Image Source: pixabay.com
Introduction To Viruses Function
Welcome to my next blog on Information Security. Before I proceed onto the how viruses function are encoded and stuff, the question to ask is why do you need to know? Some people may ignore this part stating that you are not a Hacker, then why to even learn this? The reason being, even though if you are not a hacker or security expert, there is still a high chance of you being someone’s target.
And if you ask me, I don’t want to be on someone’s point-blank gunpoint without any body armor. YES! You read it right. In today’s world, everyone needs to know about securing his or her privacy. After the world’s biggest leaders like Google and NSA started gathering information about every person, I think there is a need for everyone to know about information security.
You may be thinking I am paranoid. If you think that way, then try to explain to me why NSA and Google are spending Trillions of dollars just to gather Intel about every living person. No Answer? Welcome to the Virtual World of the Internet.
You might be wondering now that how would you protect yourself if companies like Google or NSA already have the best hackers in the world. The answer is simple. If you ask some person to pick a rusted sewing pin from 100s of pins lying around, he can easily check all of them in under 10 minutes and let you know.
But what if you ask a person to search a pin in a haystack? And the person doesn’t even know where the haystack is… Hahaha. Yes, that’s how it is. But wait! We are NOT here to talk about Information Security. We are here to talk about viruses function and Trojans. Yes..yes.I know. The thing is hacking and viruses function are just two sides of the same coin.
Doubt me? Then let me ask you, how many of you know about stagefright vulnerability? Hardly 20-30% of you people may be knowing it. That’s what I was talking about. Now, if you let me… let’s stop talking riddles here and start to fix all the pieces of puzzles to the right places.
To tell you the truth, viruses function are of many types. And not all of them are actually called as the virus to be more specific. First things first, let me give you the list of its types:
- Macro Virus
- Memory Resident Virus
- Buffer Overflow virus
- Trojan Horse
- Web-scripting viruses environment
- Polymorphic virus
- Boot Infectors
These are actually a few of many, which I have listed. But I won’t be discussing all of these. Some of you may just be a normal person hardly knowing anything about Information Security. I don’t expect you to understand all of these. I am here to tell you how to escape from these extremely encoded viruses environment.
And PLEASE!! Don’t bother telling anyone or me that you have an Anti-virus. No matter how much you update your Anti-virus, they are only as good as having an 80-year old security guard below your society to protect yourself from terrorists.
A Famous Quote:
“In your world, I am Just a Ghost in Your Wires. In my world, I am God.”
Encoded Viruses Environment
First things first…what are encodings? Encoded viruses environment means they are coded in such a way to look totally unsuspicious. And mostly all sophisticated viruses function are encoded. Anything that you use in your day to day life in a computer can be an encoded virus. Anything ranging from your mp3 file, jpeg images, pdf or exes.
Want to know some of the worst things? Even your Boot-disk(if you downloaded it from some random internet page) can be formatted in such a way, as to only install viruses function in your system. Want to know something worse? You may be installing anti-viruses in your system right? What if your anti-virus itself has been coded to hide viruses function? In this way, you won’t even know what affected your system. Now you think I am paranoid?
Paranoia is the key to Top-Notch Security
Now that you may be getting too paranoid and thinking about all the things that you downloaded from the Internet, let me tell you how you could stay away from these things. NEVER (and when I say never, I mean it 100%) download anything you don’t know where it originated from.
You may be having a habit of downloading the latest TV series or your favourite flick from the torrent. But these files can be encoded in such a way, that as soon as you run these videos, a backdoor will open in your computer, which will then allow hackers from all over the world to gain access to it. This thing is way more common with jpeg images, pdf and mp3 files.
I am saying this because you never know what these files may do or run from your computer in the background. The last thing you want is a cop knocking your door instead of your neighbour.
Now, the next thing to worry about is Malware. First, what is Malware? Malware is something that doesn’t show you want the picture is exactly. These type of malware won’t be coded in the video which I told you above. The video file would be specifically coded to exploit a zero-day vulnerability in the software i.e the media-player, to run a specific set of code.
This malware would then download a file and run it, infecting the machine. You would think that the media player is probably downloading a software update or something, but they are not.
They are actually downloading a virus from the web and is storing itself inside the media player which the Anti-virus won’t even know of.
These kinds of malware are actually common among popular document formats such as PDF, JPEG or EXEs. They are too common among people and that makes them a good target for rootkit writers and hackers; the reason being, people assume they’re safe. This is one reason why you actually need to keep your software updated at any point in time.
You never know what bug you have in your software and probably it will get affected by malware and viruses function like these.
In the end, to be more specific, any file type could be a potential exploit, since software that runs executable code is obviously vulnerable. Exploits like these are known as buffer overflow attacks. They alter parts of code by overwriting data structures outside the memory range of a buffer. And that is one reason why these exploits are hard to trace.
If you think, this is it..let me correct you. If you think downloading from a trusted site will keep you 100% safe, I would wisely tell you..”YOU ARE WRONG”. Have you heard of the Deep Web? Probably Not.
The Internet that normally people use consists of only like around 3% of the whole Internet. The rest 97% is filled with viruses environment, The Trojans and hackers went nuts overheads. And that is one of the reasons Deep Web is banned by Chrome and other basic browsers. You can only access it via Tor.
Browser Hijacking and Cookie stealing
I probably got out of the way above when talking about viruses functions and the jumping straight away to Deep Web (The scary monster under the Bed). That’s is the reason why I chose to break a new Paragraph….OK! For people who didn’t understand, that was sarcasm. But coming back to our point, viruses function are not only coded into exes these days.
This is one of the main reason, why you shouldn’t access any website you don’t know of. And these things are extremely common in the case of porn and religious websites. Reason being, they are the least secure website. In a similar fashion, online games are no less prone to getting hacked.
Haha!! This is my favourite part. If hacking computers were not enough, then let me tell you that even your android cell phones can be hacked. Want some more bad news? I just would just need to know your number and everything else is automated. You don’t even need to run a program now. Yes! It is that bad. And that is the new stagefright vulnerability.
Stagefright vulnerability applies to all the Android phones around the world. The worst news is, only a few of the Mobile Phone leaders have patched their systems. If you have a device running KitKat or a lower version, then you are probably doomed for life. This vulnerability even applies to lollipop, but there is still a chance 1 in a 100 chance that your system may be patched.
The Stagefright vulnerabilities are actually a serious threat: an attacker could exploit them to steal data from any cell phone by sending a victim a multimedia message (MMS) coded with malware. Many numbers of software’s can process MMS content and thus run these apps, but devices running Google Hangouts are the most risk here, since a victim may not even need to open the message in Hangouts since hangouts actually download the video without authorization.
In all other attacks it a target needs to open their messaging app and the message content itself is the exploit to work. The Stagefright vulnerabilities affect all Android OSs; either be it Froyo 2.2 or the famous Lollipop 5.1.1, which covers almost all of the Android devices today.
Keep in mind that a device will remain vulnerable until it receives Google’s patches for these vulnerabilities. All Nexus devices and Google’s other official devices have already received their updates for these. You can check with your phone manufacturer for these updates.
How to protect yourself from <STAGEFRIGHT>?
The only thing you can do to protect yourself as of now is to disable auto-download features from WhatsApp, MMS, Hangouts or whichever app you use. When a device receives a video message via SMS, by default it will automatically download the file.
Therefore, by disabling auto-downloading, it prevents an attacker from getting a device to automatically download a video containing Stagefright exploits, which allows the user to delete the message before its execution and avoid device exploitation.
The second thing would be not to give out numbers to any random person on the Internet. Next thing you know is your cell phone data being accessed by someone.
In today’s world, the best you can do is be as paranoid as you can.
There is a famous line said by the head of NASA when he was interviewed on internet security:
Reporter: How do you keep yourself secure with all these insecure stuff around you?
Director: I simply don’t use any cell phone. I don’t even have a Computer at my place.
Yeah! Now you know how secure you are when the head of NASA is so much paranoid.
This has been a guide to viruses function. Here we have discussed basic concept, browser hijacking and cookie stealing, how to protect yourself from <STAGEFRIGHT>? respectively. You may look at the following articles to learn more –