nothing like the Windows you use on a desktop in terms of
scope and configuration.
• If someone actually did have a virus and was not merely confused by a
different software or hardware problem with their device, then it was
probably a classic Windows Mobile device. Windows Mobile was more
permissive like Android (though probably more secure even still due to
the smaller system scope and central update mechanism).
Android Malwares
• The global market share of Android smartphones and tablets used for
Internet access exceeded 61 percent in the first quarter of 2015.
Nearly 60.85 percent of users worldwide used a mobile device with
an Android operating system to go online.
• Definitive malware numbers for Android devices: G DATA security
experts identified and analyzed 440,267 new malware samples in the
first quarter of 2015
• Financially motivated Android malware makes up around half of the
malware analysis (50.3 percent). This type of malware includes
banking Trojans, ransomware, SMS Trojans.
Android Trojan
• The FakeRun Android Trojan
• does not steal users’ personal
data, It belongs to a vast
family of dummy applications
that do nothing but display
ads that earn money for their
creator
Current Android Malwares
• Here is the some of Android-Malware-Families with their main
capabilities.
• AccuTrack
This application turns an Android smartphone into a GPS tracker.
• Acnetdoor
This Trojan opens a backdoor on the infected device and sends the
IP address to a remote server.
• DroidSheep
This application can capture and hijack unencrypted web sessions
• Source : http://forensics.spreitzenbarth.de/android-malware/
Linux Malwares
Linux malware includes viruses, trojans, worms and other types of
malware that affect the Linux operating system. Linux, Unix like
computer operating systems are generally regarded as very wellprotected against, but not immune to, computer viruses.
There has not yet been a single widespread Linux virus or malware
infection of the type that is common on Microsoft Windows; this is
attributable generally to the malware's lack of root access and fast
updates to most Linux vulnerabilities.
Viruses And Trojans
• If an infected binary containing one of the viruses were run, the
system would be temporarily infected; Linux kernel is memory
resident and read-only. Any infection level would depend on which
user with what privileges ran the binary. A binary run under the root
account would be able to infect the entire system. Privilege escalation
vulnerabilities may permit malware running under a limited account
to infect the entire system.
Linux Threats
Viruses: Coin, Diesel, Hasher
Rootkits : Snakso-A (Web server)
Trojans: Hand of Thief (banking trojan)
Worms: Bad Bunny
Mac OS
The idea that you don’t have to worry about viruses or malware if you have a Mac
is still surprisingly popular. Many people believe that Macs can’t get viruses,
and Apple does little to dispel that notion, but is it really true? Can Macs get
viruses?
A few years ago, Flashback malware exploited a security flaw in Java. It managed to
infect 600,000 Macs, which was roughly 1 percent of the user base. There is a page
about it on Apple’s website.
There have been other problems since then. The KitM.A backdoor application on
OS X was able to take screenshots of user’s desktops. More recently, the Rootpipe
exploit has been proving difficult to fix.
“Mac OS X software has more high-risk vulnerabilities than all versions of Windows
put together,” explains Bogdan, “Apple markets these products as virus-free. They
say you don’t need an antivirus, because they know people hate antivirus software.
These utilities often slow down your computer, so they don’t want to promote
them.”
• Apple has also been criticized for being slow to deal with threats and
shut vulnerabilities down. Rootpipe was discovered in October 2014,
but the fix only came out this month (April 2015), and it only patches
Yosemite, not older editions of OS X. To make matters worse, the
patch doesn’t actually fix the problem properly. Apple’s big rival may
have a bad reputation, but it has taken decisive action to tackle that
perception.
• We have discovered and registered more than 48 million new unique
malware samples this year alone, but more than 98% have been
written for the Windows platform,” says Andreas Marx, AV-Test CEO,
“Less than 5,000 new viruses were written for Mac OS X, but these
kinds of malicious software do exist.”
‫العاملين على المشروع ‪:‬‬
‫‪ -1‬احمد سامي الحلو ‪201220309 .‬‬
‫‪ -2‬عصام عاصم صالحات ‪201220579 .‬‬
‫‪ -3‬قيس محمود طراد ‪201220295 .‬‬
‫‪-4‬‬
Download