Exploring the Internet: One Question at a Time

Vk May 15, 2025
Q - how do you name this harmful program that resides on active memory of the computer and duplicates itself without human intervention, often sending copies of themselves to other computers via email

  • That harmful program is called a computer worm.

Why?
  • Resides in active memory while running.
  • Duplicates itself automatically without any human help.
  • Often spreads to other computers over networks or via email.
  • Unlike viruses, worms don’t need to attach to other files — they self-replicate independently.

Summary:

  • A worm is a self-replicating malicious program that spreads automatically across computers, often exploiting network vulnerabilities or email systems.

Comparison between worms, viruses, and trojans:

Feature Worm Virus Trojan Horse
Self-replication Yes, replicates independently Needs to attach to files/programs No, does not replicate itself
Spreading method Network, emails, exploits Requires user action (opening infected files) Disguised as legitimate software, tricking user to install
Resides in memory Yes, while active Yes, when infected file runs Only when executed by user
Purpose Spread rapidly, sometimes cause damage Infect files, corrupt data or system Steal data, create backdoors, or perform malicious actions
Examples Code Red, ILOVEYOU worm Melissa virus, Michelangelo Zeus Trojan, Emotet




Q. which of the attack is one in which a malicious hacker takes over computer via the internet and causes them to flood a target device with demands for data and other small tasks.
  • The type of attack describing is called a Distributed Denial-of-Service (DDoS) attack.
  • Correct term: DDoS (Distributed Denial-of-Service)

What happens in a DDoS attack:

  • A hacker gains control of many computers (often through malware or botnets).

  • These computers are turned into "zombies" — controlled remotely without their owners' knowledge.

  • They all flood a target server or network with fake requests, data, or small tasks, overwhelming it.

  • The target becomes slow, unresponsive, or completely crashesdenying service to real users.



What is a Rootkit?

A rootkit is a type of malicious software designed to:

  • Hide its presence on a computer.

  • Give the attacker root (admin) access without detection.

  • Run stealthily in the background, often avoiding antivirus and system monitoring tools.


Key Features:
Feature Rootkit
Purpose Hide malware or allow hidden control
Access Level High-level (root/admin) system access
Visibility Hard to detect — hides in OS, kernel, or firmware
Typical Usage Maintain long-term access, hide spyware, logins, or other malware
Can be used in Advanced persistent threats (APTs), espionage, backdoors


How it's different from a DDoS attack:
Aspect Rootkit DDoS Attack
Goal Hide and maintain unauthorized access Overwhelm a target and crash it
Effect Stealthy control and surveillance Loud, disruptive traffic surge
Target A single machine (for long-term access) Servers, websites, or services
Detection Very hard to detect Easy to detect due to traffic surge



Summary:

A rootkit is malware designed to hide itself and give hackers deep control over a system, often used for spying or long-term attacks — not flooding or crashing like a DDoS.


Phishing and smishing are both types of social engineering attacks used to trick people into revealing personal information or installing malware.

Phishing (Email-based)

  • What it is: Fake emails or websites that pretend to be legitimate (e.g., your bank, a delivery company, or a tech support team).

  • Goal: Trick you into giving up personal info like passwords, credit card numbers, or downloading malware.

  • How: Links in emails lead to fake login pages or malicious downloads.

Smishing (SMS Phishing)

  • What it is: A form of phishing that comes through SMS/text messages.

  • Goal: Similar — steal information or trick you into clicking malicious links or calling scam phone numbers.

  • Example: "Your package is on hold. Click here to reschedule: [fake link]"


Other Related Terms
Term Channel Used Example
Phishing Email "Update your account info" with a fake link
Smishing SMS/Text message "You've won a gift card, click here"
Vishing Voice call Fake tech support or IRS scam over the phone
Spear phishing Targeted email Personalized fake message for a specific person

Summary:

Phishing and smishing are tricks used to deceive people into giving away sensitive info by pretending to be a trusted source — via email (phishing) or SMS (smishing). 


what about doxing

Doxing (also spelled doxxing) is a malicious act of publicly revealing private or personal information about someone without their consent, usually to harass, threaten, or harm them.

 What does it involve?

Doxing typically includes exposing:

  • Real name (if they use a pseudonym)

  • Home address or phone number

  • Email addresses

  • Workplace or employer info

  • Social security numbers, bank details, or other private data

 How is the information collected?

Doxers gather data from:

  • Social media profiles

  • Public records and databases

  • Hacking or phishing

  • Leaks or breaches

  • Other people (crowdsourced info)

 Purpose of doxing:

  • Harassment or revenge

  • Blackmail

  • Intimidation

  • Public shaming

  • Swatting (calling emergency services to a victim’s address — highly dangerous)

 Is doxing illegal?

  • It can be illegal, especially if it involves threats, harassment, or results in real harm.

  • Many platforms and countries treat it as a serious cybercrime.

 Summary:

Doxing is the act of exposing someone’s private information online without permission, often with harmful intent — it’s a violation of privacy and can have serious consequences.










Vk

Posted by Vk

Post a Comment

0 Comments

The goal of Civil Engineering Study vk is only to provide contents related to civil engineering that will useful for all civil engineering students who are ready to prepare for Exams

Tags