Tyler’s Malware JeopardyTyler’s Malware Jeopardy

$100

Virus Worm Spyware Trojan HorsesRansomware

/Rootkits

$200

$300

$400

$500 $500

$400

$300

$200

$100

$500

$400

$300

$200

$100

$500

$400

$300

$200

$100

$500

$400

$300

$200

$100

Final JeopardyFinal JeopardyRules may randomly vary

Virus - $100Virus - $100

This virus was considered to be the first This virus was considered to be the first socially engineered computer virus. What socially engineered computer virus. What is the name of the virus?is the name of the virus?

Love Letter VirusLove Letter Virus

Virus - $200Virus - $200

Before there was the World Wide Web, the Before there was the World Wide Web, the first computer viruses spread via this.first computer viruses spread via this.

Floppy disksFloppy disks

Virus - $300Virus - $300

One of the first viruses to target children One of the first viruses to target children and it would delete all files in Windows and it would delete all files in Windows and Windows/System once activated. The and Windows/System once activated. The victim would have to reinstall MS Windows victim would have to reinstall MS Windows as a result.as a result.

Pikachu VirusPikachu Virus

Virus - $400Virus - $400

What do you call a virus that can change What do you call a virus that can change their appearance with each new infection? their appearance with each new infection? What affect does it have on What affect does it have on countermeasures?countermeasures?

PolymorphicPolymorphic It makes it more difficult for anti-virus It makes it more difficult for anti-virus

software to detect it since the signature is software to detect it since the signature is constantly changingconstantly changing

Virus - $500Virus - $500

This virus drew attention for knocking out This virus drew attention for knocking out satellite communications for the French satellite communications for the French news agency France-Presse and caused news agency France-Presse and caused problems with Delta Air Lines systems, problems with Delta Air Lines systems, causing some flight cancellations.causing some flight cancellations.

SasserSasser

Worm - $100Worm - $100

What distinguishes worms from viruses?What distinguishes worms from viruses?

It does not need to attach itself to an It does not need to attach itself to an existing program.existing program.

Worm - $200Worm - $200

This worm was created to see how big the This worm was created to see how big the Internet was. The poor college student Internet was. The poor college student didn’t mean to cause problems. What didn’t mean to cause problems. What worm is this?worm is this?

Morris WormMorris Worm

Worm - $300Worm - $300

Most massive DOS attack to date, believed Most massive DOS attack to date, believed to have been commissioned by email to have been commissioned by email spammers.spammers.

MydoomMydoom

Worm - $400Worm - $400

ConfickerConficker

This worm could download payloads This worm could download payloads remotely to update itself.remotely to update itself.

Worm - $500Worm - $500

This family of worms tried to download This family of worms tried to download and install patches from Microsoft’s and install patches from Microsoft’s website to fix vulnerabilities in the host website to fix vulnerabilities in the host system by exploiting those vulnerabilities. system by exploiting those vulnerabilities. (Hint: They had good intentions)(Hint: They had good intentions)

The Welchia WormThe Welchia Worm

Spyware - $100Spyware - $100

This is a subcategory of spyware that This is a subcategory of spyware that describe the software companies use to describe the software companies use to track your browsing activities.track your browsing activities.

Commercial spyware or AdwareCommercial spyware or Adware

Spyware - $200Spyware - $200

What is the name of a software that What is the name of a software that monitors keystrokes?monitors keystrokes?

KeyloggersKeyloggers

Spyware - $300Spyware - $300

In 2004, it was estimated what percentage In 2004, it was estimated what percentage of all computers had some form of of all computers had some form of spyware? spyware?

80%80%

Spyware - $400Spyware - $400

When was the first recorded use of the When was the first recorded use of the word spyware? Where was it said?word spyware? Where was it said?

October 16, 1995October 16, 1995 UsenetUsenet

Spyware - $500Spyware - $500

What is the name of the first anti-spyware What is the name of the first anti-spyware software.software.

OptOutOptOut

Trojan Horses - $100Trojan Horses - $100

In 2009, it was discovered this Trojan In 2009, it was discovered this Trojan horse had compromised over 74,000 FTP horse had compromised over 74,000 FTP accounts on websites of such companies accounts on websites of such companies as the Bank of America, NASA, as the Bank of America, NASA, Monster.com, ABC, Oracle, Cisco, Amazon, Monster.com, ABC, Oracle, Cisco, Amazon, and Business Week magazine.and Business Week magazine.

ZeusZeus

Trojan Horses - $200Trojan Horses - $200

This Trojan horse has been used to gain This Trojan horse has been used to gain unauthorized access to computers. It can unauthorized access to computers. It can also read keystrokes that occurred since also read keystrokes that occurred since the last boot – a capability that can be the last boot – a capability that can be used to steal passwords and credit card used to steal passwords and credit card numbers.numbers.

Sub7 or Sub7ServerSub7 or Sub7Server

Trojan Horses - $300Trojan Horses - $300

This Trojan horse was used in a This Trojan horse was used in a cyberattack on the U.S. It also led to the cyberattack on the U.S. It also led to the creation of this.creation of this.

Agent.btzAgent.btz U.S. Cyber CommandU.S. Cyber Command

Trojan Horses - $400Trojan Horses - $400

ZeroAccess (aka Sirefef) is used to ZeroAccess (aka Sirefef) is used to download other malware on an infected download other malware on an infected machine from a botnet mostly involved in machine from a botnet mostly involved in Bitcoin mining and click fraud, while Bitcoin mining and click fraud, while remaining hidden on a system using these remaining hidden on a system using these techniques.techniques.

RootkitRootkit

Trojan Horses - $500Trojan Horses - $500

According to a survey done by BitDefender According to a survey done by BitDefender from January to June 2009, “Trojan-type from January to June 2009, “Trojan-type malware is on the rise”. In the survey, malware is on the rise”. In the survey, Trojan horses accounted for this Trojan horses accounted for this percentage of global malware detected in percentage of global malware detected in the world.the world.

83%83%

Ransomware/Rootkits - Ransomware/Rootkits - $100$100

NTRootkit

What is the first documented rootkit, which targeted Windows NT.

Ran/Root - $200Ran/Root - $200

How do rootkits hide other proccesses?How do rootkits hide other proccesses?

By modifying the OS.By modifying the OS.

Ran/Root - $300Ran/Root - $300

Sony BMG used these to install a rootkit Sony BMG used these to install a rootkit which would limit how these could be used.which would limit how these could be used.

CDsCDs

Ran/Root - $400Ran/Root - $400

What is the name of the first used What is the name of the first used Ransomware?Ransomware?

TROJ_CRYZIP or Trojan Cry Zip

Ransomware/Rootkits - Ransomware/Rootkits - $500$500

Where and when was the first recorded Where and when was the first recorded uses of Ransomware?uses of Ransomware?

Russia, 2006Russia, 2006

Final JeopardyFinal Jeopardy

Who created the first Rootkit?Who created the first Rootkit?

Greg Hoglund