Portfóliobibliodigital

http://portfoliobibliodigital.blogspot.pt/

What is a Virus and Anti-

Virus?
Lesson Plan:
 1 - What is a virus?
 2 - Main causes of
contamination
 3 - Timeline - Evolution of
Viruses
 4 - Statistical Data on Viruses
 5 - Crackers and hackers
 6 - Types of Viruses
Lesson Plan (continued):
 7 - The New Media Technology
 8 - To detect, prevent and
combat the virus
 9 - Conclusion
Goals:

 By fostering a greater knowledge use prevent

measures to combat the virus and its
derivatives.

 Clarify the trainees on the main existing

viruses.

 Encourage behavioral change to increase the

safety of all.
What is Virus?
 In computer language, a
computer virus is a malicious
software developed by
programmers who, like a
biological virus infects the
system, makes copies of itself
and tries to spread itself to other
computers, making use for this
Causes of Contamination:
1st - Most contamination occurs by the
action of the user:
- running an infected file received as
an attachment to an e-mail
- through infected files on flash drives
or CDs.

2nd - Outdated operating system - without

security enhancement, which may fix
known vulnerabilities of operating systems
or applications, which can cause the
reception and execution of the virus
Timeline - Evolution of the virus
 1983 - The researcher Fred Cohen (Ph. D. in
Engineering. Electrical at the Univ. Of Southern
California), in their research programs called
malicious code, "Computer Viruses". In the
same year, Len Eidelmen demonstrated at a
seminar on computer security, a program in a
self-replicating system VAX11/750. This could
settle in various parts of the system.

 1984 - In 7th Annual Information Security

Conference, the term computer virus was
defined as a program that infects other
Timeline - Evolution of the virus
(continued)
 1986 - Discovered the first virus for PC. It was
called Brain, was the class of viruses Boot,
damaged the boot sector of the hard disk. The
shape of the spread was contaminated by a
floppy disk. Despite the Brain is considered the
first known virus, the title belongs to the first
malicious code EIK Cloner, written by Rich
Skrenta.

 1987 - Comes the first Computer Viruses

written by two brothers, Basit and Amjad has
been dubbed as 'Brain', although it is also
known as: Lahore, Brain-a, Pakistani, Pakistani
Brain, and UIU. The Brain Virus Boot Virus
Timeline - Evolution of the virus
(continued)

 1988 - It appears the first antivirus, by Denny

Yanuar Ramdhani in Bandung, Indonesia.
First Antivirus to immunize the system against
the Brain virus, extracted the entire virus from
the computer and immunized the system
against further attacks of the same pest

 1989 - Appears the Dark Avenger,

contaminating computers quickly, but its
damage is very slow, allowing the virus to pass
unnoticed. IBM provides the first commercial
Timeline - Evolution of the virus (continued)

 1992 – Michelangelo, the first virus to appear

in the media. It is scheduled to re-record in
parts of hard disk drives by creating folders
and files with false content on March 6,
birthday of Renaissance artist. The antivirus
software sales have skyrocketed.

 1994 - Virus Name Pathogen, made ​in

England, is sought and found by Scotland Yard
and the author is sentenced to 18 months in
prison. It is the first time that the author of a
virus spreading code is processed by the
Timeline - Evolution of the virus (continued)

 1995 - Concept name of the virus, the first

macro virus. Written in Basic Microsoft Word,
can run on any platform with Word - PC or
Macintosh. The Concept spreads easily
because it multiplies through the boot sector,
spreading to all executable files.

 1999 - The Chernobyl virus, eliminating

access to hard drive and do not let the user
access the system. Its appearance was in
April. Its contamination was low in the United
States but caused damage to other countries.
Timeline - Evolution of the virus
(continued)

 2000 - The virus LoveLetter, started in the

Philippines, swept Europe and the United
States in six hours. Infected about 2.5 million to
3 million machines. Caused damage estimated
at $ 8.7 billion.

 2001 - The "fashion" are the type of malicious

code Worm (proliferate on Web pages and
mainly via e-mail). The name of one of them is
the VBSWorms Generator, which was
developed by a programmer Argentina only 18
years.
Timeline - Evolution of the virus (continued)

 2007 – By 2006 and 2007 there have been

many instances in Orkut virus that is able to
send scraps (messages) automatically to all
contacts in the victim's social network, and
steal passwords and bank accounts of an
infected computer by capturing keystrokes and
clicks. Although those who receive the
message having to "click" a link to become
infected, the relationship of trust between
friends increases the possibility for the user to
"click" without suspecting that the link leads to a
worm. Clicking on the link, a very small file is
downloaded to the user's computer. He takes
care of downloading and installing the
Statistics:
 Until 1995 to 15,000 known viruses;
 Until 1999 to 20,500 known viruses;
 Until 2000 to 49,000 known viruses;
 Until 2001 to 58,000 known viruses;
 By 2005 - Approximately 75,000 known
viruses;
 By 2007 - Approximately 200,000 known
viruses;
 Until November 2008 - More than 530,000
known viruses.
 Until March 2012 - More than 950,000 known
viruses.
Crackers e hackers
 In the 90 were computer enthusiasts, knew
many programming languages ​and almost
always young, they created their virus, often
know how they could spread. Today is
completely different, they are people who attack
other machines for criminal purposes with a
goal set: to capture banking passwords,
account numbers and privileged information
that they arouse attention.
Continued on the next
 Some say crackerpage and hackerare the same,
but technically there are differences:
Hacker
 They are breaking passwords, codes and
security systems for pure pleasure to find
such flaws.

 Concerned to know the intimate functioning of

a computer system, ie, without intent to harm
or invade operating systems or database.

 Generally a hacker does not like being

mistaken for a cracker.
Cracker
 It is the criminal who steals virtual people using
their knowledge, using various strategies.

 Their interest is basically vandalism.

 Exists a veritable black market of computer

viruses, where certain sites, mainly Russians,
offer downloads of virus and kits for anyone
who can afford it, become a Cracker, which is
called “the tertiary "activity.
Types of viruses:
 Boot virus - one of the first types of viruses known
to infect the boot operating system. Thus, it is
activated when the hard drive is connected and
the operating system is loaded.

 Time Bomb - viruses like "bomb" are programmed

to activate at certain times, defined by its creator.
Once infected a system, the virus will only become
active and cause any harm on or before the time
set. Some viruses have become famous as the
"Friday the 13th", "Michelangelo," "Eros" and "April
1 (Conficker)."
Types of viruses:
(Continued)
 Worms - as interest to make it a virus is spread
as widely as possible, the developers
sometimes put aside the desire to damage the
infected users' system and began to plan their
viruses so that only replicate without the aim of
causing serious damage to the system. Thus,
the authors intended to make his most known
in the Internet. This type of virus came to be
called worm. They are more refined, there is
already a version that by attacking the host
machine, not only replicates but also spreads
via the Internet, by e-mails that are registered
Types of viruses: (Continued)
 Torjans or Trojan horses - bring in its wake a
separate code, which allows a stranger to access
the infected computer or collect data and send
them over the Internet to a stranger, without
notifying the user. These codes are called Trojans
or Trojan horses.

 Initially, the Trojans allowed the infected computer

could receive external commands without the
user's knowledge. Thus the attacker could read,
copy, delete and modify data in the system.
Currently the Trojans looking to steal user's
sensitive data, such as banking passwords.
Types of viruses:
(Continued)
 Currently, Trojan horses do not come exclusively
carried by viruses, are now installed when the user
downloads a file from the Internet and executes it.
Practice effective because of the huge amount of
fraudulent e-mails that arrive in users' mailboxes.
These emails contain a web address for the victim
to download the Trojan horse, instead of the file
that the message claims to be. This practice is
called phishing, expression derived from the verb
to fish, "fish" in English. Currently, most Trojans
aimed at banking sites, "fishing" the password
entered by users of infected PCs. There is also the
Trojans that are downloaded on the Internet
Types of viruses: (Continued)
 Also, the Trojans can be used to prompt the
user to fake websites where without your
knowledge, are downloaded trojans for criminal
purposes, as happened with the Google links:
a security breach could lead a user to a fake
page. For this reason the service has been
down for a few hours to fix this bug, otherwise
people do not distinguish the fake from the
original site would be affected.
Types of viruses: (Continued)
 Another consequence is the computer
becomes a zombie and, without the user
noticing, perform actions such as sending
spam, send itself to infect other computers and
servers to attacks (DDoS usually one, an
English acronym for Distributed Denial of
service). Although only one micro of a network
is infected, it can consume almost all the
bandwidth of Internet connection with such
actions even if the computer is not used, just
connected. The goal often is to create a large
network of zombie computers, which together
Types of viruses:
(Continued)
 Hijackers - are programs or scripts that "hijack"
Internet browsers. When this occurs, the hijacker
changes the browser home page and prevents the
user to change it, displays advertisements in pop-
ups or new windows, install toolbars in the browser
and may prevent access to certain sites (such as
antivirus software sites , for example).
Types of viruses: (Continued)
 Estado Zumbi - num computador ocorre
quando é infectado e está a ser controlado por
terceiros. Podem usá-lo para disseminar, vírus,
keyloggers, e procedimentos invasivos em
geral. Geralmente esta situação ocorre quando
a máquina tem o seu Firewall e ou Sistema
Operativo desactualizados.
 Segundo estudos nesta área, um computador
que está na internet nessas condições tem
quase 50% de hipótese de se tornar uma
máquina zumbi, que dependendo de quem
está controlando, quase sempre com fins
Types of viruses: (Continued)
 Vírus de macro (ou macro vírus) - vinculam as suas
macros a modelos de documentos gabarito e a outros
arquivos de modo que, quando um aplicativo carrega o
arquivo e executa as instruções nele contidas, as
primeiras instruções executadas serão as do vírus.

 Vírus de macro são parecidos com outros vírus em

vários aspectos: são códigos escritos para que, sob
certas condições, este código se "reproduza", fazendo
uma cópia dele mesmo. Como outros vírus, eles
podem ser escritos para causar danos, apresentar
uma mensagem ou fazer qualquer coisa que um
programa possa fazer.

 Resumindo, um vírus de macro infecta os arquivos do

Microsoft Office (.doc - word, .xls - excel, .ppt - power
New Media Technology
 Muito se fala de prevenção contra vírus de computador
em computadores pessoais, o famoso PC, mas pouca
gente sabe que com a evolução, aparelhos que tem
acesso à internet, como muitos tipos de telemóveis,
handhelds, VOIP, etc podem estar atacando e
prejudicando a performance dos aparelhos em
questão. Por enquanto são casos isolados, mas o
temor entre especialistas em segurança digital é que
com a propagação de uma imensa quantidade de
aparelhos com acesso à internet, hackers e crakers
irão interessar-se cada vez mais por atacar esses
novos meios de acesso à web. Também se viu
recentemente que os vírus podem chegar em produtos
electrónicos defeituosos, como aconteceu
recentemente com os iPODS da Apple, que traziam
um "inofensivo" vírus (qualquer antivírus o elimina,
New Media Technology
(continued)
 Existem igualmente vírus que são executados
quando se entra na página através de browser,
mais conhecido como vírus "Script", podendo
ser utilizado para invadir o computador ou
plantar outro vírus no computador.
New Media Technology
(continued)

 SPLog - There are also fake blogs, or

splogues, blogs that are advertising almost
always tend to promote the sales of any
product, rarely do any harm, but may contain
links that can be dangerous.
Detect, prevent and
combat viruses
 Nothing can guarantee the complete safety of
a computer. But you can improve his safety
and decrease the likelihood of being infected.

 Remove a virus from a system without the help

of necessary tools is a daunting task even for a
professional.

 Some viruses and other malicious programs

(including spyware) are scheduled to re-infect
your computer even after it detected and
Detect, prevent and combat
viruses (continued)

 Update your computer regularly is a preventive

action against the virus. In this option, there
are some companies that provide tools not
free, which aid in the detection, prevention and
permanent removal of viruses.
Detect, prevent and combat
viruses (continued)
 Antivirus - are programs developed by security
companies, in order to detect and eliminate viruses
found on your computer. The virus have a database
containing signatures that can eliminate the virus.
Thus, only after upgrading your database, the newly
discovered viruses can be detected.

 Some virus have technology heuristics which is a

means of detecting the action of an unknown virus
through its action on the user's system. Panda
Software has created a service that was very popular
heuristic, because 98.92% of viruses detected
unknown (not in its database) in a test. Now, people
with this heuristic may be 98.92% more rested!
Detect, prevent and combat
viruses (continued)
 Personal Firewall's - are programs developed by
software companies in order to prevent the
personal computer is the victim of malicious
attacks (or "Blended Threats" - malicious code that
spread over the Internet without the user's
computer that infects / is infect know) and spyware
attacks. Speaking of his duties related to the virus,
this program oversees the "gates" (the TCP / IP
are the media, associated with a particular
application, which allow travel on the information
from your computer to the network), to prevent
attack the virus in a given protocol. So, if you
install a personal firewall on your computer, the
user is protected from attack by many viruses,
preventing them from gaining access to your
Conclusion
 Although it has taken a big step forward in
computer systems become increasingly safe, it
can be worth anything against social
engineering, which consist of techniques to
convince the user to deliver data as banking
passwords, credit card number, financial data
in general, is a carefree and casual
conversation in a chat room, a messenger,
which generally tend to occur such acts, and
even personally.
Conclusion (continued)
 Therefore, you should NEVER provide any
password of any kind, as the gateway to the loss
of information, espionage, theft of money in a bank
account and personal details fall into the hands of
strangers who do not know what kind destination
may give this information. Currently, data are
obtained of this species and also more specific
data (like passwords for computer networks of
businesses, location of back door, etc..).

 Social engineering does not have the slightest

connection with the hacking techniques are totally
different from one another. "The Social Engineer
Conclusion (continued)
 Money in the form of bits - With so many
hackers obtaining passwords around the world, it
is inevitable to create links between them, they
begin to use stolen data as currency. Today the
access data of users marketed by real gangs
online. It is common to see messages like "I have
the password 100 bank accounts bank X, who
gives more for them?" specialized in various
forums. A real black market formed in underground
chat rooms where these shady deals are made
between a veritable ocean of codes, acronyms and
abbreviations - a recipe for cyberthieves. Armed
with data from access to bank accounts,
cybercriminals can perform fraud and illegal
transfers of money very easily. There is also a
Conclusion (continued)

 Antiespiões (antispyware) - an anti-spyware

software is suitable for removing spyware
(spyware), or when little, detect them and, if
possible, inactivates them, sent them to
Quarantine. Like antivirus, need to have your
database updated constantly.

 The anti-spyware often monitor certain entries in

the Windows registry to detect infection attempts,
but eventually can not identify what it is trying to
change the registry - it may even be spyware or a
virus actually.
Summary of Lesson
After reading this lesson should have been
clear about:
 1 - What is a virus?
 2 - Main causes of contamination
 3 - Timeline - Evolution of computer viruses.
 4 - Statistical Data on Viruses
 5 - Crackers and hackers
 6 - Types of Viruses
 7 - The New Media Technology
 8 - To detect, prevent and combat viruses
“Seeks to prevent crimes, lest thou
be obliged to punish them.”
(Confúcio)

"No computer is aware of what

makes. But for the most part,
neither do we.”
( Marvin Minsky )
Bibliography

 http://pt.wikipedia.org/wiki/V%C3%ADrus_de_co
mputador
Thank You for Attention