Browse Definitions :

Malware

Terms related to malware, including definitions about viruses and Trojans and other words and phrases about malicious software.

ACO - SHA

  • acoustical infection - Acoustic infection is a type of malware that uses a compromised computer’s sound card and speakers to send data using a covert ultrasonic acoustical mesh network.
  • ad fraud - Ad fraud is a type of scam in which the perpetrator fools advertisers into paying for something useless to them, such as fake traffic, fake leads or ineffective and misrepresented ad placement.
  • ad fraud botnet - An ad fraud botnet is a distributed network of computers controlled by a botmaster to defraud advertisers.
  • Anna Kournikova virus VBS.SST - The Anna Kournikova VBS.
  • antimalware (anti-malware) - Antimalware (anti-malware) is a type of software program designed to prevent, detect and remove malicious software (malware) on IT systems, as well as individual computing devices.
  • antivirus software (antivirus program) - Antivirus software is a class of program designed to prevent, detect and remove malware infections on individual computing devices, networks and IT systems.
  • ATM black box attack - An ATM black box attack, also referred to as jackpotting, is a type of banking-system crime in which the perpetrators bore holes into the top of the cash machine to gain access to its internal infrastructure.
  • attack vector - An attack vector is a path or means by which a hacker (or cracker) can gain access to a computer or network server in order to deliver a payload or malicious outcome.
  • Backoff - Backoff is point-of-sale malware that uses memory scraping  to steal credit card data from Windows-based retail machines on which it is installed.
  • BadBIOS - BadBIOS is a BIOS-level Trojan that can affect Windows, Macintosh, Linux and BSD systems.
  • Bitcoin mining - Bitcoin mining is the processing of transactions in the digital currency system, in which the records of current Bitcoin transactions, known as a blocks, are added to the record of past transactions, known as the block chain.
  • blacklist - A blacklist, in IT, is a collection of entities that are blocked from communicating with or logging into a computer, site or network.
  • blended threat - A blended threat is an exploit that combines elements of multiple types of malware and perhaps takes multiple attack vectors to increase the severity of damage and the speed of contagion.
  • boot sector virus - A boot sector virus is malware that infects the computer storage sector where startup files are found.
  • bot worm - A bot worm is a self-replicating malware program that resides in current memory, turns infected computers into zombies (or bots) and transmits itself to other computers.
  • botnet topology - A botnet topology is the network structure by which botnet interconnections are organized.
  • browser extension malware - Extension malware is any browser extension that was developed intentionally with coding that causes undesirable behaviors or whose code has been compromised by an attacker to do so.
  • caller ID spoofing - Caller ID spoofing is a service that allows a caller to masquerade as someone else by falsifying the number that appears on the recipient's caller ID display.
  • car hacking - Car hacking is the manipulation of the code in a car's electronic control unit (ECU) to exploit a vulnerability and gain control of other ECU units in the vehicle.
  • Chernobyl virus - The Chernobyl virus is a computer virus with a potentially devastating payload that destroys all computer data when an infected file is executed.
  • clipboard hijack attack - A clipboard hijacking is an exploit in which the attacker gains control of the victim's clipboard and replaces its contents with their own data, such as a link to a malicious Web site.
  • command-and-control server (C&C server) - A command and control server (C&C server) is a computer that issues directives to digital devices that have been infected with rootkits or other types of malware, such as ransomware.
  • computer exploit - A computer exploit, or exploit, is an attack on a computer system, especially one that takes advantage of a particular vulnerability the system offers to intruders.
  • computer worm - A computer worm is a type of malicious software program whose primary function is to infect other computers while remaining active on infected systems.
  • Conduit browser hijacker - Conduit is a browser hijacker that is usually installed without the user’s knowledge through a drive-by download.
  • content spoofing - Content spoofing is a type of exploit used by a malicious hackers to present a faked or modified Web site to the user as if it were legitimate.
  • cross-site scripting (XSS) - Cross-site scripting (XSS) is a type of injection security attack in which an attacker injects data, such as a malicious script, into content from otherwise trusted websites.
  • cryptomining malware - Cryptomining malware is a form of malware that takes over a computer or mobile device's resources and uses them to perform cryptocurrency mining, a process of verifying cryptocurrency transactions using complex mathematical formulas also known as cryptojacking.
  • cut-and-paste attack - A cut-and-paste attack is an assault on the integrity of a security system in which the attacker substitutes a section of ciphertext (encrypted text) with a different section that looks like (but is not the same as) the one removed.
  • cyberheist - A cyberheist is the online version of the classic bank heist, in which a criminal or criminals hold up or break into a bank to get away with a large sum of money quickly.
  • destruction of service (DeOS) attack - A destruction-of-service (DeOS) attack is a form of cyberattack that targets an organization's entire online presence as well as their ability to recover from the attack afterwards.
  • device attack - A device attack is an exploit in which the attacker takes advantage of a vulnerable device to gain network access.
  • dictionary attack - A dictionary attack is a method of breaking into a password-protected computer or server by systematically entering every word in a dictionary as a password.
  • directory harvest attack (DHA) - A directory harvest attack (DHA) is an attempt to determine the valid e-mail addresses associated with an e-mail server so that they can be added to a spam database.
  • distributed denial of service (DDoS) attack - A distributed denial-of-service (DDoS) attack is an attack in which multiple compromised computer systems attack a target, such as a server, website or other network resource, and cause a denial of service for users of the targeted resource.
  • domain generation algorithm (DGA) - A domain generation algorithm or DGA is a computer program used to create domain names, typically for the purpose of propagating remotely controlled Web-based malware.
  • domain rotation - Domain rotation is a technique use by malware distributors to drive traffic from multiple domains to a single IP address that is controlled by the distributor.
  • doxware (extortionware) - Doxware, also known as extortionware, is an exploit in which the attacker accesses the target's sensitive data and threatens to publish it if the victim does not meet his demands.
  • drive-by download - A drive-by download is a program that is automatically downloaded to your computer without your consent or even your knowledge.
  • drive-by pharming - Drive-by pharming is a vulnerability exploitation method in which the attacker takes advantage of an inadequately unprotected broadband router to gain access to user data.
  • drive-by spamming - Drive-by spamming is a variation of drive-by hacking in which the perpetrators gain access to a vulnerable wireless local area network (WLAN) and use that access to send huge volumes of spam.
  • dropper - A dropper is a malware installer that surreptitiously carries viruses, back doors and other malicious software so they can be executed on the compromised machine.
  • DSO exploit (data source object exploit) - A data source object (DSO) exploit is a form of spyware that takes advantage of data binding to gain access to the hard drive of a computer connected to the Internet.
  • email spoofing - Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source.
  • email virus - An email virus consists of malicious code that is distributed in email messages, and it can be activated when a user clicks on a link in an email message, opens an email attachment or interacts in some other way with the infected email message.
  • equipment destruction attack - An equipment destruction attack, also known as a hardware destruction attack, is an exploit that destroys physical computer and electronic equipment.
  • ethical worm - An ethical worm is a program that automates network-based distribution of security patches for known vulnerabilities.
  • exploit kit (crimeware kit) - An exploit kit is a programming tool that allows someone who does not have any experience writing software code to create, customize and distribute malware.
  • fileless malware attack - A fileless malware attack is a type of malicious attack a hacker can use to leverage applications already installed in a computer.
  • Flexible Mandatory Access Control (FMAC) - Flexible Mandatory Access Control (FMAC) is an ongoing project intended to enhance the Sun Microsystems OpenSolaris operating platform by adding two security technologies: Flux Advanced Security Kernel (Flask) and Type Enforcement (TE).
  • form grabber - A form grabber is a type of malware that captures data such as IDs and passwords from browser forms.
  • Gen V attack (5th generation cyberattack) - Gen V attack is a 5th generation cyberattack that is typically defined by the threat level and sophistication of the attack, including very large data breaches.
  • government Trojan - A government Trojan is spyware installed on a computer or network by a law enforcement agency for the purpose of capturing information relevant to a criminal investigation.
  • Hand of Thief - Hand of Thief is banking crimeware that targets Linux operating systems.
  • hardware vulnerability - A hardware vulnerability is an exploitable weakness in a computer system that enables attack through remote or physical access to system hardware.
  • hybrid virus (multi-part or multipartite virus) - A hybrid virus (sometimes called a multi-part or multipartite virus) is one that combines characteristics of more than one type to infect both program files and system sectors.
  • hybrid virus/worm - A hybrid virus/worm is malicious code that combines characteristics of both those types of malware, typically featuring the virus' ability to alter program code with the worm's ability to reside in live memory and to propagate without any action on the part of the user.
  • identity theft - Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable information, such as Social Security or driver's license numbers, in order to impersonate someone else.
  • IFrame (Inline Frame) - The IFrame HTML element is often used to insert content from another source, such as an advertisement, into a Web page.
  • ILOVEYOU virus - The ILOVEYOU virus comes in an e-mail note with "I LOVE YOU" in the subject line and contains an attachment that, when opened, results in the message being re-sent to everyone in the recipient's Microsoft Outlook address book and, perhaps more seriously, the loss of every JPEG, MP3, and certain other files on the recipient's hard disk.
  • IM worm - An IM worm is self-replicating malicious code that spreads in instant messaging networks.
  • incidence - Incidence, in statistics, is the rate of occurrence of something within a population, or the number of times it occurs.
  • insider threat - Insider threat is a generic term for a threat to an organization's security or data that comes from within.
  • integrated threat management - Integrated threat management is a comprehensive approach to network security that addresses multiple types of malware, as well as blended threats and spam, and protects from intrusion at both the gateway and the endpoint levels.
  • IP Spoofing - IP spoofing is the crafting of Internet Protocol (IP) packets with a source IP address that has been modified to impersonate another computer system, or to hide the identity of the sender, or both.
  • Kaptoxa - Kaptoxa (pronounced kar-toe-sha) is a type of point-of-sale (POS) malware designed to compromise payment information systems.
  • Kriz virus (W32.Kriz, W32.Kriz.dr, or PE_KRIZ) - Discovered in the fall of 1999, the Kriz virus (known more formally as W32.
  • likejacking - Likejacking is a variation on clickjacking in which malicious coding is associated with a Facebook Like button.
  • macro virus - A macro virus is a computer virus written in the same macro language used for software programs, including Microsoft Excel or word processors such as Microsoft Word.
  • malware (malicious software) - Malware, or malicious software, is any program or file that is harmful to a computer user.
  • malware testing - Malware testing is the practice of subjecting malicious programs to software testing tools and procedures designed to assess the viability of legitimate applications.
  • Malware: Glossary - This is a glossary of terms related to malware.
  • man-in-the-middle attack (MitM) - A man-in-the-middle attack is one in which the attacker secretly intercepts and relays messages between two parties who think they are communicating directly with each other.
  • Melissa virus - Melissa is a fast-spreading macro virus that is distributed as an e-mail attachment that, when opened, disables a number of safeguards in Word 97 or Word 2000, and, if the user has the Microsoft Outlook e-mail program, causes the virus to be resent to the first 50 people in each of the user's address books.
  • micro-botnet (mini-botnet or baby botnet) - A micro-botnet, also called a mini-botnet or baby botnet, is a small network of Internet-connected computers that have been hijacked to attack specific companies or individuals within a company.
  • mobile device attack - A mobile device attack is an exploit targeting handheld communications devices, such as smartphones and tablets.
  • mobile malware - Mobile malware is malicious software specifically written to attack mobile devices such as smartphones, tablets, and smartwatches.
  • mobile phone virus - A mobile phone virus is a computer virus specifically adapted for the cellular environment and designed to spread from one vulnerable phone to another.
  • mobile spyware - Mobile spyware is monitoring software that is installed on a mobile device without the end user's knowledge.
  • pastebin - A pastebin is a Web application that allows users to upload and share text online.
  • peer-to-peer botnet (P2P botnet) - A peer-to-peer botnet is a decentralized group of malware-compromised machines working together for an attacker’s purpose without their owners’ knowledge.
  • Pegasus malware - Pegasus malware is spyware that can hack any iOS or Android device and steal a variety of data from the infected device, including text messages, emails, key logs, audio and information from installed applications, such as Facebook or Instagram.
  • pharma hack - The pharma hack is an exploit that takes advantage of vulnerabilities in WordPress or Joomla documents, causing search engines, notably the one hosted by Google, to return ads for pharmaceutical products along with legitimate listings.
  • pharming - Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent Web sites without their knowledge or consent.
  • phishing - Phishing is a form of fraud in which an attacker masquerades as a reputable entity or person in email or other communication channels.
  • phishing kit - A phishing kit is a collection of tools assembled to make it easier for people with little technical skill to launch a phishing exploit.
  • polymorphic virus - A polymorphic virus is a harmful, destructive or intrusive type of malware that can change or 'morph,' making it difficult to detect with antimalware programs.
  • Portal of Doom - Portal of Doom (abbreviated as PoD and sometimes spelled all one word, as PortalOfDoom) is a Trojan horse that hijacks the computers of unsuspecting Windows users running old operating systems.
  • POS malware (point-of-sale malware) - Point-of-sale malware (POS malware) is malicious software expressly written to steal customer payment data -- especially credit card data -- from retail checkout systems.
  • pre-installed malware - Pre-installed malware is malicious software that is put on a machine before it is delivered to the user.
  • ransomware as a service (RaaS) - Ransomware as a service (RaaS) is the offering of pay-for-use malware created for extortion over stolen or encrypted data, known as ransomware.
  • RAT (remote access Trojan) - A remote access Trojan (RAT) is a malware program that gives an intruder administrative control over a target computer.
  • RavMonE virus (W32/Rjump) - The RavMonE virus, also known as W32/Rjump, is a virus that opens a back door on a computer running Windows, creates a copy of itself in the Windows system directory and creates a log file containing the port number on which its back door component listens.
  • Rescator - Rescator is the name of an underground online forum which allegedly sold credit card data stolen from customers who shopped at the United States discount retail chain, Target.
  • RFID virus - An RFID (radio-frequency identification) virus is malicious code inserted into an RFID tag to alter or corrupt data in an RFID system.
  • Robert Morris worm - The Robert Morris worm is widely acknowledged as the first computer worm to be distributed across the Internet and the first computer virus to receive mainstream media attention.
  • script kiddy (or script kiddie) - Script kiddy (sometimes spelled kiddie) is a derogative term, originated by the more sophisticated crackers of computer security systems, for the more immature, but unfortunately often just as dangerous exploiter of security lapses on the Internet.
  • SEO poisoning (search poisoning) - Search poisoning, also known as search engine poisoning, is an attack involving malicious websites that are designed to show up prominently in search results.
  • Shamoon - Shamoon, also called W32.

-ADS BY GOOGLE

SearchCompliance

SearchSecurity

  • time-based one-time password (TOTP)

    A time-based one-time password (TOTP) is a temporary code, generated by an algorithm, for use in authenticating access to ...

  • Security Operations Center (SOC)

    A security operations center (SOC) is a command center facility for a team of IT professionals with expertise in information ...

  • incident response team

    An incident response team is a group of IT professionals in charge of preparing for and reacting to any type of organizational ...

SearchHealthIT

SearchDisasterRecovery

  • disaster recovery team

    A disaster recovery team is a group of individuals focused on planning, implementing, maintaining, auditing and testing an ...

  • cloud insurance

    Cloud insurance is any type of financial or data protection obtained by a cloud service provider. 

  • business continuity software

    Business continuity software is an application or suite designed to make business continuity planning/business continuity ...

SearchStorage

  • storage class memory (SCM)

    Storage class memory (SCM) is a type of NAND flash that includes a power source to ensure that data won't be lost due to a system...

  • Hadoop as a service (HaaS)

    Hadoop as a service (HaaS), also known as Hadoop in the cloud, is a big data analytics framework that stores and analyzes data in...

  • blockchain storage

    Blockchain storage is a way of saving data in a decentralized network which utilizes the unused hard disk space of users across ...

Close