Malware, Types of Malware, Symptoms of Malware
Malware, Types of Malware, Symptoms of Malware
Malware, Types of Malware and Symptoms of Malware
Another name for Malicious Software is called malware. Malware is any malicious code that can be used to steal data, bypass access controls, or cause harm to a system, or compromise a system.
Types of malware
This type of malware is specifically design to track and spy on the activities of the user data. Spyware often includes activity trackers, keystroke collection, and data capture.
In an attempt to overcome security measures, spyware often modifies security settings by bundling itself with legitimate software or with Trojan horses.
This type of malware is advertising supported software, that is designed to automatically deliver advertisements.
Adware is often installed with some versions of software. Some adware is designed to only deliver advertisements but it is also common for adware to come with spyware.
This is from the word robot, a bot is malware that is specifically designed to automatically perform action, usually online.
While most bots are harmless, one increasing use of malicious bots are botnets. Several computers are infected with bots which are programmed to quietly wait for commands provided by the attacker.
This type of malware is designed to hold a computer system or the data it contains captive until a payment is made. Ransomware usually works by encrypting data in the computer with a key unknown to the user.
Some other versions of ransomware can take advantage of specific system vulnerabilities to lock down the system. Ransomware spread by a downloading file or some software vulnerability.
This is a type of malware designed to persuade the user to take a specific action based on fear. Scareware forges pop-up windows that resemble operating system dialogue windows.
These windows convey forged messages stating the system is at risk or needs the execution of a specific program to return to normal operation.
In reality, no problems were assessed or detected and if the user agrees and clears the mentioned program to execute, his or her system will be infected with malware.
This malware is designed to modify the operating system to create a backdoor for attacker. Attackers then use the backdoor to access the computer remotely.
Most rootkits take advantage of software vulnerabilities to perform privilege escalation and modify system files.
It is also common for rootkits to modify system forensics and monitoring tools, making them very hard to detect. Often, a computer infected by a rootkit must be wiped and reinstalled.
A virus is malicious executable code that is attached to other executable files, often legitimate programs. Most viruses require end-user activation and can activate at a specific time or date.
Viruses can be harmless and simply display a picture or they can be destructive, such as those that modify or delete data. Viruses can also be programmed to mutate to avoid detection.
Most viruses are now spread by USB drives, optical disks, network shares, or email.
. Trojan horse
A Trojan horse is malware that carries out malicious operations under the guise of a desired operation. This malicious code exploits the privileges of the user that runs it.
Often, Trojans are found in image files, audio files or games. A Trojan horse differs from a virus because it binds itself to non-executable files.
Worms are malicious code that replicate themselves by independently exploiting vulnerabilities in networks. Worms usually slow down networks.
Whereas a virus requires a host program to run, worms can run by themselves. Other than the initial infection, they no longer require user participation.
After a host is infected, the worm is able to spread very quickly over the network. Worms share similar patterns.
They all have an enabling vulnerability, a way to propagate themselves, and they all contain a payload. Worms are responsible for some of the most devastating attacks on the Internet.
. Man-In-The-Middle (MitM)
MitM allows the attacker to take control over a device without the user’s knowledge. With that level of access, the attacker can intercept and capture user information before relaying it to its intended destination.
MitM attacks are widely used to steal financial information. Many malware and techniques exist to provide attackers with MitM capabilities.
. Man-In-The-Mobile (MitMo)
A variation of man-in-middle, MitMo is a type of attack used to take control over a mobile device.
When infected, the mobile device can be instructed to exfiltrate user -sensitive information and send it to the attackers.
ZeuS, an example of an exploit with MitMo capabilities, allows attackers quietly to capture 2-step verification SMS messages sent to users.
Symptoms of Malware
Regardless of the type of malware a system has been infected with, these are common malware symptoms:
- There is an increase in CPU usage.
- There is a decrease in computer speed.
- The computer freezes or crashes often.
- There is a decrease in Web browsing speed.
- There are unexplainable problems with network connections.
- Files are modified.
- Files are deleted.
- There is a presence of unknown files, programs, or desktop icons.
- There are unknown processes running.
- Programs are turning off or reconfiguring themselves.
- Email is being sent without the user’s knowledge or consent.
Security is great concern for all. We really have to watch out for malware, security breaches can really be devastating because most times we are hacked and we don’t even know.