Glossary

Macro virus

A macro virus is a virus written in the macro programming language of some office application - e.g., Microsoft Word, Microsoft Excel, Microsoft PowerPoint, Microsoft Access, Microsoft Visio and so on. Although most of the existing macro viruses (and other macro malware) are written for the Microsoft office applications, the reason for this is only the huge popularity of the latter. Macro viruses exist for practically every application that supports a macro programming language - e.g., OpenOffice, AutoCAD and so on.

Malware, Malicious Software

Malware is an abbreviation for "malicious software". It is the common term for all forms of software that are intentionally designed by their creator to inflict some form of damage to their user. The term "damage" is used in a very broad meaning; it can be anything the user does not approve of. It can range from simple replication (viruses), to collecting personal information (spyware), to stealing login credentials (password stealers), to displaying unwanted advertisements (adware), to simple destruction of the user's data (Trojan horses).

Mass-Mailer

A mass-mailer is a virus spreading by e-mail, usually as an attachment to an e-mail message. The attachment is executable in one form or another - e.g., either a directly executable file or a document containing macros, or a script. The e-mail message body and/or subject usually contains information designed to entice the user into opening/executing the malicious attachment. Upon execution, the virus examines the address book(s) of the computer it is running on and sends itself in e-mails to all the contacts listed there. In the past, such viruses used to be rather prevalent. However, contemporary versions of the popular e-mail clients (e.g., Microsoft Outlook) make it difficult for a program to automatically send e-mails via them (e.g., they display some kind of warning that requires manual user response) and the e-mail gateways routinely filter out e-mails with executable attachments.

Password

A password is usually a short string of characters, which is supposed to be known only to the legitimate user of a system and is used to authenticate this user to the system, in order to grand him/her access. Different systems impose different constraints on how passwords can be constructed - i.e., minimum and maximum length, set of characters permitted for use and so on. More advanced systems allow the user of passphrases - very long strings characters, grouped into usually meaningful words or even sentences. High-security systems employ various additional means for authentication, such as biometrics, smart cards and so on.

Rootkit

A "rootkit" is a program (or a set of programs) used by the attacker who has managed to gain unauthorized privileged access to a computer to make sure that in the future he will be able to gain such access easily and reliably and also to cover up the traces of the breach. The word comes from the name of the privileged user of the Unix-like operating systems - "root". When an attacker gets a root-level access to a computer (usually by using some kind of exploit), they want to modify the computing environment in such a way that in the future they will be able to get such access easily and that their activities will remain unnoticed. The former can be achieved by replacing the system program for granting access (the login program in Unix) with a customized version that will grant privileged access to the attacker when a special user name or password are entered. The latter (covering up the traces of the attacker) can be achieved by modifying the system logs and deleting from them all records that could be used as evidence for the breach, by modifying the programs that display the existing files or the currently running processes, in order to "hide" any additional programs and processes added by the attacker and so on.