The VX-Files
The VX-Files
  • README.txt
  • For updates, questions, suggestions or just chatting: @malcrvz
  • Download your own local copy or check my other libre projects: Github/malcrvz
  • 📕Cybersecurity Theory
    • Index
      • Malware types
        • Viruses, worms and Trojans
        • Backdoors, Rootkits and Spyware
        • Botnets, DDoS and Spammer
        • Ransomware
        • Scareware and Adware/PUP/PUA
        • Downloaders and Launchers
        • Hacktool
        • APT - Advanced Persistent Threat
      • Social engineering techniques
        • Phishing
        • Pretexting
        • Baiting
        • Quid pro quo
        • Tailgating
      • Cryptography
        • Hash functions
        • Symmetric, Asymmetric and Hybrid cryptography
        • Digital signatures & Digital certificates
        • TLS Protocol
      • Pentesting methodology & Techniques
        • CIA Triad - Confidentiality, Integrity & Availability
        • The methodology steps
        • Pre-Engagement
        • Information Gathering
          • HTTP status codes
          • robots.txt
        • Vulnerability Assessment
        • Exploitation
          • Password cracking
        • Post-Exploitation & Persistence
          • Types of Shells
        • Privilege Escalation & Lateral Movement
        • Reporting & Remediation
  • 🐧Linux Essentials
    • Index
      • 1, 0, bits, Bytes: Units of digital information
      • User management
      • Packet management
      • Privileges & sudo
      • Passwd & Shadow files
      • Managing files, links and regex
      • find
      • Terminal/TTY
      • SSH
  • 🪟Windows Essentials
    • Index
      • CLI user management
      • CMD File management
  • 🌍Networking Essentials
    • Index
      • Windows CLI IP management
      • Linux IP management
      • Linux CLI Wi-Fi connection
  • 🕸️Network Pentesting
    • Tools
      • 1. Pre-Engagement
        • OpenVPN
      • 2. Information gathering
        • cURL & wget
        • Nmap
        • arp
        • Netcat
        • whatweb
      • 3. Vulnerability assessment
        • smbclient
      • 4. Exploitation
        • Metasploit
        • Hashcat
        • John the Ripper
      • 5. Post-Exploitation & Persistence
        • SSH
      • 6. Privilege escalation & Lateral movement
        • Possible privilege escalation vectors - Auto-enumeration scripts
      • 7. Reporting & Remediation
    • Techniques
      • Upgrade reverse shell to interactive
      • Transferring files to/from remote victim
      • Possible privilege escalation vectors - Manual checklist
    • Resources
      • Manufacturer default passwords lists
        • IP Cameras
      • Get Shells
  • 💉Web App pentesting
    • Tools
      • CeWL
      • Gobuster
      • whatweb
    • Techniques
      • Command injection
    • Resources
      • Reverse Shells
      • Bind Shells
  • 📡Wireless pentesting
    • Tools
    • Techniques
    • Resources
  • 🔓On-Premises Pentesting
    • Tools
    • Techniques
      • Removing Linux user passwords
      • Removing Windows user passwords
    • Resources
  • 💽Disks & Forensics
    • Index
      • Getting a disk ready
      • Inodes & Sectors
      • Recover deleted files
      • BUILDING - Secure file deletion
  • 🕷️Bash scripts
    • coming soon
  • ⚡PowerShell Scripts
    • coming soon
  • 🟩HTB Walkthroughs
    • coming soon
  • 🏴‍☠️External Resources
    • Schools
    • Books & Wikis
    • Utilities
    • Interactive cheat sheets
    • Wordlists
Powered by GitBook
On this page
  1. Cybersecurity Theory
  2. Index
  3. Malware types

Viruses, worms and Trojans

The evil trinity, grandfathers of all malware!

Virus

Though its used as a general term for all malware, a virus is a type of malware dependent to another file, attached normally to an executable, that acts only once its executed by the user as an extra hidden code and then immediately tries to propagate on the system and stay undetected while doing the harm, usually trying to steal data or breaking the system. They can infect typically by an email or an untrustworthy download.

Worm

Its strength is not needing the intervention of the victim to propagate, it doesn't even need to be attached to a file. Instead, a worm infects through a vulnerability on the system, then uses services or servers on the network as a medium to propagate and self-replicate, being able to infect the whole network very fast. Once the network is infected they can do horrific harm, stealing tons of data or even paralyzing the whole company.

Trojan

A Trojan doesn't replicate or propagate by itself, instead, following the myth of the Greek Trojan horse, it disguises as a legitimate software installation, even working as intended and being useful, while harming on the background undetected, normally stealing data, installing other malware or even opening a backdoor for an attacker. Its strength is the deception to the user to stay undetected as a harmless software, that can stay on the system for months. The most common way to get infected is by untrustworthy downloads.

We have then that as all malware usually focus on the same malicious objectives, they get their names by their method of infection and propagation. Viruses are dependent on a file to be executed by the user but act/propagate immediately, worms are dependent on a vulnerability but can infect a whole network and Trojans are dependent on the user to execute the installation but can stay hidden and open a backdoor to more malware.

Last updated 1 year ago

📕