HOME

TheInfoList



Click Here for Items Related To - Dropper (malware)
OR:
Dropper (malware) on:   [Wikipedia]   [Google]   [Amazon]

A dropper is a kind of
Trojan Trojan or Trojans may refer to: * Of or from the ancient city of Troy * Trojan language, the language of the historical Trojans Arts and entertainment Music * ''Les Troyens'' ('The Trojans'), an opera by Berlioz, premiered part 1863, part 1890 ...
that has been designed to "install"
 malware Malware (a portmanteau for ''malicious software'')Tahir, R. (2018)A study on malware and malware detection techniques . ''International Journal of Education and Management Engineering'', ''8''(2), 20. is any software intentionally designed to cau ...
(
virus A virus is a submicroscopic infectious agent that replicates only inside the living cells of an organism. Viruses infect all life forms, from animals and plants to microorganisms, including bacteria and archaea. Since Dmitri Ivanovsky's 1 ...
,
backdoor A back door is a door in the rear of a building. Back door may also refer to: Arts and media * Back Door (jazz trio), a British group * Porta dos Fundos (literally “Back Door” in Portuguese) Brazilian comedy YouTube channel. * Works so title ...
, etc.) to a computer. The malware code can be contained within the dropper in such a way as to avoid detection by virus scanners; or the dropper may
download In computer networks, download means to ''receive'' data from a remote system, typically a server such as a web server, an FTP server, an email server, or other similar system. This contrasts with uploading, where data is ''sent to'' a remote s ...
the malware to the targeted computer once activated. There are two types of droppers. The first is known as a persistent dropper. It is very dangerous because upon running the malware it hides itself on the device. It then modifies the system registry keys. Even if the malware is removed the hidden file will execute upon rebooting the system. This allows it to reinstall the malware even if it was previously removed. The second type is known as a non-persistent dropper. It is less dangerous because upon executing its payload it removes itself from the system. This way, when the malware is removed it will not be able to reinstall itself. A Trojan works by disguising itself into another program. It then requires the user to click on it to be executed. It unpacks code and then loads the payload into memory. It then installs the malicious software (malware). In order to prevent malware droppers from infecting a computer, precautions can be taken. For example, not opening links from unknown sources, and downloading software only from known verified distributors, such as the
Microsoft Store Microsoft Store (formerly known as Windows Store) is a digital distribution platform operated by Microsoft. It started as an app store for Windows 8 and Windows Server 2012 as the primary means of distributing Universal Windows Platform apps ...
and the
Apple App Store The App Store is an app store platform, developed and maintained by Apple Inc., for mobile apps on its iOS and iPadOS operating systems. The store allows users to browse and download approved apps developed within Apple's iOS Software Deve ...
. Also a firewall can be used to allow only incoming traffic from verified sources. Droppers can also work on mobile devices. For instance, if a user downloads an application from a link in a text message, upon the installation of the application the dropper infects the device with malware. An example of a Trojan dropper created for mobile devices is the Sharkbot dropper. It is a financial Trojan that takes user's funds by exploiting an Automatic Transfer Service (ATS). This can automatically complete financial transaction fields with almost no user help. This allows an attacker to quickly transfer funds out of a user's mobile banking applications. This type of malware is not found in app stores. Instead, it has to be installed through a process called
sideloading Sideloading describes the process of transferring files between two local devices, in particular between a personal computer and a mobile device such as a mobile phone, smartphone, PDA, tablet, portable media player or e-reader. Sideloading ...
.


See also

*
Drive-by download Drive-by download is of two types, each concerning the unintended download of computer software from the Internet: # Authorized drive-by downloads are downloads which a person has authorized but without understanding the consequences (e.g. down ...


References

{{Reflist Types of malware