Attacks where the end device has to do nothing but be on exist for all of them, iOS, Windows, Linux, etc ALL OF THEM.
Think about it like this. The virus is doing the equivalent of getting a person who watched house a couple times to perform brain and heart surgery at once by giving them phone instructions.
However the virus is from the Scottish Highlands, and the number they call can be picked up by someone from China, Istanbul, the Ozarks etc.
So assume basic things (drawing a website, playing a sound) are like HELLO, THANK YOU, GOOD BYE.
Even if it’s not perfect, literally everyone on earth understands those words.
Unless the virus finds a user or computer from that same village in Scotland (operating system version, patch level, installed software) it’s not going to work at all, or be ineffective. (Which has happened a lot, where badly coded viruses failed)
Usually large scale break ins involve some kinda of reconnaissance ( what kind of computers, what models, what operating systems etc) so that the virus can be trained up on the “languages”, needed to get them to work properly
Things you get when you visit websites tend to be targeted to the largest install base the attacker wants. So you aren’t really going to find a whole bunch of exploits for different kinds of computers on a hacked page because the juice isn’t worth the squeeze.
Mobile stuff tends to be more information gathering (don’t let the person know you’re there)
Computer stuff is usually, steal and leave, or destroy and extort.
Etc etc
Latest Answers