Additional Malware Terminology

This text lesson outlines additional Malware terminology that's important to know.

Payload: the part of the malicious code that performs the harmful action. For example stealing data, or connecting to a server.

Shell: program or part of program that allows an attacker to execute commands on a system. The most common type of network shell is a Reverse Shell where the shell connection originates from the infected target and connects back to the attacker.

Botnet: A network of compromised machines controlled by an attacker, the compromised machines are sometimes referred to as Zombies.

Backdoor: Hidden access point into a system, could be put there by developers or via supply chain attacks

Dropper: Malware whose main purpose is to install other malicious files onto the system.

Command and Control (C2): Infrastructure that malware communicates with to receive instructions.

Obfuscation: Techniques that make malware code harder to detect and/or analyze.

Logic Bomb: Malicious code that is triggered when a specific condition is met, for example an employee is let go from a company.

Adware/Bloatware: Displays unwanted ads or has unwanted functionality. Often is bundled in with other legitimate software.

Scareware: Malware that tricks users into thinking they have an infection in order to sell fraudulent or fake solutions.

Persistence: Refers to a malwares ability to survive system reboots.

Cryptominer: A type of malware or payload of malware that uses the infected systems computing resources to mine cryptocurrency.