Subscribe:

Ads 468x60px

Tuesday, 28 May 2013

How Hackers Send Virus,RAT,.EXE Files to Victim on Facebook,Gmail,Yahoo etc.


How Hackers Send Virus,RAT,.EXE Files to Victim on Facebook,Gmail,Yahoo.


FIRSTLY I WILL TELL YOU WHAT IS A COMPUTER VIRUS





WHAT IS A COMPUTER VIRUS ?



A potentially damaging computer program’s, capable of reproducing itself causing great harm to files or other programs without permission or knowledge of the user.



TYPES OF VIRUSES :-




1) BOOT SECTOR VIRUS :- BOOT SECTOR VIRUSES INFECT EITHER THE MASTER BOOT RECORD OF THE HARD DISK OR THE FLOPPY DRIVE. THE BOOT RECORD PROGRAM RESPONSIBLE FOR THE BOOTING OF OPERATING SYSTEM IS REPLACED BY THE VIRUS. THE VIRUS EITHER COPIES THE MASTER BOOT PROGRAM TO ANOTHER PART OF THE HARD DISK OR OVERWRITES IT. THEY INFECT A COMPUTER WHEN IT BOOTS UP OR WHEN IT ACCESSES THE INFECTED FLOPPY DISK IN THE FLOPPY DRIVE. I.E. ONCE A SYSTEM IS INFECTED WITH A BOOT-SECTOR VIRUS, ANY NON-WRITE-PROTECTED DISK ACCESSED BY THIS SYSTEM WILL BECOME INFECTED.



EXAMPLES OF BOOT- SECTOR VIRUSES ARE MICHELANGELO AND STONED.




2) FILE OR PROGRAM VIRUSES :- SOME FILES/PROGRAMS, WHEN EXECUTED, LOAD THE VIRUS IN THE MEMORY AND PERFORM PREDEFINED FUNCTIONS TO INFECT THE SYSTEM. THEY INFECT PROGRAM FILES WITH EXTENSIONS LIKE .EXE, .COM, .BIN, .DRV AND .SYS .




SOME COMMON FILE VIRUSES ARE SUNDAY, CASCADE.




3) MULTIPARTITE VIRUSES :- A MULTIPARTITE VIRUS IS A COMPUTER VIRUS THAT INFECTS MULTIPLE DIFFERENT TARGET PLATFORMS, AND REMAINS RECURSIVELY INFECTIVE IN EACH TARGET. IT ATTEMPTS TO ATTACK BOTH THE BOOT SECTOR AND THE EXECUTABLE, OR PROGRAMS, FILES AT THE SAME TIME. WHEN THE VIRUS ATTACHES TO THE BOOT SECTOR, IT WILL IN TURN AFFECT THE SYSTEM’S FILES, AND WHEN THE VIRUS ATTACHES TO THE FILES, IT WILL IN TURN INFECT THE BOOT SECTOR.


This type of virus can re-infect a system over and over again if all parts of the virus are not eradicated.


Ghostball was the first multipartite virus, discovered by Fridrik Skulason in October 1989. Other examples are Invader, Flip, etc.

4) STEALTH VIRUSES :- THESE VIRUSES ARE STEALTHY IN NATURE MEANS IT USES VARIOUS METHODS FOR HIDING THEMSELVES TO AVOID DETECTION. THEY SOMETIMES REMOVE THEMSELVES FROM THE MEMORY TEMPORARILY TO AVOID DETECTION BY ANTIVIRUS. THEY ARE SOMEWHAT DIFFICULT TO DETECT. WHEN AN ANTIVIRUS PROGRAM TRIES TO DETECT THE VIRUS, THE STEALTH VIRUS FEEDS THE ANTIVIRUS PROGRAM A CLEAN IMAGE OF THE FILE OR BOOT SECTOR.



5) POLYMORPHIC VIRUSES :- POLYMORPHIC VIRUSES HAVE THE ABILITY TO MUTATE IMPLYING THAT THEY CHANGE THE VIRAL CODE KNOWN AS THE SIGNATURE EACH TIME THEY SPREAD OR INFECT. THUS AN ANTIVIRUS PROGRAM WHICH IS SCANNING FOR SPECIFIC VIRUS CODES UNABLE TO DETECT IT’S PRESENSE.




6) MACRO VIRUSES :- A MACRO VIRUS IS A COMPUTER VIRUS THAT “INFECTS” A MICROSOFT WORD OR SIMILAR APPLICATION AND CAUSES A SEQUENCE OF ACTIONS TO BE PERFORMED AUTOMATICALLY WHEN THE APPLICATION IS STARTED OR SOMETHING ELSE TRIGGERS IT. MACRO VIRUSES TEND TO BE SURPRISING BUT RELATIVELY HARMLESS.A MACRO VIRUS IS OFTEN SPREAD AS AN E-MAIL VIRUS. WELL-KNOWN EXAMPLES ARE CONCEPT VIRUS AND MELISSA WORM



WAYS HACKERS SEND YOU SERVER,VIRUSES AND .EXE FILES VIA INTERNET:



1. Binder - Binder is a software which is used to bind or collaborate the server or virus you have created with some other file like a MP3,JPEG or any other file.You can fool the victim by sending him a song or picture and as soon as he opens the picture or song the Binder also gets open and starts working.





2. Crypter - A crypter is a tool which changes the binary code of the .exe (virus,RAT etc.)file and applies many encryptions on it which makes the .exe file undetectable.You can use Chrome Crypter.




3. Zipping - Another smart way to  send files is by putting your server in a Zipped folder and then sending it to the victim.Zipping the file changes the extension of the srver from .exe to .zip,which bypasses the file transfer facility of gmail,facebook,yahoo etc..

USE WINRAR & Give password of that file, so AV's not enter in file.



4. Extension - You can change the extension of the Server you want to send as it is not possible to send .exe files,so you can change the extension of .exe to .jpeg,.mp3 etc. when you save the file and then send it to the victim.But in this method you will have to tell the victim to change the extension back to .exe after he receives the server.This method can only be used in cases where the victim is very dumb and has no knowledge of this field.

A person who is not much interested in cyber security should have knowledge of above mentioned methods as they can be used against anyone.



0 comments:

Post a Comment