Ethical Hacking: Malware Threats
Course info
Course info
Description
Pluralsight is not an official partner or accredited training center of EC-Council. The easiest way to get into a system or network is to get someone to let us in. Do you pirate software, movies, music, or heaven forbid - an operating system? I'm about 99.999% sure you've already been pwned. Malware is specifically designed to gain access or damage systems without the knowledge of the victim. Malware is on the rise due to the sheer volume of new types that are easily created daily, and the money that can be made through organized Internet crime. We'll talk about the various malware types, including viruses, Trojans, and worms. Now, we won't leave you in despair, we'll also talk about countermeasures and ways to detect these bad boys. This course is part of the Ethical Hacking Series. http://blog.pluralsight.com/learning-path-ethical-hacking
About the author
Dale Meredith received his Certified Ethical Hacker and Certified EC-Counsel Instructor certifications back in 2006, as well as being a Microsoft Certified Trainer since 1998 (yes we had computers back then). Dale takes great pride in helping students comprehend and simplify complex IT concepts.
More from the author
Section Introduction Transcripts
What's a Trojan?
Okay so in this module, we're going to dive into what is a Trojan and I think it can be best summed up by the original wizard, The Wizard of Oz, who said, pay no attention to the man behind the curtain! You remember that part? Because that's exactly what Trojans do or what they represent. Now many people think or feel that malware can be based off the perceived intent of the creator, rather than the actual features that are taking place and what I mean by that is that to some people, things like worms, or viruses, or Trojans equates to destruction or systems getting just totally hammered, yet there are tons of legitimate applications out there that aren't and necessarily intended to be considered malware, but they may be because you don't like it. So in this module, we're going to go through and who's a cute little teddy bear? We're going to look at what a Trojan is, we'll also go through and take a look at what the goals of a Trojan are, which kind of reminds me of another famous movie, Conan, The Barbarian, when asked what his goals were he said, Crush your enemies, see them driven before you, and hear the lamentations of their women. Now that may be a little too much for a Trojan creator, but we'll take a look in detail to see what it is they're trying to accomplish, then we'll go through and take a look at how Trojans actually communicate and how they hide from users and system administrators, and then of course we'll dive in and see how we can determine if we have a Trojan currently. So let's saddle up and see what we can learn.
Trojan Infections
So how easy is it to be infected by a Trojan? Well we're about to talk about that and I'm also about to show you some stuff that hopefully if you're not scared by now, you will be. In fact, I'm reminded of a famous movie and the character in the movie whose name is Morpheus is about to reveal what the Matrix is and he makes this statement. He says this is your last chance. After this, there is no turning back. You take the blue pill - the story ends, you wake up in your bed and believe whatever you want to believe. You take the red pill - you stay in Wonderland, and I'll show you how deep the rabbit hole goes. So this is your choice. The blue pill in this case is to stop watching this course and you continue thinking that you're safe, or your network is safe, or your home systems are safe, or your Android phones or Apple phones are safe, or you can take the red pill and hold my hand. So in this module, we'll go through and we'll take a look at the different types of infections that take place as far as the Trojans are concerned. We'll first learn how to infect a target, we'll then go through and look at different ways that we can get into the target, some of them are extremely easy just because again, users are going to help us, then we'll go through and take a look at different deployment mechanisms that we can utilize, and then we'll show you finally how to evade antivirus with your Trojan. I'm not saying how to get caught, normally we see antivirus we're thinking this is going to catch it for us, no, I want to create my Trojan so that antivirus can't catch it, and more than likely by the time we're done talking about all this, you will ask yourself the question why, oh why, didn't I take the blue pill.
Virus and Worms
Okay, the next piece of malware that we're going to take a look at are viruses and worms. Hope you've been vaccinated. Now I know that these are probably the most common pieces of malware that we get or I should say that they're most talked about and many times these viruses and worms will do unexpected things. You know Oscar Wilde once made the statement of to expect the unexpected shows a thoroughly modern intellect. So as a security professional, you need to expect the unexpected. Now there's a lot of confusion when we talk about viruses and worms, as far as what is what, so we're going to try to clear this up for you. In this module, we're going to go through and take a look at viruses, and worms, and bears, oh my. Nah, we'll actually go through and tell you the differences between a virus and a worm. They have a lot of similarities to them, but there are some very specific things that help differentiate between the two. We'll also take a look at the different types of viruses and worms that are out in the wild, some of them are old classics, nothing like looking at an oldie, but goodie. Now I see that's probably leftover from the last module, huh? We'll also go through and take a look at the lifecycle of a virus and a worm. Yeah, the important part of the lifecycle is probably what we like to consider die, die, then we'll take a look at the signs that you have a virus or a worm, and also the why behind why these folks create these annoyances for us, or little monsters. We'll also go through and take a look at different ways that viruses and worms are deployed, as well as something that's kind of interesting and that is, we see this quite often, are what they refer to as fake viruses. You're like why am I concerned about a fake virus, Dale? If it's fake, who cares? I'll talk to you about that because part of it has to deal with social engineering. So let's get going.
Detecting Malware
So that's great, Dale. You've told us all about malware. You know, the only way to really protect yourself is, well, another great quote. If you know me, you know my quotes. Ed Bradley, who's an American journalist, he's best known for his work on 60 Minutes as a journalist. He once said, "Be prepared, work hard, and hope for a little luck. Recognize that the harder you work and the better prepared you are, the more luck you might have. " And when it comes to detecting malware, that totally sums up your responsibility as a security professional. Be prepared and work hard. So in this module, we're going to take you through and look at how we become a detective, of sorts. In fact, I like to refer to this as the pipe and hat module of Mr. Sherlock Holmes. So we'll go through and we'll take a look at how we actually create a virus and a worm, how easy it is for someone to do this. We'll also go through a take a look of how to investigate most types of malware. And then we'll whip out our utility belt. I got my Batman reference in today. And look at the tools of our utility belt.