AKAKI POLYTECHNIC COLLEGE

GROUP -4
UC- ROOTKIT VIRUS

NO NAME
1 BEZAWIT TASACHEW
2 MEKDES DERESE
3 MEGERTU GOSOO
4 MERAWIT KAHSAY
5 MULUGETA MAMO
6 SELAM YIBELTAL

SUBMITED DATE -24 -01-2024

SUBMITED TEACHER-
Computer
-is an electronic device that can process data, perform calculation, store and
retrieve information and running various software.

A computer virus
-is a type of malicious software that can replicate itself and spread to other
computers or devices.
-it is designed to cause harm to the system by corrupting data, stealing personal
information. Etc...
- Viruses can be transmitted through infected files, email attachments, or
malicious websites.

Malicious website are designed to harm visitors by infect computer with

malware, steal personal information.
-these site contain pishing scam Fake software download (other deceptive
content aimed at exploiting visitor)

To protect our self: - reputable antivirus & antimalware software

- keep our web browser and operating system up to date
-using browser extension or add-ons for extra protection
like ad blocker (to prevent malicious ads that my contain malware).

The difference between virus and worm

-The main difference between a virus and a worm is the way they spread.
-A virus requires a host file or program to attach itself to, and it spreads when the
infected file is shared or executed. For example, the "ILOVEYOU" virus from 2000
spread through email attachments with a malicious script that replicated itself
and sent copies of the email to all contacts in the victim's address book.
-A worm is self- replicating malware that can spread across network and system
without user interaction. For example Morris worm exploited vulnerabilities in
UNIX systems and spread across the early internet.
-It took advantage of multiple weaknesses, including a flaw in the send mail
program and weak password security on UNIX systems.
The worm's rapid and uncontrolled spread caused widespread disruption, slowing
down or crashing many computers connected to the internet at the time. It
infected thousands of computers, leading to significant downtime and financial
losses.

History of the virus

-Computer viruses have been around since the early days of personal computing.
The first known computer virus was created in the early 1970s, and since then,
countless variants have been developed with increasingly sophisticated methods
of infection and concealment.
-Bob Thomas is credited with creating the first computer virus, the "Creeper"
virus, in the early 1970s.
-The virus was intended to infect Digital Equipment Corporation's PDP-10
mainframe computers running the TENEX operating system, but it didn't cause
any harm. Instead, it displayed a message on infected machines that said, "I'm the
creeper, catch me if you can!" Ray Tomlinson later developed a program called
"Reaper" to remove the Creeper virus. While the Creeper virus wasn't malicious,
it's considered the first documented instance of self-replicating computer code
that exhibited virus-like behavior. It's important to note that self-replicating
programs and malware existed before the term "computer virus," but the Creeper
virus is often recognized as one of the earliest examples of what we now consider
a computer virus.
Computer viruses have several characteristics, including:

1. Self-replication: Viruses are designed to replicate and spread themselves to

other files, programs, or systems.
2. Malicious intent: Viruses are created with the intent to cause harm, such as
damaging files, stealing information, or disrupting the normal operation of a
computer system.
3. Stealthy behavior: Many viruses are designed to operate stealthily, attempting
to avoid detection by anti-virus software or other security measures .
4. Payload: Viruses often carry a payload, which is the actual harmful or disruptive
effect that the virus is designed to deliver, such as deleting files, corrupting data,
or spreading spam.
5. Activation: Viruses may be programmed to activate at a specific time or under
certain conditions, such as when a specific file is accessed or when the system is
rebooted.
6. Propagation: Viruses can spread through various means, including email
attachments, infected files, or network connections.
7. Modification: Some viruses have the ability to modify themselves in order to
evade detection by antivirus software or to adapt to changes in the operating
environment.

Potential damage
Computer viruses can cause a wide range of damage, including data loss, system
crashes, identity theft, and financial loss. In some cases, viruses can also be used
to create botnets or launch large-scale cyber-attacks. (Botnets are basically
networks of computers that have been infected with malware and are controlled
by one person, often called a "bot herder" or "botmaster." These infected
computers, also known as "zombies," can be used to carry out big cyber-attacks
like DDoS attacks, spam campaigns, and other bad stuff.
Basically, viruses and other types of malware can infect a bunch of computers and
create a botnet. Once a botnet is set up, the botmaster can control the infected
computers from afar and launch coordinated attacks without the owners even
knowing. This is a major threat to cybersecurity because botnets can cause a lot
of damage to individuals, organizations, and even whole countries.)

Preventive methods
-To protect against computer viruses, it's important to use antivirus software and
keep it up to date. Additionally, users should be cautious when downloading files
or clicking on links from unknown sources, and they should regularly update their
operating system and software to patch any security vulnerabilities. Practicing
safe browsing habits and being mindful of email attachments and links can also
help prevent virus infections.
Rootkit virus
-A rootkit is a harmful software that sneaks into a computer system without
permission and stays hidden. It can be used to conceal other harmful programs,
(For example the use of a rootkit to hide a key logger).
-A key logger is a type of malware that records every keystroke made by a user,
including sensitive information such as usernames, passwords, credit card
numbers, and other personal data, steal important information, or control the
infected system from afar.
-These rootkits are usually made by cybercriminals, hackers, or other people with
bad intentions. They can be used to steal personal data, financial information, or
confidential business secrets.
Rootkit virus can be damage severe causes
- It can result in data theft, financial harm, system instability, and unauthorized
access to sensitive information. Rootkits are also tough to detect and remove,
which makes them a serious threat to computer security.
Does a rootkit serve a purpose?
-Rootkits can be useful in certain situations, such as for diagnostic and
troubleshooting purposes by software developers and cybersecurity
professionals. They allow access to the operating system at a low level to detect
and fix security vulnerabilities or system issues. Law enforcement and intelligence
agencies also use rootkits for surveillance and monitoring with legal authorization
to gather information about criminal activities or national security threats.
However, “rootkit" is commonly associated with malicious software used by
cybercriminals to conceal unauthorized access, malware, or other malicious
activities on a computer system. These rootkits are used to avoid detection and
maintain control over compromised systems for illegal purposes such as data
theft, financial fraud, espionage, and other cybercrimes.