ransomeware:
Ransomware is malware for data kidnapping, an exploit in which the attacker encrypts the victim's data and demands payment for the decryption key. 
Ransomware spreads through e-mail attachments, infected programs and compromised websites. A ransomware malware program may also be called a cryptovirus, cryptotrojan or cryptoworm.
Attackers may use one of several different approaches to extort money from their victims:
    After a victim discovers he cannot open a file, he receives an email ransom note demanding a relatively small amount of money in exchange for a private key. The attacker warns that if the ransom is not paid by a certain date, the private key will be destroyed and the data will be lost forever.
    The victim is duped into believing he is the subject of an police inquiry. After being informed that unlicensed software or illegal web content has been found on his computer, the victim is given instructions for how to pay an electronic fine.
    The malware surreptitiously encrypts the victim's data but does nothing else. In this approach, the data kidnapper anticipates that the victim will look on the Internet for how to fix the problem and makes money by selling anti-ransomware software on legitimate websites.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


spyware:
Spyware is software that is installed on a computing device without the end user's knowledge. Such software is controversial because even though it is sometimes installed for relatively innocuous reasons, it can violate the end user's privacy and has the potential to be abused.
Spyware that is installed for innocuous reasons is sometimes referred to as tracking software. In the workplace, such software may be installed on corporate laptops to monitor employees' browsing activities. In the home, parents might install a keystroke logger to monitor their 
children's activity on the internet. Or an advertiser might use cookies to track what webpages a user visits in order to target advertising in a contextual marketing campaign. If the end user is told that data is being collected and has the ability to learn with whom the data is
being shared, such data collection programs are not considered spyware.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


malware:
Malware, or malicious software, is any program or file that is harmful to a computer user. Malware includes computer viruses, worms, Trojan horses and spyware. These malicious programs can perform a variety of functions, including stealing, encrypting or deleting sensitive data,
altering or hijacking core computing functions and monitoring users' computer activity without their permission.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Adware:
Adware is a form of software that downloads or displays unwanted ads when a user is online, collects marketing data and other information without the user's knowledge or redirects search requests to certain advertising websites. Adware that does not notify the user and attains his or her consent is regarded as malicious.
Adware is the name given to programs that are designed to display advertisements on your computer, redirect your search requests to advertising websites, and collect marketing-type data about you – for example, the types of websites that you visit – so that customized adverts can be displayed. 
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Root kits:
A rootkit is a type of software designed to hide the fact that an operating system has been compromised, sometimes by replacing vital executables. Rootkits allow viruses and malware to “hide in plain sight” by disguising as necessary files that your antivirus software will overlook.
Rootkits themselves are not harmful; they are simply used to hide malware, bots and worms. Rootkits get their name from the Unix term for the primary administrator account called “root” and “kits,” which refer to the software pieces that implement the tool. To install a rootkit, an attacker must
first gain access to the root account by using an exploit or obtaining the password by cracking it or social engineering. Rootkits were originally used in the early 1990’s and targeted UNIX operating systems. Today, rootkits are available for many other operating systems, including Windows. 
Because rootkits are activated before your operating system even boots up, they are very difficult to detect and therefore provide a powerful way for attackers to access and use the targeted computer without the owner’s notice. Due to the way rootkits are used and installed, they are notoriously 
difficult to remove. Rootkits today usually are not used to gain elevated access, but instead are used to mask malware payloads more effectively.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Bots and Botnets:
A "bot" is a type of malware that allows an attacker to take control over an affected computer. Also known as “Web robots”, bots are usually part of a network of infected machines, known as a “botnet”, which is typically made up of victim machines that stretch across the globe
Since a bot infected computer does the bidding of its master, many people refer to these victim machines as “zombies.” The cybercriminals that control these bots are called botherders or botmasters.Some botnets might have a few hundred or a couple thousand computers, but others
have tens and even hundreds of thousands of zombies at their disposal. Many of these computers are infected without their owners' knowledge. Some possible warning signs? A bot might cause your computer to slow down, display mysterious messages, or even crash.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Trozans:Trojan horse is a program that appears harmless, but is, in fact, malicious.
In computing, a Trojan horse is a program that appears harmless, but is, in fact, malicious. The term comes from Greek mythology about the Trojan War. According to legend, the Greeks built a large wooden horse that the people of Troy pulled into the city. During the night, soldiers who 
had been hiding inside the horse emerged, opened the city's gates to let their fellow soldiers in and then overran the city.Attackers have long used Trojan horses as a way to trick end users into installing malware. Typically, the malicious programming is hidden within an innocent-looking
email attachment or free program, such as a game. When the user downloads the Trojan horse, the malware that is hidden inside is also downloaded. Once inside the computing device, the malicious code can execute whatever task the attacker designed it to carry out.
A Trojan horse containing malware may also be referred to as simply a Trojan or a Trojan horse virus.Unlike a true virus, however, malware in a Trojan horse does not replicate itself, nor can it propagate without the end user's assistance. Because the user is often unaware
that he has installed a Trojan horse, the computing device's security depends upon its antimalware software recognizing the malicious code, isolating it and removing it.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


BackDoors:
A backdoor is a technique in which a system security mechanism is bypassed undetectably to access a computer or its data. The backdoor access method is sometimes written by the programmer who develops a program.A backdoor is also known as a trapdoor.
A network administrator (NA) may intentionally create or install a backdoor program for troubleshooting or other official use. Hackers use backdoors to install malicious software (malware) files or programs, modify code or detect files and gain system and/or data access.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 


Virus:
A computer virus is malicious code that replicates by copying itself to another program, computer boot sector or document and changes how a computer works. The virus requires someone to knowingly or unknowingly spread the infection without the knowledge or permission 
of a user or system administrator. In contrast, a computer worm is stand-alone programming that does not need to copy itself to a host program or require human interaction to spread. Viruses and worms may also be referred to as malware.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Worms:
A computer worm is a self-replicating computer program that penetrates an operating system with the intent of spreading malicious code. Worms utilize networks to send copies of the original code to other computers, causing harm by consuming bandwidth or possibly deleting files
or sending documents via email. Worms can also install backdoors on computers.Worms are often confused with computer viruses; the difference lies in how they spread. Computer worms self-replicate and spread across networks, exploiting vulnerabilities, automatically; that is, 
they don’t need a cybercriminal’s guidance, nor do they need to latch onto another computer program. As such, computer worms pose a significant threat due to the sheer potential of damage they might cause. A particularly notorious incident occurred in 1988. A computer worm 
since named the Morris worm caused hundreds of thousands, if not millions, of dollars in damage, and its creator was convicted under the Computer Fraud and Abuse Act.
Common modes of connected transport for computer worms include attachments, file sharing networks and links to infected websites. Since worms exploit vulnerabilities, it’s vital to stay on top of security updates and patches. Security software is highly recommended for all computers, as is the additional precaution of a firewall.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Zombies:
zombie is a computer connected to the Internet that has been compromised by a hacker, computer virus or trojan horse program and can be used to perform malicious tasks of one sort or another under remote direction. Botnets of zombie computers are often used to spread e-mail
 spam and launch denial-of-service attacks (DOS attacks). Most owners of "zombie" computers are unaware that their system is being used in this way. Because the owner tends to be unaware, these computers are metaphorically compared to fictional zombies. A coordinated DDoS attack by multiple botnet machines also resembles a 
 "zombie horde attack", as depicted in fictional zombie films.
 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Keyloggers:
A keylogger, sometimes called a keystroke logger, key logger, or system monitor, is a hardware device or small program that monitors each keystroke a user types on a specific computer's keyboard. As a hardware device, a keylogger is a small battery-sized plug that serves as a connector between the user's keyboard and
computer. Because the device resembles an ordinary keyboard plug, it is relatively easy for someone who wants to monitor a user's behavior to physically hide such a device "in plain sight." (It also helps that most workstation keyboards plug into the back of the computer.) As the user types, the device collects each 
keystroke and saves it as text in its own miniature hard drive. At a later point in time, the person who installed the keylogger must return and physically remove the device in order to access the information the device has gathered.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

RAT's:
The RAT acronym stands for Remote Administration Tool. A RAT is a software, popularly used to control other computers remotely.
To hack a computer remotely using a RAT, you have to create a server and then send this server to the victim whose computer you’re trying to hack. Generally, this server is binded to any file, like a picture or song, so that whenever the victim opens the file on his computer, our server is installed. This server opens
a port on the victim’s computer, allowing you to remotely hack the device via the open port.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Polymorphic Viruses:
A polymorphic virus is a complicated computer virus that affects data types and functions. It is a self-encrypted virus designed to avoid detection by a scanner. Upon infection, the polymorphic virus duplicates itself by creating usable, albeit slightly modified, copies of itself.
Polymorphism, in computing terms, means that a single definition can be used with varying amounts of data. In order for scanners to detect this type of virus, brute-force programs must be written to combat and detect the polymorphic virus with novel variant configurations.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Stealth Viruses:
In computer security, a stealth virus is a computer virus that uses various mechanisms to avoid detection by antivirus software. Generally, stealth describes any approach to doing something while avoiding notice. Viruses that escape notice without being specifically designed to
do so -- whether because the virus is new, or because the user hasn't updated their antivirus software -- are sometimes described as stealth viruses too. Stealth viruses are nothing new: the first known virus for PCs, Brain (reportedly created by software developers as an anti-
piracy measure), was a stealth virus that infected the boot sector in storage. 
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Fast and Slow Infectors:
Fast and Slow viruses infect a computer in a particular way to try to avoid being detected by anti-virus software. A fast infector infects any file accessed, not just run. A slow infector only infects files as they are being created or modified
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Sparse Infectors:
A sparse infector viruses use conditions before infecting files. Examples include files infected only on the 10th execution or files that have a maximum size of 128kb. These viruses use the conditions to infect less often and therefore avoid detection.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Armored Viruses:
A type of virus that has been designed to thwart attempts by analysts from examining its code by using various methods to make tracing, disassembling and reverse engineering more difficult. An Armored Virus may also protect itself from antivirus programs, making it more difficult to trace. To do this, the 
Armored Virus attempts to trick the antivirus program into believing its location is somewhere other than where it really is on the system.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Multipartite Viruses:
A multipartite virus is a computer virus that infects and spreads in multiple ways. The term was coined to describe the first viruses that included DOS executable files and PC BIOS boot sector virus code, where both parts are viral themselves. Prior to the discovery of the first of these, viruses were categorized 
as either file infectors or boot infectors. Because of the multiple vectors for the spread of infection, these viruses could spread faster than a boot or file infector alone. [1] [2]
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Spacefiller (Cavity) Viruses:
A spacefiller (cavity) virus, on the other hand, attempts to be clever. Some program files, for a variety of reasons, have empty space inside of them. This empty space can be used to house virus code. A spacefiller virus attempts to install itself in this empty space while not damaging the actual program itself. An 
advantage of this is that the virus then does not increase the length of the program and can avoid the need for some stealth techniques. The Lehigh virus was an early example of a spacefiller virus.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Tunneling Viruses:
A tunelling virus is a virus that attempts to intercept anti-virus software before it can detect malicious code. A tunneling virus launches itself under anti-virus programs and then works by going to the operating system’s interruption handlers and intercepting them, thus avoiding detection. Interception programs, 
which remain in the background of an operating system and catch viruses, become disabled during the course of a tunneling virus. Some anti-virus programs do find the malicious code attached to tunnel viruses, but they often end up being reinstalled under the tunneling virus. To combat this, some anti-virus programs
use their own tunneling techniques, which uncover hidden viruses located within computer memories.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Camouflage Viruses:
Camouflage viruses are viruses that are capable of infecting a computer by reporting it as a  harmless application to the antivirus software installed in that computer. In the less sophisticated antivirus softwares, the scanning is performed by checking the files for the virus signatures. In such cases, there is 
a possibility of non-infected files have codes similar to that of the virus codes (a statistical probability) will be notified to the user as virus infected files - a false alarm.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Metamorphic Viruses:
A metamorphic virus is one that can transform based on the ability to translate, edit and rewrite its own code. It is considered the most infectious computer virus, and it can do serious damage to a system if it isn't detected quickly. Antivirus scanners have a difficult time detecting this type of virus because
it can change its internal structure, rewriting and reprogramming itself each time it infects a computing system. This is different from a polymorphic virus, which encrypts its original code to keep from being detected. Because of their complexity, creating metamorphic viruses requires extensive programming knowledge.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

NTFS ADS Viruses:
The NT File System allows alternate data streams to exist attached to files but invisible to some file-handling utilities. A virus can exploit such a system. The NT File System (NTFS) contains within it a system called Alternate Data Streams (ADS).
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Buffer Overflow:
A buffer overflow condition exists when a program attempts to put more data in a buffer than it can hold or when a program attempts to put data in a memory area past a buffer. In this case, a buffer is a sequential section of memory allocated to contain anything from a character string to an array of integers.
Writing outside the bounds of a block of allocated memory can corrupt data, crash the program, or cause the execution of malicious code. 
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Social Engineering:
Social engineering is an attack vector that relies heavily on human interaction and often involves tricking people into breaking normal security procedures.
A social engineer runs what used to be called a "con game." Techniques such as appeal to vanity, appeal to authority and appeal to greed are often used in 
social engineering attacks. Many social engineering exploits simply rely on people's willingness to be helpful. 

Peer-to-Peer Network:

Trusted Software or Site
Resident Viruses:
Resident viruses are the other primary type of file infectors. Unlike direct action viruses, they install themselves on a computer. It allows them to work even when the original source of the infection has been eradicated. As such, experts consider them to be more dangerous than their direct action cousin.
Depending on the programming of the virus, they can be tricky to spot and even trickier to remove. You can split resident viruses into two areas; fast infectors and slow infectors. Fast infectors cause as much damage as quickly as possible and are thus easier to spot; slow infectors are harder to recognize because their symptoms develop slowly.

Multipartite Viruses:
A virus of this type may spread in multiple ways, and it may take different actions on an infected computer depending on variables, such as the operating system installed or the existence of certain files.
They can simultaneously infect both the boot sector and executable files, allowing them to act quickly and spread rapidly.
The two-pronged attack makes them tough to remove. Even if you clean a machine’s program files, if the virus remains in the boot sector, it will immediately reproduce once you turn on the computer again.

Direct Action Viruses:
A direct action virus is one of the two main types of file infector viruses (the other being a resident virus). The virus is considered “non-resident”; it doesn’t install itself or remain hidden in your computer’s memory.
It works by attaching itself to a particular type of file (typically EXE or COM files). When someone executes the file, it springs into life, looking for other similar files in the directory for it to spread to.
On a positive note, the virus does not typically delete files nor hinder your system’s performance. Aside from some files becoming inaccessible, it has a minimal impact on a user and can be easily removed with an anti-virus program.

Overwrite Viruses:
To an end-user, an overwrite virus is one of the most frustrating, even if it’s not particularly dangerous for your system as a whole.
That’s because it will delete the contents of any file which it infects; the only way to remove the virus is to delete the file, and consequently, lose its contents. It can infect both standalone files and entire pieces of software.
Overwrite viruses typically have low visibility and are spread via email, making them hard to identify for an average PC user. They enjoyed a heyday in the early 2000s with Windows 2000 and Windows NT, but you can still find them in the wild.

Boot Virus:
Macro Virus
Directory Virus
Polymorphic Virus
File Infectors
Encrypted Viruses
Companion Viruses
Network Virus
Nonresident Viruses
Stealth Viruses
Sparse Infectors:
Also known as “Cavity Viruses”, spacefiller viruses are more intelligent than most of their counterparts. A typical modus operandi for a virus is to simply attach itself to a file, but spacefillers try to get into the empty space which can sometimes be found within the file itself.
Spacefiller (Cavity) Viruses
FAT Virus
Logic Bombs

Scareware:
Scareware is something that plant into your system and immediately inform you that you have hundreds of infections which you don’t have. The idea here 
is to trick you into purchasing a bogus anti-malware where it claims to remove those threats. It is all about cheating your money but the approach is a little different here because it scares you so that you will buy.

Wabbits:
Is another a self-replicating threat but it does not work like a Virus or Worms. It does not harm your system like a Virus and it does not replicate via your LAN network like a Worms. An example of Wabbit’s attack
is the fork bomb, a form of DDoS attack.
Search Poisoning