Provide (2) 150 words substantive response with a minimum of 1 APA references for RESPONSES 1 AND 2 below. Response provided should further discuss the subject or provide more insight. To further understand the response, below is the discussion post that’s discusses the responses. 100% original work and not plagiarized. Must meet deadline.
This week we are tasked with researching different malware attacks that are notorious and talk about one. I have chosen to talk about the Zeus trojan virus that was first seen in 2007. Zeus is a malware that is a trojan virus and is also known as ZBOT. Zeus targets Microsoft windows operating systems. Since 2007 Zeus has infected more than 3.6 million computers in the United States alone not including other countries. There are two main ways Zeus targets a computer one is through spam messages. The other way that Zeus targets computers is trough drive-by downloads. While Zeus can do many things if it is infecting a computer there are two major functions that most hackers use it for. One is to setup botnets and the other is to steal financial information form infected devices. The way it steals financial information is by keystroke logging and monitoring bank websites for credentials. Botnets are used to control a huge amount of computers in order to carry out large attacks. One attack I can think of that a Botnet would be useful for is a DDOS (Distributed Denial of Service Attack) attack. A man named Hamza Bendelladj was responsible for creating Zeus and he was arrested in 2013 and charged with 15 years of prison time. This also include millions of dollars in fines that he was also given for his many accounts of cyber crimes he committed.
Kaspersky, (n.d.). Zeus Virus. Retrieved From https://www.kaspersky.com/resource-center/threats/zeus-virus
The malware I found most interesting made its appearance in 2017 as a self-replicating encryptor. The creators of this malware took advantage of a vulnerability in the Microsoft security before a later update. By utilizing this exploit, WannaCry could easily gain remote access to computers in order to install the encryption. Traditionally, encryptors gain access to and infect computers by part of the user who clicks on the suspicious link or downloads some type of attachment from an email that might not even appear suspicious at first glance because it’s using something known to the user to disguise itself. However, WannaCry was able to affect over 45,000 computers in just one day becauase of the fact that the user doesn’t need to do anything to allow the infection to occur. WannaCry detects the hole in the security and forces entry onto the machine. It then attempts to spread throughout the local network like a computer worm by scanning computers on the network to detect the same vulnerability. This was extremely damaging for any large networks because of the amount of machines that were compromised almost in an instant. WannaCry encrypts different types of files like documents, photos, videos, etc. that could potentially be of importance to the user and then renames those files to .WCRY, making them inaccessible to the user. Then the desktop wallpaper is changed to a picture that contains information about the malware and what the user must do in order to gain access to their files and computer again. This will typically include a demand for money to be transferred to the perpetrator in the form of bitcoin which cannot be traced to them, with an expiration date or time limit. In total, Wanna Cry has infect3ed more than 200,000 computers in 74 different countries. It was found in those 74 different countries within the first day. The malware author of WannaCry was never discovered. However, the malware can only effect computers which have not been updated unless a user takes some action to allow for the infection to occur like opening a link or downloading an attachment which would override the patch to fix the security.
¹ WannaCry: Are you safe? Kaspersky. Alex Perekalin. May 13, 2017.