Guys, does anyone know the answer?
get the malware that can replicate itself and spread across different computers in the network from screen.
From Wikipedia, the free encyclopedia
Jump to navigation Jump to search
This article is about coding of a worm. For the data storage device, see Write once read many. For other uses, see worm (disambiguation).
Not to be confused with computer virus.
Hex dump of the Blaster worm, showing a message left for Microsoft CEO Bill Gates by the worm's creator
Spread of Conficker worm
Part of a series on
Related security categories
Computer securityAutomotive securityCybercrime Cybersex traffickingComputer fraudCybergeddonCyberterrorismCyberwarfareElectronic warfareInformation warfareInternet securityMobile securityNetwork securityCopy protectionDigital rights management
AdwareAdvanced persistent threatArbitrary code executionBackdoorsHardware backdoorsCode injectionCrimewareCross-site scriptingCryptojacking malwareBotnetsData breachDrive-by downloadBrowser helper objectsVirusesData scrapingDenial of serviceEavesdroppingEmail fraudEmail spoofingExploitsKeyloggersLogic bombsTime bombsFork bombsZip bombsFraudulent dialersMalwarePayloadPhishingPolymorphic enginePrivilege escalationRansomwareRootkitsBootkitsScarewareShellcodeSpammingSocial engineering (security)Screen scrapingSpywareSoftware bugsTrojan horsesHardware TrojansRemote access trojansVulnerabilityWeb shellsWiperWormsSQL injectionRogue security softwareZombie
Application security Secure codingSecure by defaultSecure by design Misuse caseComputer access control Authentication Multi-factor authenticationAuthorizationComputer security software Antivirus softwareSecurity-focused operating systemData-centric securityCode obfuscationData maskingEncryptionFirewallIntrusion detection system Host-based intrusion detection system (HIDS)Anomaly detectionSecurity information and event management (SIEM)Mobile secure gatewayRuntime application self-protection
A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. It often uses a computer network to spread itself, relying on security failures on the target computer to access it. It will use this machine as a host to scan and infect other computers. When these new worm-invaded computers are controlled, the worm will continue to scan and infect other computers using these computers as hosts, and this behaviour will continue. Computer worms use recursive methods to copy themselves without host programs and distribute themselves based on the law of exponential growth, thus controlling and infecting more and more computers in a short time. Worms almost always cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.
Many worms are designed only to spread, and do not attempt to change the systems they pass through. However, as the Morris worm and Mydoom showed, even these "payload-free" worms can cause major disruption by increasing network traffic and other unintended effects.
1 History 2 Features 3 Harm 4 Countermeasures
5 Worms with good intent
6 See also 7 References 8 External links
Morris worm source code floppy diskette at the Computer History Museum
The actual term "worm" was first used in John Brunner's 1975 novel, . In the novel, Nichlas Haflinger designs and sets off a data-gathering worm in an act of revenge against the powerful men who run a national electronic information web that induces mass conformity. "You have the biggest-ever worm loose in the net, and it automatically sabotages any attempt to monitor it. There's never been a worm with that tough a head or that long a tail!"
The second ever computer worm was devised to be an anti-virus software. Named Reaper, it was created by Ray Tomlinson to replicate itself across the ARPANET and delete the experimental Creeper program (the first computer worm, 1971).
On November 2, 1988, Robert Tappan Morris, a Cornell University computer science graduate student, unleashed what became known as the Morris worm, disrupting many computers then on the Internet, guessed at the time to be one tenth of all those connected. During the Morris appeal process, the U.S. Court of Appeals estimated the cost of removing the worm from each installation at between $200 and $53,000; this work prompted the formation of the CERT Coordination Center and Phage mailing list. Morris himself became the first person tried and convicted under the 1986 Computer Fraud and Abuse Act.
Computer viruses generally require a host program. The virus writes its own code into the host program. When the program runs, the written virus program is executed first, causing infection and damage. A worm does not need a host program, as it is an independent program or code chunk. Therefore, it is not restricted by the host program, but can run independently and actively carry out attacks.
Computer Viruses vs Network Worms
Virus vs Worm: Viruses are dormant until their host file is activated. Worms are malware that self-replicate & propagate independently once in the system.
What’s the Difference between a Virus and a Worm?
Virus vs Worm
The primary difference between a virus and a worm is that viruses must be triggered by the activation of their host; whereas worms are stand-alone malicious programs that can self-replicate and propagate independently as soon as they have breached the system. Worms do not require activation—or any human intervention—to execute or spread their code.
Viruses are often attached or concealed in shared or downloaded files, both executable files—a program that runs script—and non-executable files such as a Word document or an image file. When the host file is accepted or loaded by a target system, the virus remains dormant until the infected host file is activated. Only after the host file is activated, can the virus run, executing malicious code and replicating to infect other files on your system.
In contrast, worms don't require the activation of their host file. Once a worm has entered your system, usually via a network connection or as a downloaded file, it can then run, self-replicate and propagate without a triggering event. A worm makes multiple copies of itself which then spread across the network or through an internet connection. These copies will infect any inadequately protected computers and servers that connect—via the network or internet—to the originally infected device. Because each subsequent copy of a worm repeats this process of self-replication, execution and propagation, worm-based infections spread rapidly across computer networks and the internet at large.
How Do Computer Viruses and Worms Spread?
Viruses and worms are a subcategory of malicious programs, aka malware. Any program in this subcategory malware can also have additional Trojan functions.Viruses
Viruses can be classified according to the method that they use to infect a computer
File viruses Boot sector viruses Macro viruses Script virusesWorms
Worms often exploit network configuration errors or security loopholes in the operating system (OS) or applications
Many worms use multiple methods to spread across networks, including the following:
Email: Carried inside files sent as email attachments
Internet: Via links to infected websites; generally hidden in the website’s HTML, so the infection is triggered when the page loads
Downloads & FTP Servers: May initially start in downloaded files or individual FTP files, but if not detected, can spread to the server and thus all outbound FTP transmissions
Instant Messages (IM): Transmitted through mobile and desktop messaging apps, generally as external links, including native SMS apps, WhatsApp, Facebook messenger, or any other type of ICQ or IRC message
P2P/Filesharing: Spread via P2P file sharing networks, as well as any other shared drive or files, such as a USB stick or network server
Networks: Often hidden in network packets; though they can spread and self-propagate through shared access to any device, drive or file across the network
How to Protect All Your Devices from Viruses and Worms
Viruses, worms and malware most often exploit security vulnerabilities and bugs. For this reason, it is crucial to keep current with all OS and application updates and patches. Unfortunately, keeping current with updates and being vigilant simply are enough. There are many exploits and vectors that can get viruses and worms into a network or onto a computer or mobile device.
These days, comprehensive cyber security is mandatory for all your devices—desktops, laptops, tablets and smartphones. To be effective, cyber security solutions must provide real-time protection for all your activities, from emails to internet browsing, not just periodic hard drive scans. Furthermore, today’s best security software products are not static one-time installations with periodic updates. A quality cyber security product is provided as a service, known as SaaS (Software-as-a-Service). This means that in addition to monitoring your devices in real-time, the software itself is updated in real-time with the most current information about existing and emerging threats, how to prevent them and how to repair their damage.
Free Cloud Anti-Virus Software
What is cyber security?
Infographic: 30 years of cyber security as a pixel art maze
How to choose the anti-virus software that’s best for you
What is a firewall?
Computer viruses and malware FAQ
Today’s biggest web threats
What is the Zeus virus?
How to get rid of a calendar virus on different devices
I've Been the Victim of Phishing Attacks! What Now?
Don't be a phishing victim: Is your online event invite safe to open?
How safe are eWallets? How to Protect Your eWallet
The 10 biggest online gaming risks and how to avoid them
What Is a Computer Worm and How Does It Work?
A computer worm is self-replicating malware that duplicates itself to spread to uninfected computers. Learn more about worms and how to defend against them.
What is content collaboration? An in-depth guide
Home Threats & Vulnerabilities Networking computer worm
Peter Loshin, Senior Technology Editor
Katie Terrell Hanna
What is a computer worm?
A computer worm is a type of malware whose primary function is to self-replicate and infect other computers while remaining active on infected systems.
A computer worm duplicates itself to spread to uninfected computers. It often does this by exploiting parts of an operating system that are automatic and invisible to the user.
Typically, a user only notices a worm when its uncontrolled replication consumes system resources and slows or halts other tasks. A computer worm is not to be confused with WORM, or write once, read many.
How do computer worms work?
Computer worms often rely on vulnerabilities in networking protocols, such as File Transfer Protocol, to propagate.
After a computer worm loads and begins running on a newly infected system, it will typically follow its prime directive: to remain active on an infected system for as long as possible and spread to as many other vulnerable systems as possible.
THIS ARTICLE IS PART OF
What is content collaboration? An in-depth guide
Which also includes:
10 content collaboration platforms for the enterprise in 2023
12 file sharing best practices for secure collaboration
Integration strategy key to fuel cross-company collaboration
For example, the WannaCry ransomware worm exploited a vulnerability in the first version of the Windows Server Message Block (SMBv1) resource sharing protocol.
Once active on a newly infected computer, the WannaCry malware initiates a network search for new potential victims: systems that respond to SMBv1 requests made by the worm. The worm then continues to propagate within a network through these clients.
Malicious attackers can disguise a worm as a nonthreatening resource -- such as a work file or link, which a user clicks on or downloads -- that's only later revealed as a worm. Worms can contain malicious attachments, or payloads, that can delete files or let bad actors remotely control users' computers.
What's the difference between a worm and a virus?
As defined in the "Security of the Internet" report released in 1996 by the CERT Division of the Software Engineering Institute at Carnegie Mellon University, computer worms are "self-replicating programs that spread with no human intervention after they are started."
In contrast, the report noted that computer viruses are also "self-replicating programs, but usually require some action on the part of the user to spread inadvertently to other programs or systems."
What types of computer worms exist?
There are several types of malicious computer worms:
Email worms work by creating and sending outbound messages to all the addresses in a user's contact list. The messages include a malicious executable file that infects the new system when the recipient opens it.
Discover five different types of computer worms.
Successful email worms usually employ social engineering and phishing techniques to encourage users to open the attached file.
File-sharing worms copy themselves into shared folders and spread through peer-to-peer file-sharing networks. Worm authors often disguise these malicious programs as media files.
Stuxnet, one of the most notorious computer worms to date, consists of two components: a worm to propagate malware through USB devices infected with the host file, and malware that targets supervisory control and data acquisition systems.
File-sharing worms often target industrial environments, including power utilities, water supply services and sewage plants.
Cryptoworms work by encrypting data on the victim's system. Perpetrators can use this type of worm in ransomware attacks, where they follow up with the victim and demand payment in exchange for a key to decrypt the files.
Some computer worms specifically target popular websites with poor security. If they can infect the site, they can infect a computer accessing the site.
From there, internet worms spread to other devices that the infected computer connects to through the internet and private network connections.
Instant messaging worms
Like email worms, instant messaging worms are masked by attachments or links, which the worm continues to spread to the infected user's contact list. The only difference is that instead of arriving in an email, it comes as an instant message on a chat service.
If the worm hasn't had time to replicate itself onto the computer, the user can change their password on the chat service account to prevent its spread.
How do computer worms spread?
While some computer worms require user action to initially propagate, such as clicking on a link, others can easily spread without user interaction. All that's necessary is for the computer worm to become active on an infected system. Once active, the worm can spread over a network through its internet or local area network.