Mark Kanok from Symantec put interesting post titled Detection and Remediation on Symantec official blog. It contains updated definitions of some of today’s most prevalent threats:
- Backdoors — A backdoor is an undocumented way of gaining access privileges to a program, typically for the intent of opening up further access or vulnerabilities.
- Bots or Zombies — A computer that is under the control of a malicious hacker without the knowledge of the computer owner, and is typically used to execute various nefarious processes in a networked basis (e.g. denial of service attacks, spam, etc.)
- Trojan Horse — A Trojan Horse is malicious software that masquerades as a legitimate or benign program, often exploiting the willingness of users to try “free” software.
- Polymorphic Virus — A polymorphic virus is one that changes its binary pattern, or signature every time it replicates and infects a new file in order to keep from being detected by a signature-based antivirus programs.
- Rootkit — A rootkit is a malicious program that is activated each time the system boots up, making them especially difficult to detect and remove. In some cases, rootkits are counted as Trojan Horses.
- Drive-By Downloads — A drive-by download is a program that is automatically downloaded onto the computer without the user’s consent or knowledge. Drive-by downloads can be initiated simply by visiting a dangerous Web site or by viewing an HTML e-mail message.
- Phishing — A phishing attack is a type of scam designed to lure a victim — typically via a cleverly written, legitimate-looking e-mail — to a false web site, which also tends to look legitimate. The victim’s personal or financial information is then compromised.