Discuss worms, trojans and viruses, and the vulnerabilities that

Zeus, which was first detected in 2007 and has become one of the most damaging pieces of botnet

software in the world. Zeus originally stole passwords via Internet Explorer’s Password Store and if it

detected that the user was visiting a banking website, it would use keylogging techniques to discover

usernames and passwords. Zeus has hit computers at the Bank of America, NASA, and Amazon.

Because the Zeus uses malware to obtain sensitive information, it can also be classed as Spyware.

How many computers had Zeus infected by 2009?

Melissa (1999) was an early example of computer malware that succeeded in mass infection. Melissa

was distributed as an email attachment, which once downloaded and opened, disabled a number of

safeguards in Microsoft Word. Melissa then used a macro to send email messages, using the user's

email application to forward the attachment onto the first 50 contacts in their address book. Melissa

reportedly caused $80 million of damage and overloaded the email servers of more than 300

organisations.

How many workplace computers were infected by Melissa?

Mydoom was launched in 2004 and became the fastest-spreading computer malware of its time. It

was transmitted via email and infected hosts, causing them to carry out a distributed denial-of-

service (DDoS) attack against several tech companies. It is estimated that Mydoom infected between

12 and 25% of emails in 2004 and caused approximately $38 billion worth of damage.

What type of malware is Mydoom?

Heartbleed exploited a legitimate 'heartbeat' message sent by one computer to ensure that the

computer at the other end of a secure connection was still there. The 'heartbeat' is a short message

that is sent to the server, along with the number of characters in that message, and the server is

supposed to repeat the message back to confirm that it is still connected. However, in this case, the

code did not check the length of the message properly, and instead, relied on the number specified,

so attackers could request around 64,000 characters from the server's RAM, potentially including

sensitive information.

Which layer of the TCP/IP stack did the Heartbleed bug affect.