Can malware infect/corrupt any file/folder/partition on a hard drive?

Discussion in 'other security issues & news' started by Devinco, Jul 7, 2004.

Thread Status:
Not open for further replies.
  1. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Hi Everyone,

    I've always made the assumption (especially after reading Wilder's for a while) that any file/folder/partition on a hard drive is vulnerable to malware attack. I assumed that if the malware could not infect or inject itself into the file or partition, that it would corrupt it in some way. Whether it is a normal file, encrypted, a Norton Ghost Image, Go Back Image, Acronis True Image, password protected or not, a regular partition, or some type of hidden partition, if it is on the Hard Drive, it could be at least corrupted by malware.

    Is this assumption right? Or are there some specific file types or partitions that are invulnerable to all malware? I suppose a malware could just delete all the partitions on a hard drive. But, it is the infection/corruption of files that I wonder about.
     
  2. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    I depends on the kind of malware. Infecting of files will be done by virusses and worms that run from the computer memory. Most of the current e-mail worms don't infect files, but they infect computer processes, by hijacking real programs, and thereby misusing your resources.
    Virusses that infect files are on the lookout for files that themselves my be used as a vehicle for transportation to other systems, like documents, executables and so on. The purpose of those is reproduction and spreading. Only a minor percentage of the virusses is real destructive (current LovGate may be one of the bad kind).
    Infecting other types of files will not be a task of virussen. They tend to corrupt those (if they do attack the filesystem, you better have a backup for your precious files).

    The purpose of malware like trojan horses, spyware and adware is not infecting files or even directories and partitions, they only try to infect systems for using the resources of those systems. In most cases they will not try to corrupt anything, their goal is to stay on a system unnoticed.
     
  3. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    No. Some are more secure than others, but none could claim such a title because you can only test malware you know of. It cannot be determined that some unknown threat won't be able to do so. Unprovable by nature.

    Also, if the file system is mounted by a malicious OS instead of the one it is supposed to be mounted by, the built in security is moot. Encrypted data is still encrypted (which can stand or fall on its own but that is another question), but no file system permissions would be working.

    That is why any decent admin can take over most PCs in under 5 minutes if he can insert a floppy/CD and reboot (linux probably the easiest). Physical security is not much of an issue for most normal users since if a person broke into a house, the occupants would be more worried about family safety than a PC.

    Just think, even in the 24th century the Star trek computers got taken over by every willy-nilly alien they came along. I wonder if they use Microsoft?
     
  4. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    meneer,

    Thank you for explaining the subtle and important differences between viruses, worms, and trojans. It brings into clearer focus how they go about their ill deeds and what they can do. Best to keep them out :)
     
  5. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    UNICRON,

    Excellent points, Thank You.
    If one person can make it, another can break it.
    I just didn't want to have this false sense of security thinking that current malware doesn't directly target Ghost images.
    Not too worried about physical security, got that covered.

    P.S. I thought I saw a M$ logo on a terminal in one of the episodes....So that's why all the problems! ;)
     
Loading...
Thread Status:
Not open for further replies.