IT e-Magazine ISSN: 2411-3905
Issue 7, May 2015
(Online)
Special Issues - Computer Threats
The growth of Information Technology has been phenomenal since the middle of the 21 century. It has affected all aspects of life in one way or another. So the objective of this magazine, which released by the department of Information Technology – Lebanese French University (LFU), is to disseminate information on the application of IT and to be a platform for discussing its benefits and its impact on society. We welcome articles that cover and analyze the benefits and impacts of IT applications on the society and which elaborate on their implementation issues. The criteria for selecting articles for the magazine include: the subject area of the article; new ideas about applications and implementation techniques; how well the information is presented; level of interest to other readers; and, the importance to the IT community. All articles will be subject to a reviewing procedure. Hopefully, contributions to this magazine will 'enhance readability for the general IT reader' and 'help direct society towards a more beneficial use of IT'. Editorial Committee item @ lfu . edu . krd
1941, Lorenz SZ42 was made as a German stream cipher machine for used by the German Army during World War II. It was developed by C. Lorenz AG in Berlin; the SZ was derived from Schlüsselzusatz, meaning Cipher Attachment. The instruments implemented a Vernam stream cipher.
43% of online attacks originated in China, more than three times Indonesia in second place with 15% The First Computer Viruses
The first computer virus was "Creeper Virus" that detected on ARPANET in 1971.03.16, it was written by Bob Thomas in Cambridge, USA with Assembly Language. Creeper Virus was infect computers running the TENEX operating system. Creeper caused infected systems to display the message "I'm the creeper, catch me if you can!".
INFORMATION SECURITY TIPS
To be secured, please follow the security tips that listed in page number 5 . To get rid of the computer threats, please follow security tips that listed in page number 26 . ITeM Website: http://www.lfu.edu.krd/item
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
INSIDE THIS ISSUE Page 5
INFORMATION SECURITY TIPS INFORMATION SECURITY TIPS TO BE SECURED
Page 6
Virus Mohammad Salim and other LFUIT students
A program that enters a computer usually without the knowledge of the user. Some viruses are simple and only cause messages to appear on the screen, but others are destructive and can wipe out the computer's memory or cause more severe damage. Viruses infects your computer by different ways : Accepting without reading (When browsing Internet you install programs which pretend to be important for you). Opening e-mail attachments (Unexpected messages from unknown people usually). Who can read this article: Computer Users
Page 8
Worm Harith Abdullah and other LFUIT students
A worm is self-replicating software designed to spread through the network, Typically exploit security flaws in widely used services. Copy of the worm scans the network for another machine that has a specific security hole. Computer worms copy itself to the new machine using the security hole and start replicating. The difference between a worm and a virus is that a virus does not have a propagation vector, it will only effect one host and does not propagate to other hosts. Worms propagate and infect other computers. Majority of threats are actually worms that propagate to other hosts. Who can read this article: Computer Users
Page 10
Spyware Biayrak K. Al-Taie and other LFUIT students
Spyware applications are simply code that behaves much like a virus or worm but does not seek replication once the target system is infected. Its whole purpose is to use viral techniques to hide itself on the victim system and collect a predefined set of information. Spyware may come as part of a "free deal" offer - do not accept free deals, Downloading free utilities, games, toolbars, media players, etc. Opening spam email, clicking on deceptive popups. File sharing programs, visiting corrupt websites, mainstream software applications. Who can read this article: Computer Users
1
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
Page 12
Adware Ali Rabee and other LFUIT students
Adware is unwanted software that uses sneaky and dishonest methods to get installed on your computer, and then changes the behavior of your web browser. Once installed, it does things like causing pop-up windows to open advertisements web pages or changing your home page and/or search engine. The functions may be designed to analyze which Internet sites the user visits and to present advertising pertinent to the types of goods or services featured there. There are many ways your computer could get infected with Adware. Adware can come bundled with shareware or other downloadable software. Who can read this article: Computer Users
Page 14
Malware Ali Makki Sagheer and other LFUIT students
Malware is any software that gets installed on the machine and performs unwanted tasks for some third party's benefit. Any kind of unwanted software that is installed without your adequate consent like Viruses, Worms, and Trojan Horses. Exploiting unpatched security holes or vulnerabilities in older versions of popular software such as Adobe, Java, Windows, Torrent, peer-to-peer (P2P) and file sharing program, Emails , USB Flash drive, Fake security programs and Unknown hyperlinks. Who can read this article: Computer Users
Page 16
Spam Banar Fareed Ibrahim and other LFUIT students
Spam is an email advertising for some products sent to a mailing list or newsgroup. It is flooding the Internet with many copies of the same message, in an attempt to force the message on people who would not otherwise choose to receive it. Most spam is commercial advertising, often for dubious products, get-rich-quick schemes, or quasilegal services. Email addresses posted on websites or in newsgroups attract the most spam. You might also receive spam if you fill out online forms or correspond with certain companies via email. Who can read this article: Computer Users
2
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
Page 18
Spoofing Yahya Tariq Hussaen and other LFUIT students
Spoofing refers to how cyber crooks actually trick their target, by posing as a well-known and trustworthy entity. Web spoofing allows an attacker to create a “shadow copy” of the entire World Wide Web. Accesses to the shadow Web are funneled through the attacker’s machine, allowing the attacker to monitor all of the victim’s activities including any passwords or account numbers the victim enters. Spoofing occurs when a hacker inside or outside a network impersonates the conversations of a trusted computer. Who can read this article: Computer Users
Page 20
Key Logger Harith Abdullah and other LFUIT students
A Keystrokes or key logger is a program that runs in the background or hardware, recording all the keystrokes. Once keystrokes are logged, they are hidden in the machine for later retrieval, or shipped raw to the attacker. Key loggers, as a surveillance tool, are often used by employers to ensure employees use work computers for business purposes only. Such systems are also highly useful for law enforcement and espionage. Attacker checks files carefully in the hopes of either finding passwords, or possibly other useful information. Who can read this article: Computer Users
Page 22
Trojan Horse Sarah Y Yosif and other LFUIT students
It is a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do a lot of damage. Often it depends on the trap doors for bugs that allow unauthorized access to a computer. Most people think of Trojan Horses as viruses, but technically they are malware. The term comes from Greek mythology about the Trojan War, According to legend, the Greeks presented the citizens of Troy with a large wooden horse in which they had secretly hidden their warriors. During the night, the warriors emerged from the wooden horse and overran the city. Who can read this article: Computer Users
3
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
Page 24
Botnet Mazin S AlHakeem and other LFUIT students
A Botnet is a network of computers that infected with malicious software and controlled as a group (without the owners' knowledge), to forward transmissions (including spam or viruses) to other computers on the Internet. The word Botnet is formed from the words ‘robot’ and ‘network’. Hackers use special Trojan Horses (as a Zombie) to breach the security of several users’ computers, take control of each computer and organize all of the infected machines into a network of ‘bots’ that the criminal can remotely manage. Who can read this article: Computer Users Page 26
SECURITY TIPS SECURITY TIPS TO GET RID OF THE COMPUTER THREATS
4
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
INFORMATION SECURITY TIPS To be secured, please follow the following security tips: Keep Your Antivirus Software Up To Date.
Make Sure You have The Latest Operating System Update.
Disable Autorun, Image Previews In Outlook And Read Licensing Agreements. Beware of Clickable Advertisements.
Don’t Open Unknown Link.
Don’t Open Unknown Email.
Visit Websites by Typing The URL into The Address Bar. Try To Use Soft Keyboard if You are Using Public PC.
Don’t Open Any Program Unless You Know it is Legitimate.
Scan Your Computer for Outdated Programs and Be Sure All Your Software is Updated.
5
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
KEEP YOUR ANTIVIRUS SOFTWARE UP TO DATE
Virus A program that enters a computer usually without the knowledge of the user. Some viruses are simple and only cause messages to appear on the screen, but others are destructive and can wipe out the computer's memory or cause more severe damage.
FROM WHERE Viruses infects your computer by different ways : Accepting without reading (When browsing Internet you install programs which pretend to be important for you).
Opening e-mail attachments (Unexpected messages from unknown people usually). Not running the latest updates (running operating system and antivirus updates). Pirating software, music, or movies (Sometimes these files and programs contain viruses).
No antivirus spyware scanner (Especially for MS Windows computers). Downloading any infected software (Make sure you are downloading from a reliable source. Be sure to run your downloads through your antivirus and spyware scanners upon completion).
WHAT IT DOES Viruses can: Damage data files. Destroy files. Make disks unreadable. Delete all your data on hard dish, then causing system failure.
6
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
HOW CAN DETECT IT Common symptoms of a virus infection include: Your computer runs unusually slow or freezes. People are receiving emails from you which you did not send. You get pop-up messages or advertisements. Slower than usual network or Internet speed. Files mysteriously appear or disappear from your computer. Your homepage changes and you cannot change it back. Your hard drive free space keeps shrinking.
HOW TO AVOID IT
Installing anti-virus software on your all your computers. Update your anti-virus software regularly. Use caution when downloading files from the Internet. Back up your files on a regular basis. If a virus destroys your files, at least you can replace them with your back-up copy.
HOW TO GET RID OF IT To remove viruses from a computer install Kaspersky Internet Security 2015: Defends against the latest viruses, spyware & more. Scans & warns you about dangerous weblinks & emails. Group 1-01 : This Poster Prepared by Ashty Shaker Elham Hassan Nazanin Mamand Zhala Hussen Supervisor: Asst. Lecturer Mohammad Salim Department of Information Technology, Lebanese French University - Erbil mohammads@lfu-erbil.net
7
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
MAKE SURE YOU HAVE THE LATEST OPERATING SYSTEM UPDATE
Worms A worm is self-replicating software designed to spread through the network, Typically exploit security flaws in widely used services. Copy of the worm scans the network for another machine that has a specific security hole.
FROM WHERE Computer worms copy itself to the new machine using the security hole and start replicating. The difference between a worm and a virus is that a virus does not have a propagation vector, it will only effect one host and does not propagate to other hosts. Worms propagate and infect other computers. Majority of threats are actually worms that propagate to other hosts. Two parts. • Program to spread worm. o Look for other machines that could be infected. o Try to find ways of infiltrating these machines. • Vector program. o Compiled and run on the infected machines. o Transferred main program to continue attack.
WHAT IT DOES Can cause enormous damage. • Launch DOS attacks, install bot networks. • Access sensitive information. • Cause confusion by corrupting the sensitive information. Tries to infect as many other hosts as possible. • When worm successfully connects, forks a child to continue the infection while the parent keeps trying new hosts.
8
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
Worm did not. Delete system's files, modify existing files, install Trojan horses, record or transmit decrypted passwords, capture super user privileges, propagate over UUCP, X.25, DECNET, or BITNET
HOW CAN DETECT IT
Strange files appeared in infected systems. Strange log messages for certain programs. Infection generates a number of processes. Number of processes grew and systems became overloaded. Systems shut down many times.
HOW TO AVOID IT Known worms detected: Code Red, Nimda, WebDav, Slammer and Opaserv. Get the latest Anti-Virus, Internet Security Software. Make sure you have the latest security patches and hot fixes using Operating System Update.
HOW TO GET RID OF IT
Warms Removal. Install Internet Security. Update your OS. Make sure that security patches are successfully installed. Install it manually if it's not installed successfully. System Administrator. Group 1-02 : This Poster Prepared by Adiba Mohammad Parinaz Sabah Tazra Othman Ramy Sliwa Supervisor: Lecturer Harith A. Hussein Department of Information Technology, Lebanese French University - Erbil harith_abd1981@lfu-erbil.net
9
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
DISABLE AUTORUN, IMAGE PREVIEWS IN OUTLOOK AND READ LICENSING AGREEMENTS
Spyware Spyware applications are simply code that behaves much like a virus or worm but does not seek replication once the target system is infected. Its whole purpose is to use viral techniques to hide itself on the victim system and collect a predefined set of information.
FROM WHERE Spyware may come as part of a "free deal" offer - do not accept free deals, Downloading free utilities, games, toolbars, media players, etc. Opening spam email, clicking on deceptive popups. File sharing programs, visiting corrupt websites, mainstream software applications. The Most Famous Spyware Threats are Gator, CoolWebSearch, 180SearchAssistant and Huntbar.
WHAT IT DOES HARD WARE Spyware won't damage your hardware. SOFTWARE Spyware can take up an enormous amount of your computer's resources, making it run slowly, lag in between applications or while online, frequent system crashes or freezes and even overheat your computer causing permanent damage, harmful websites or fraudulent ones. DATA It can steal personal information that can be used for identity theft, including browsing history, email accounts, saved passwords used for online banking and shopping in addition to social networks.
10
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
HOW CAN DETECT IT Here are some signs that your computer might be infected with spyware: You notice new toolbars, links, or favorites that you didn't intentionally add to your web browser. Your home page, mouse pointer, or search program changes unexpectedly. You type the address of a specific website into your web browser, but you're taken to a completely unrelated website. You see pop-up ads, even if your computer isn't connected to the Internet.
HOW TO AVOID IT Be selective about what you download to your computer. Make sure you really need a program before downloading it. Read licensing agreements Watch out for anti-spyware scams. The Web is rife with "anti-spyware" tools that do little or nothing to prevent spyware.
HOW TO GET RID OF IT Make sure that your anti-virus and anti-spyware software are compatible like SpyHunter, Ad-Aware Free Antivirus+, SuperAntiSpyware Free Edition, Spybot Search & Destroy, Bitdefender, Kaspersky, Norton, F-Secure, AVG, Eset NOD32. Installing a firewall or using the firewall that's built into your Windows. Group 1-03 : This Poster Prepared by Zhyar khalid Rawand Mikaeel Mohammed sherzad Hawzhen Rahman Supervisor: Biayrak Al-Taie Department of Information Technology, Lebanese French University - Erbil
dr.baiyrekaltaie@lfu-erbil.net
11
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
BEWARE OF CLICKABLE ADVERTISEMENTS
Adware Adware is unwanted software that uses sneaky and dishonest methods to get installed on your computer, and then changes the behavior of your web browser. Once installed, it does things like causing pop-up windows to open advertisements web pages or changing your home page and/or search engine.
FROM WHERE The functions may be designed to analyze which Internet sites the user visits and to present advertising pertinent to the types of goods or services featured there. There are many ways your computer could get infected with Adware. Adware can come bundled with shareware or other downloadable software. Another method of distributing Adware involves tricking you by displaying deceptive popup ads that may appear as regular Windows notifications with links which look like buttons reading Yes and No. No matter which "button" that you click on, a download starts, installing Adware on your system. Adware installs on your computer through a Trojan and may infect your system without your knowledge or consent.
WHAT IT DOES The phrase adware could describe a form of spyware that collects information about the user in order to display advertisements in the Web browser. Unfortunately, some applications that contain adware track your Internet surfing habits in order to serve ads related to you. When the adware becomes intrusive like this, then we move it into the spyware category and it then becomes something you should avoid for privacy and security reasons.
12
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
HOW CAN DETECT IT Adware may attempt to change your computer's desktop, hijack your browser, monitor your Internet browsing activities, change system files, and can do this without your knowledge or permission. Therefore, it is strongly recommended to remove all traces of Adware from your computer.
HOW TO AVOID IT Be selective about what you download to your computer. Make sure you really need a program before downloading it. ... Read licensing agreements. ... Watch out for anti-spyware scams. ... Beware of clickable advertisements.
HOW TO GET RID OF IT Programs have been developed to detect, quarantine, and remove advertisementdisplaying malware, including Ad-Aware, Adw-Cleaner, Malwarebytes' AntiMalware, Spyware Doctor and Spybot-Search & Destroy. In addition, almost all commercial antivirus software currently detect adware and spyware, or offer a separate spyware detection package. Group 1-04 : This Poster Prepared by Hawta Abdulrahman Muhamad Abuzaed Kawa Abdulla Supervisor: Lecturer Ali R. Hashim Department of Information Technology, Lebanese French University - Erbil alirh@lfu-erbil.net
13
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
DON’T OPEN UNKNOWN LINK
Malware Malware is any software that gets installed on the machine and performs unwanted tasks for some third party's benefit. Any kind of unwanted software that is installed without your adequate consent like Viruses, Worms, and Trojan Horses.
FROM WHERE Exploiting unpatched security holes or vulnerabilities in older versions of popular software such as Adobe, Java, Windows. Torrent, peer-to-peer (P2P) and file sharing program. Emails. USB Flash drive. Fake security programs. Unknown hyperlinks.
WHAT IT DOES Deleting files, reformatting the hard disk, or using up computer memory. Transmit information about your Web-browsing habits to advertisers or other third party interests, unbeknownst to you. Can range from being simple annoyances (pop-up advertising) to causing serious computer invasion and damage (stealing passwords and data or infecting other machines on the network).
HOW CAN DETECT IT • Analyze system behavior (infection like system slowdown, increase in boot time, application crashes)
• Analyze program behavior (Network access, File open, Attempt to delete file, Attempt to modify the boot sector)
14
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
HOW TO AVOID IT
Turn on malware warnings on browser. Make sure automatic updating to the latest security updates. Keep your firewall turned on. Don't open spam email messages or click links on suspicious websites. Scan your computer usually.
HOW TO GET RID OF IT Download and run anti-malware or antivirus program, such as: Microsoft Safety Scanner, BitDefender , Kaspersky Virus Removal Tool, Malwarebytes, Or Norman Malware Cleaner Group 1-05 : This Poster Prepared by Umed Ziyad Taha Farman H. Rasul Ali Jaafar Murad Kazhar Karim Qortas Supervisor: Dr. Ali Makki Department of Information Technology, Lebanese French University - Erbil
ali@lfu-erbil.net
15
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
DON’T OPEN UNKNOWN EMAIL
Spam Spam is an email advertising for some products sent to a mailing list or newsgroup. It is flooding the Internet with many copies of the same message, in an attempt to force the message on people who would not otherwise choose to receive it. Most spam is commercial advertising, often for dubious products, get-richquick schemes, or quasi-legal services.
FROM WHERE Email addresses posted on websites or in newsgroups attract the most spam. You might also receive spam if you fill out online forms or correspond with certain companies via email. From software called Spamware that automatically searches the Web to collect what it recognizes as email addresses.
WHAT IT DOES Slowdown of mail traffic / breakdown of server. Spam filters are needed.
HOW CAN DETECT IT • Unknown webpages are opened. • Network breakdown.
16
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
HOW TO AVOID IT Don’t give out your email address online. Never respond to spam. Look for links: If an email contains a link and you don’t recognize the sender, chances are it is spam. Hover your mouse over any link to see the destination in your browser or email client’s status bar. Use a Good Email Filter. Keep Antivirus updated.
HOW TO GET RID OF IT • Report spam. Before you delete your spam, forward your spam to: spam@uce.gov. This is the Spam box for FTC (Federal Trade Commission). Mail sent to this box is investigated. If it is indeed spam, the original sender can be charged $500 per email. The more mail they get from different users but same spammer, the more it's likely to be investigated • Use Filters: A second way to stop spam is to use your email application's filtering features. Most email applications allow you to block specific messages. When an offending email comes in, set the filter to block further incoming mails from that sender. • Run Internet Security Software such as kaspersky. Group 1-06 : This Poster Prepared by Hardi Tahseen Snowwhitee Ali Husen Mohamad Najm Supervisor: Asst. Lecturer Bnar Fareed Department of Information Technology, Lebanese French University - Erbil
banar_fareed@lfu-erbil.net
17
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
VISIT WEBSITES BY TYPING THE URL INTO THE ADDRESS BAR
Spoofing Spoofing refers to how cyber crooks actually trick their target, by posing as a well-known and trustworthy entity. Web spoofing allows an attacker to create a “shadow copy” of the entire World Wide Web.
FROM WHERE Accesses to the shadow Web are funneled through the attacker’s machine, allowing the attacker to monitor all of the victim’s activities including any passwords or account numbers the victim enters. Spoofing occurs when a hacker inside or outside a network impersonates the conversations of a trusted computer.
WHAT IT DOES Malicious party impersonates another device or user on a network in order to launch attacks against network hosts to interrupt legitimate web traffic, steal sensitive data, spread malware or bypasses access controls. The email can redirect you to a spoofed website (e.g., an imitation of an online banking site), where your account details and password can be stolen. The attacker can also cause false or misleading data to be sent to Web servers in the victim’s name, or to the victim in the name of any Web server.
HOW CAN DETECT IT Confidential company information has leaked out and nobody knows how it could have happened. You receive report about intrusion into their online bank account or into their email account. You should always be careful of any e-mail you receive asking for money or sensitive information, even if it appears to be from someone you know and trust.
18
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
HOW TO AVOID IT
Never respond to emails that request personal financial information. Visit websites by typing the URL into the address bar. Keep a regular check on your accounts. Always report suspicious activity.
HOW TO GET RID OF IT By enabling firewall, the packet filter will examines the header of each packet. We can monitor packets using network-monitoring software with Microsoft Network Monitor. By downloading GFI MailEssentials with Avira which is offers comprehensive protection against today’s growing email threats. Group 1-07 : This Poster Prepared by Fatma Musher Hawkar Hussen Paresa Amed rekan mamand Supervisor: Dr. Yahya Tareq Department of Information Technology, Lebanese French University - Erbil
dr.yahya@lfu-erbil.net
19
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
VISIT WEBSITES BY TYPING THE URL INTO THE ADDRESS BAR
Key Logger A Keystrokes or key logger is a program that runs in the background or hardware, recording all the keystrokes. Once keystrokes are logged, they are hidden in the machine for later retrieval, or shipped raw to the attacker.
FROM WHERE Key loggers, as a surveillance tool, are often used by employers to ensure employees use work computers for business purposes only. Such systems are also highly useful for law enforcement and espionage. Attacker checks files carefully in the hopes of either finding passwords, or possibly other useful information. Key logger can Hardware or Software. Hardware: Inline devices that are attached to the keyboard cable, Devices which can be installed inside standard keyboards, Actual replacement keyboards that contain the key logger already built-in. Software: Can capture both keys pressed and screenshots.
WHAT IT DOES Wiretap Pro: Specializes in Internet monitoring. Records chats, emails, web sites visited. Ardamax Keylogger: Monitors user activity in an encrypted way. Data is stored as text or web page. Used to maintain backups or monitor kids. Magic Lantern: Developed by the FBI. Installed remotely via email attachment. Sends encrypted logs to desired email. Tracks all users activity. 20
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
HOW CAN DETECT IT
Check USB ports and PS/2. Check programs installed. Check your sent e-mails. The popular keystrokes software.
HOW TO AVOID IT Have your computer up to date with: Keep net firewall on. Anti-keystrokes. Anti-spywares. Anti-viruses. Also we can maintain a practice of using only the soft keyboard (on screen). Try to use soft keyboard if you are using public PC.
HOW TO GET RID OF IT
Anti-keystrokes Anti-spywares. Anti-viruses. Enable Firewall. Remove suspicious devices. Group 1-08 : This Poster Prepared by Khanda Nizam Oras Ihssan Roshna Kasim Sara Tahir Supervisor: Lecturer Harith A. Hussein Department of Information Technology, Lebanese French University - Erbil harith_abd1981@lfu-erbil.net
21
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
DON’T OPEN ANY PROGRAM UNLESS YOU KNOW IT IS LEGITIMATE
Trojan Horse It is a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do a lot of damage. Often it depends on the trap doors for bugs that allow unauthorized access to a computer. Most people think of Trojan Horses as viruses, but technically they are malware. The term comes from Greek mythology about the Trojan War, According to legend, the Greeks presented the citizens of Troy with a large wooden horse in which they had secretly hidden their warriors. During the night, the warriors emerged from the wooden horse and overran the city.
FROM WHERE Trojan horses are a cod of programs that masquerade as regular programs, such as games, disk utilities, and even antivirus programs. However, Trojan horses don't replicate themselves.
WHAT IT DOES Once you double-click the program, it starts writing over certain parts of your hard drive, corrupting your data. Though it is possible for a Trojan horse to be attached to a virus file that spreads to multiple computers. Data √
Operating System √
22
Hardware ×
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
HOW CAN DETECT IT If your computer acting weird? Do pop-ups keep appearing on your screen even when you're not browsing the internet? Some actual Trojan filenames include: “dmsetup.exe” and “LOVE-LETTER-FORYOU.TXT.vbs” .If so you may be infected with a Trojan horse.
HOW TO AVOID IT Know the source. Ask questions. Even when you trust the source, it’s easy for a Trojan to impersonate a user when it has control of their computer. Ask questions to determine what the file is before you download. Expect the file. If you weren’t expecting a file transfer or attachment, then don’t download it until you check with the sender personally. Does everything make sense? If it looks suspicious, it probably is. File types, filenames, and descriptions should all agree. Even when everything else is in order, check the contents with virus scanners.
HOW TO GET RID OF IT Most antivirus programs such as AVG Anti-Virus can catch Trojan horses when scanning for a viruses, you can install a Trojan Horse removal. Group 1-09 : This Poster Prepared by Ranj Sabah Sarmand Hauro Halmat Ayub Yunis jalil Supervisor: Sarah Y. Yousif Director of QA-LFU, sarahyyosif@lfu-erbil.net
23
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
SCAN YOUR COMPUTER FOR OUTDATED PROGRAMS AND BE SURE ALL YOUR SOFTWARE IS UPDATED
Botnet A Botnet is a network of computers that infected with malicious software and controlled as a group (without the owners' knowledge), to forward transmissions (including spam or viruses) to other computers on the Internet. The word Botnet is formed from the words ‘robot’ and ‘network’. Hackers use special Trojan Horses (as a Zombie) to breach the security of several users’ computers, take control of each computer and organize all of the infected machines into a network of ‘bots’ that the criminal can remotely manage.
FROM WHERE They can use the vulnerabilities and outdated software in your system to infect it while you’re casually surfing the web. They can be delivered by Trojans or questionable software you get tricked into downloading (like rogue antivirus programs). They can be sent directly to your inbox as an email attachment by spammers or even by the infected computer of one of your friends.
WHAT IT DOES Botnet can do anything you can imagine doing with a collection of networked computers, like make an attack on the official computers or Bank servers, stealing information, overloading servers, sending spam, Distributed Denial-of-Service Attacks (DDoS), Keylogging, Hosting of Illegal Software, Google AdSense Abuse & Advertisement Addons.
24
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
HOW CAN DETECT IT
Internet Relay Chat Traffic. Connection attempts with known servers. Multiple machines on a network making identical DNS requests. High outgoing SMTP traffic. Unexpected popups. Slow computing and high CPU usage. Outbound messages (email, social media, instant messages, etc) that weren’t sent by the user. Problems with Internet access.
HOW TO AVOID IT
Be extra-careful with e-mail attachments. Ignore suspicious web ads and pop-ups. Choose your internet security software carefully. Make sure all your software is updated.
HOW TO GET RID OF IT Installing effective anti-malware software will help to protect your computer against Trojans, Zombies and other threats. We recommend “BullGuard Internet Security” and “Kaspersky Internet Security”. Group 1-10 : This Poster Prepared by Razhan Hunar Banaz Muayad Rangen Talhat Helin R. Kawes Supervisor: Dr. Mazin S. Ali Department of Information Technology, Lebanese French University - Erbil
dr.mazin@lfu.edu.krd
25
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
TO GET RID OF THE COMPUTER THREATS To get rid of the computer threats, please follow the following security tips: Computer Threats
To get rid of it
Viruses
Use Kaspersky Internet Security 2015
Worms
Use Warms Removal, Install Internet Security, Update your OS, and Make sure that security patches are successfully installed.
Make sure that your anti-virus and anti-spyware software are compatible like (SpyHunter, Ad-Aware Free Antivirus+, SuperAntiSpyware Spyware
Free Edition, Spybot Search & Destroy, Bitdefender, Kaspersky, Norton, FSecure, AVG, Eset NOD32).
Installing a firewall or using the firewall that's built into your Windows. Use anti Adware like Adware
(Ad-Aware, Adw-Cleaner, Malwarebytes' Anti-
Malware, Spyware Doctor and Spybot-Search & Destroy).
Use any commercial antivirus software. Download and run anti-malware or antivirus program like Malware
(Microsoft Safety Scanner, BitDefender , Kaspersky Virus Removal Tool, Malwarebytes, Or Norman Malware Cleaner).
Spam
Forward your spam to ‘spam@uce.gov’ to charge the spamer $500 per email. Use your email application's filtering features to block specific messages. Run Internet Security Software such as kaspersky.
Spoofing
Enabling firewall. Use Microsoft Network Monitor to monitor packets. Use GFI Mail Essentials with Avira.
26
ITeM | Issue 7, May – 2015 :
Special Issues - Computer Threats
Key Logger
Use Anti-keystrokes, Anti-spywares and Anti-viruses. Enable Firewall. Remove suspicious devices.
Trojan Horse
Use AVG Anti-Virus. Use a Trojan Horse Removal software.
Botnet
Use effective anti-malware software. Use BullGuard Internet Security or Kaspersky Internet Security.
27
Readers of IT e-magazine are invited to submit their articles that are consistent with the objective of this magazine for publishing in the future issues, to ITeM’s editorial committee at : item@lfu.edu.krd . Deadlines: - Submissions due: 8th of the Month - Author notification: 10th of the Month - Publish date: 15th of the Month
This issue powered by Turnitin to enforce the high level of originality.
www.lfu.edu.krd/item item@lfu.edu.krd +964 751 020 5916