Dropper (malware)
   HOME

TheInfoList



Click Here for Items Related To - Dropper (malware)
OR:
Dropper (malware) on:   [Wikipedia]   [Google]   [Amazon]

A dropper is a
Trojan horse In Greek mythology, the Trojan Horse () was a wooden horse said to have been used by the Greeks during the Trojan War to enter the city of Troy and win the war. The Trojan Horse is not mentioned in Homer, Homer's ''Iliad'', with the poem ending ...
that has been designed to install
malware Malware (a portmanteau of ''malicious software'')Tahir, R. (2018)A study on malware and malware detection techniques . ''International Journal of Education and Management Engineering'', ''8''(2), 20. is any software intentionally designed to caus ...
(such as
viruses A virus is a submicroscopic infectious agent that replicates only inside the living cells of an organism. Viruses infect all life forms, from animals and plants to microorganisms, including bacteria and archaea. Viruses are found in almo ...
and backdoors) onto a computer. The malware within the dropper can be packaged to evade detection by
antivirus software Antivirus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware. Antivirus software was originally developed to detect and remove computer viruses, hence the name ...
. Alternatively, the dropper may
download In computer networks, download means to ''receive'' data from a remote system, typically a server such as a web server, an FTP server, an email server, or other similar systems. This contrasts with uploading, where data is ''sent to'' a remote ...
malware to the target computer once activated. Droppers can be categorized into two types: persistent and non-persistent. Persistent droppers conceal themselves on the device and alter system registry keys. Concealment allows them to reinstall the malware during a reboot, even if previously removed. Non-persistent droppers are considered less dangerous as they remove themselves from the system after executing their payload. Thus, once the malware is removed, it cannot reinstall itself. Trojan horses operate by masquerading as legitimate programs, requiring user interaction to execute. They unpack and load malicious code into the computer's memory, then install malicious software (malware). Precautions can be taken to prevent infection from malware droppers. For example, not opening links from unknown sources and only downloading software from known verified distributors, such as the
Microsoft Store The Microsoft Store (formerly known as the Windows Store) is a digital distribution platform operated by Microsoft. It was created as an app store for Windows 8 as the primary means of distributing Universal Windows Platform apps. With ...
or the
Apple App Store The App Store is an app marketplace developed and maintained by Apple, for mobile apps on its iOS and iPadOS operating systems. The store allows users to browse and download approved apps developed within Apple's iOS SDK. Apps can be download ...
. Also, a firewall can block traffic from unverified sources. Droppers can also target mobile devices. For instance, a user might download an application via a text message link, which leads to the device being infected with malware. An example of a Trojan dropper created for mobile devices is the Sharkbot dropper. It facilitates unauthorized financial transactions by exploiting the Automatic Transfer Service (ATS), allowing attackers to siphon funds from mobile banking applications. This type of malware typically enters devices through
sideloading Sideloading describes the process of transferring files between two local devices, in particular between a personal computer and a mobile device such as a mobile phone, smartphone, PDA, tablet, portable media player or e-reader. Sideloading ty ...
, bypassing official app stores.


See also

*
Drive-by download In computer security, a drive-by download is the unintended download of software, typically Malware, malicious software. The term "drive-by download" usually refers to a download which was authorized by a user without understanding what is being ...


References

{{Reflist Types of malware