Worm Components
Common Worm Pattern
Most worm attacks consist of three components, as listed in the animation above.
- Enabling vulnerability – A worm installs itself using an exploit mechanism, such as an email attachment, an executable file, or a Trojan horse, on a vulnerable system.
- Propagation mechanism – After gaining access to a device, the worm replicates itself and locates new targets.
- Payload – Any malicious code that results in some action is a payload. Most often this is used to create a backdoor that allows a threat actor access to the infected host or to create a DoS attack.
Worms are self-contained programs that attack a system to exploit a known vulnerability. Upon successful exploitation, the worm copies itself from the attacking host to the newly exploited system and the cycle begins again. Their propagation mechanisms are commonly deployed in a way that is difficult to detect.
Code Red Worm Propagation
Ransomware