Malware is classified into two broad categories, based firstly on how it
spreads and propogates to reach its desired targets, and then on the actions
or payloads it performas once a target is reached.
They can also be classified by those that need a host program; those that
are independent, self contained programs; Malware that does not replicate;
and Malware that does replicate.
Some propogation mechanisms are:
- Infection of existing content by viruses that are subsequently spread to other systems
- Exploit of software vulnerabilities by worms or drive-by-downloads to allow the malware to replicate
- Social engineering attacks that convince users to bypass security mechanisms to install Trojans or respond to phishing attacks.
Payload actions performed by malware can include:
- Corruption of system or data files
- Theft of service/make the system a zombie agent of attack as part of a botnet
- Theft of information from the system / keylogging
- Stealthing / hiding its presence on the system
Subsections
