You may be wondering ‘why such a negative title?’ because reading all those words together is like reading a list of diseases or naming all the horsemen of the apocalypse. Every type of malware is just as horrible as the one before it.
The Internet is not a safe space anymore. But, let’s be honest, we won’t stop using it because our lives are evolving around it and everything is connected to it, from communications to your job, and health services to banking, etc. What we can do is learn what threats are there and how to navigate the Internet as safely as possible.
What is malware?
Malware is any type of software program developed to exploit or harm computer systems or devices. Unfortunately, there are many types of malware: viruses, ransomware, spyware, rootkits, keyloggers, and many more malicious software. Let’s check them out!
Types of malware explained
Computer Worms
Computer Worms are a type of malware that can replicate itself and spread from one computer to another without the need of human actions. They don’t need to attach themselves to a program to harm.
Worms have different ways to propagate; they can be attached to email messages (learn what phishing is), so when you open the malicious email, the worm gets installed on your computer. Worms also can be downloaded from malicious websites or file-sharing networks, and they can be spread via network shares. Worms can be stored on USB drives so when users plug in these infected USB drives into their computers, the malware gets installed. Worms can take control of a computer system, damage files, or steal data.
Trojan Horses
The trickster of the malware world; Trojan Horses mean an extra challenge because they disguise themselves as legitimate files or programs. Trojan Horses are frequently spread via file downloads, email attachments or social media. They can also be installed on users’ computers using physical means like USB drives. Once you open a file or run a program contained in the USB, the Trojan Horse gets installed. They can have different malicious objectives: damaging files or programs, stealing personal information, taking control of the computer, and spreading to other devices on the network.
Computer viruses
Computer viruses are a type of malware that can replicate itself and spread from one computer to another. Viruses are frequently attached to different online content, emails, or file downloads. When you open an infected file, viruses can be installed on your computer. Once installed, viruses can accomplish a variety of malicious purposes like stealing data, deleting files, or sending spam emails.
There are many types of computer viruses. Let’s explore some:
· Macro viruses. These viruses infect files containing macros by adding malicious code to them. Macros are small programs that can be run within a program, for instance, the popular Microsoft Excel. Macros can be associated with spreadsheets, documents, and other data files.
· File viruses. These are viruses that infect executable files. When you run the infected file, the virus will be loaded into the memory and executed.
· Boot sector viruses. These viruses infect the drive’s sector where startup files (operating system, OS) are located. Therefore, the virus will be loaded into the memory every time the computer gets started. Boot sector viruses are hard to remove, and they can seriously damage computer systems.
· Viruses’ carriers. These types of viruses rely on the users’ actions to propagate because they can’t automatically spread to another computer. So, the viruses are attached to files and get spread when users transfer those infected files.
By the way, if you are using a Mac, you can still catch some Mac viruses.
Ransomware is commonly distributed through compromised websites, malicious attachments, or phishing emails. Once the malware infects a system it encrypts the victim’s files making them inaccessible, then a ransom note will demand payment in exchange for the decryption key that will allow to regain access to the files or system. The ransom demand usually comes with threats like the files will be permanently deleted or the system will remain inaccessible. To pay is never a guarantee of recovering access to your files or system. Learn about ransomware history here.
Rootkit is malware that involves a set of software tools programmed to gain unauthorized access to a computer system, without being detected. The term rootkit comes from the fact that the software is installed at the root level of the system, which provides it with complete control over the system. Rootkit can be installed by exploiting software vulnerabilities, being bundled with other software downloads, or using social engineering tactics.
Rootkits can be very difficult to detect and remove because they are designed to hide from the OS and other security software which allows them to bypass security measures and remain undetected. Some rootkits can directly modify the OS. They are very dangerous and can cause network intrusions, data theft, or system crashes. All types of malware are nightmarish, but rootkits can badly harm your system.
Spyware is malware that spies on your online activities or steal data from your computer. It is highly worrying that spyware can be installed on your computer without your knowledge or consent. It can get installed on your computer by simply clicking on a malicious link attached to an email or website, opening an email attachment from an unknown sender, downloading a file, or installing software from an unknown source, etc. Spyware can track your online activity (the websites you visit, emails you send, and files you download) and steal your sensitive data. A bit like the HTTP cookies.
RAM Scrapers or Memory Scrapers
These are a type of malware used to infect systems and devices to scan and collect all the data temporarily stored in their RAM. Common targets are POS (point-of-sale) systems, for instance, cash registers or terminals, because they get and store unencrypted bank card numbers and PIN codes for a very short lapse of time before they are encrypted and passed to the back end. This short time is just enough for RAM scrapers to steal confidential data.
Botnets
A botnet is a group of thousands, sometimes millions, of devices connected to the Internet, that has been infected with malware and is under the control of an attacker, known as Bot Master. Infected devices are called bots or zombies. Commonly, they get compromised and recruited in the botnet without the knowledge or consent of their owners. Devices can get infected through phishing emails, software downloads, or vulnerabilities in operating systems or software. Once infected, they can be controlled remotely by the Bot Master, no matter where on Earth he or she is.
Botnets are frequently used for executing DDOS attacks, sending spam emails, and stealing sensitive information. It is very hard to stop a cyberattack executed through a botnet because of the number of infected devices involved. They can be globally located so shutting them down, one by one, is not a viable choice.
Cryptojacking
Cryptojacking is a type of malware that gets installed on devices (victims) to use their computing power for mining cryptocurrency. It is hard to detect. Cryptocurrencies operate through a distributed database called the blockchain. Every block contains a set of recent
transactions created through a complex mathematical process. Creating new blocks to keep the blockchain updated is a need for cryptocurrencies and it takes lots of computing power, therefore electricity. The legal way is to pay individuals (miners) who provide it. But many people want the benefits of a cryptocurrency without paying the costs of expensive hardware and electricity. So, they use cryptojacking malware.
Logic bombs
Another harmful name to add to the list of malware types. A logic bomb is a malicious code that is programmed to execute a specific action when certain conditions are met. The code (set of instructions) is typically hidden within legitimate software or script. When the logic bomb gets triggered, it can start crafting or deleting data, or disrupting network operations. They can create a back door for attackers to enable a data breach or a harder attack.
Frequently, logic bombs are installed by insiders, employees, contractors, and people who have legitimate access to systems and sensitive information of businesses and companies. Reasons can go from revenge to cyberespionage.
Adware
Adware or advertising-supported software is a specific malware that displays advertising (as banners, pops up, etc.) on the users’ computers or mobile devices. The main objective of adware is to generate revenue for its developers through the displaying of advertisements to users. Adware can be annoying for you (user) but harmless, or malicious and harm your device by slowing it down, hijacking your browser, and installing viruses or spyware.
Keyloggers
The last on our list of types of malware are the keyloggers, meaning software or hardware devices designed to record every keystroke made on a computer or mobile device, to gain fraudulent access to very sensitive information: usernames, passwords, credit card numbers, and other confidential data. You can imagine all the scary actions they can try once they have those data, from identity theft, damage to your finances, monitoring your online activities secretly, etc.
Just like other malware, keyloggers can be installed on a computer or device through malicious email attachments, software downloads, file downloads, or physical installation by a cyber-criminal. Consider the possibility of keyloggers installed when you use public computers. Be cautious! Keyloggers can capture and retrieve all the data you input.
How to protect against all malware types
Based on the different types of malware, you will require a specific security strategy to stay protected. But there are general recommendations that can help.
· Keep your OS and all software updated. Every new patch helps to prevent the exploitation of vulnerabilities.
· Follow safe practices and train your employees to do it. Nowadays, nobody should directly click on links from unknown sources or open an email and its attachments without checking them first.
· Set strict access controls. Never share the credentials to your system and sensitive information. Talking about businesses, not everybody should have access to everything. Be strict for the sake of your business.
· Monitor and stay vigilant. Monitoring is a great prevention tool to diagnose, detect, and prevent failures or malicious activity within your system. Keep an eye on your employees to prevent harmful behaviors (espionage, revenge, etc.). Be vigilant and suspicious about USB flash drives and other hardware plugged into your machines.
· Avoid the use of public computers and networks. Especially to make actions that involve typing sensitive data.
Conclusion
Now you know the types of malware that can damage your system, devices, finances, and peace of mind. Knowing more about them is the first step. Now you can define a security strategy to stay safe. The priority must be to close the door and every little gap to malware!