>> A logic bomb is another type of malware that introduces latency to when it executes.
Either a certain date, time, or event will trigger this type of malware to run.
From a malware author's perspective, the longer amount of time that goes
by before a new malware specimen is detected, the better.
This allows the malware to spread and remain silent
so antivirus companies don't pick up on it.
Then after a period of time, boom, the malware on all infected systems will run.
One famous story involves a software engineer who thought he was going to get fired.
He wrote into the company's software that if human resources generated payroll
and his name was not on the list, do X, Y, and Z to the company.
He knew that if he was going to be fired, his computer rights would be revoked first,
so this was his way of getting revenge before the fact.
Besides, if he was wrong, nothing would happen and all would be hunky-dory.
Turns out though, he was right.
He got fired and his logic bomb did a lot of bad things to the company and its data.
He got caught and was handed a stiff fine and prison sentence.
Another programmer wrote a logic bomb into his company's software before resigning.
He was hoping to be rehired at a big premium to save the company.
Yet another programmer wrote logic bombs in company sites all around the world.
He was now able to travel worldwide and get fame
and fortune fixing these problems until he got caught.
Malware known as a Trojan horse is named after the famous story
about Greek troops hiding inside a big wooden horse.
The Trojans thought the Greeks were gone and took this horse as a conquest into their city.
At night, the Greeks that were hiding in the horse, jumped out, opened the gates,
and in came the rest of the Greek troops.
They destroyed Troy and ended the war.
The malware Trojan horse is really the same thing.
Think about a program that has one advertised use
but also has another hidden ability used by an attacker.
There is definitely a social engineering component involved.
The user must download and install it.
Trojan horses do not replicate either on the local machine or across a network.
You've seen these free screensavers, free ringtones, free WeatherBug links.
Well, users have clicked on them.
They got the screensavers.
They got the ringtones.
They got the WeatherBugs.
But also in the process they installed, unknown to them,
some other programs which were malicious.
These hidden malicious programs could damage the computers, spread malware,
spy on user activities, and use the computer as part of a botnet.
A RAT, remote administration tool, is a piece of software used
to remotely access or control a computer.
This tool can be used legitimately by systems administrators
for accessing client computers or even servers.
A RAT, when used for malicious purposes, is known as a remote access Trojan.
It can be used by a malicious user to control a system
without the knowledge of users of that system.
Remote access Trojans are malicious pieces of software
that infect victim machines to gain administrative access.
They are often included in pirated software through patches as a form
of a cracked game or even via email attachments.
Most of the popular RATs are capable of performing keystroke logging, packet capture,
screen capture, camera capture, file access, code execution,
registry management, password sniffing, and more.
After the infection, they may perform unauthorized operations
and hide their presence in the infected system.