This lecture compares and contrasts the different classes of malicious software (malware): logic bombs, backdoors, trojans, viruses and worms. It considers the different ways in which malware can attack a system and discusses some of the ways in which malware will attempt to evade detection.

• Lecture video
• Slides (PDF)
• Exercises:
  • Exploring Ransomware
• Other resources:
  • Backdoor examples:
    • Energizer DUO USB battery charger
    • Juniper firewalls
    • D-Link routers
    • Stolen premium Wordpress plugins
  • Ken Thompson, Reflections on Trusting Trust, Comm. ACM, 27(8), August 1984
  • Software Engineering Radio podcast on supply chain attacks
  • Kaspersky’s analysis of Locky ransomware
  • Analysis of Wannacry ransomware by SecureWorks
  • “The Untold Story of NotPetya, The Most Devastating Cyberattack in History”
  • “Almost half of dropped USB sticks will get plugged in” (Naked Security blog, 8 April 2016)
  • CrossRAT remote administration Trojan