image source https://pixabay.com/
-The term 'Malware'
is associated with Cyber world...It is the short form of 'Malicious Software'.
The term for lay-man can be rightly defined as any software knowingly designed
to cause damage to a computer, server or computer network.
They are planted in
the target as the codes and scripts which in common languages are known as
Computer Virus, Worms, Trojan horses, Ransomware, Spyware, Adware,
Scareware, etc. These malicious programs
can perform a variety of functions, including stealing, encrypting or deleting
sensitive data, altering or hijacking core computing functions and monitoring
users' computer activity without their permission.
To protect any such attack users purchase the
software provided by companies called Antivirus software, Firewalls etc.
-A couple of months
back Maharashtra Cybercrime department has reported the malware “Gravity
RAT”. The ‘RAT’ in the name stands for Remote Access Trojan, which is a program capable of
being controlled remotely and thus difficult to trace. It was first detected by
Indian Computer Emergency Response Team(CERT-In) in 2017.
-Introduction to
CERT-In…
- It is the India's nodal agency for responding to computer security incidents as and when they occur. It has been operational since January 2004.
- In the IT Amendment Act 2008, it has been designated to serve following functions:-
- Collection, analysis and propagation of information and awareness on cyber incidents.
- Forecast and alerts of cyber security incidents and provides warning to the Cybercrime center of India.
- Provides Emergency measures for handling cyber security incidents.
- Issue guidelines, advisories, vulnerability notes and whitepapers relating to information security practices, procedures, prevention, response and reporting of cyber incidents. Etc..
-What is a
"Gravity Rat" and how is it more dangerous than other Malwares???
'Gravity Rat'
infiltrates a system in the form of an innocuous(harmless) looking email
attachment, which can be in any format, including MS Word, MS Excel, MS
PowerPoint, Adobe Acrobat or even audio and video files. Unlike most malware,
which inflict short term damage, it is an Advanced Persistent Threat (APT) i.e.
it silently evolves and does long-term damage therefore, is very difficult to
track and hunt down. It is self-aware and is capable of evading several
commonly used malware detection techniques such as ‘sandboxing’(used to isolate
malware from critical programs on infected devices and provide an extra layer
of security).
Typically, malware
activity is detected by the ‘noise’ it causes inside the Central Processing
Unit, but 'Gravity RAT' is able to work silently. It can also gauge the
temperature of the CPU if it determines that the device is carrying out high
intensity activity, like a malware search and acts to evade detection.
Comments
Post a Comment