Malware is essentially malicious code that is designed to grant a cybercriminal unauthorized access to a system or network for the purpose of sabotage, theft or espionage. Computers malware comes in a variety of types, with many cyberattacks combining different types to achieve its objective.
Malware is introduced to a system or network through many methods, such as malicious attachments, phishing or malicious downloads, with flash drives and social engineering being a less common technique.
A virus is very similar to a worm, in that both propagate themselves, but unlike with a virus, a worm doesn’t require the program it’s infected to be run in order for it to kick into gear.
A worm will exploit a vulnerability within a program or use some other technique that may trick a user into introducing it onto their computer or network system, such as, by tempting them into clicking on attachment within an email containing the worm.
Because the worm will run independently of the program it has infected, it means it can very easily spread across a network, and within a relatively short space of time. Once on your system, it can and typically will perform harmful activities, such as stealing confidential data and deleting important files. Worms are so efficient at what they do, that governments are also known to use them for espionage.
As worms continue to make copies of themselves, they will consume more hard drive space, slowing down the system in the process. If you notice your system getting slower or your free space disappearing, these are tell-tell signs that your system may be infected with a worm.
An adware works by tracking what an end user is looking at, while surfing the internet. This information is then used to serve the user with more relevant ads. Although there are strong similarities between spyware and adware, adware does not install any software onto the target machine, nor does it capture a user’s keystrokes.
The main threat of adware is that it violates the user’s privacy. Data captured with adware, is usually done so, via data capture, whether covertly or overtly, about the activities of the user online, and then used to create a profile about the unsuspecting victim, which may include things like, what they’ve purchased, their friends, places they’ve been to and much more. This information may then be sold or shared with advertisers, without the users consent.
The Trojan, named after Iliad’s famed Trojan horse, is essentially a malicious file that disguises itself as a legitimate program, so as to trick the end user into downloading it. A Trojan may impersonate a legitimate email attachment, a helpful utility program, a free game and even an antivirus scanner.
Trojans are seen as more potent forms of malicious files, by the hacker. Once an unsuspecting victim downloads a Trojan to their system, it creates a door way, which the cybercriminal can use to gain access to your computer. Trojan’s do not self-replicate, instead relying on the system user to spread the virus.
A Trojan may be paired up with another malware type, in order to carry out the hacker’s primary objective. Most common signs your system has been infected with a Trojan, include things like, a sudden increase in internet usage, system running slower than usual, and constant crashing and freezing.
Both terms virus and malware are often used interchangeably, but the reality is, that they are not the same. A virus, is essentially a subclass of malware. Viruses have been around since the beginning, which has led to them being associated and used to describe malware in general.
A virus works by modifying the files of your system, by inserting its own malicious code into different programs. The common term is “infected”, for programs that have had their code modified by a virus.
A virus may lie on your system in a comatose state, until the end user carries out the desired result, such as, running a specific program or file. Then the virus will kick into action, doing its worst.
A malware virus makes copies of itself, just like your typical biological virus. Once it has been activated, it will continue to spread through your systems files and programs.
An antivirus program will either delete or quarantine the files that have been infected by the virus. However, oftentimes it can be very difficult to erase the damage done to the infected program, as the code is usually intertwined into the program that it has infected.
Viruses are not as common today anymore. Cybercriminals tend to prefer more efficient ways of spreading malicious files to unsuspecting computers.
Bots or Botnets
A bot is basically a small piece of software that is designed to carry out an automated task when commanded.
They are used for a number of legitimate purposes, such as the indexing of websites to the major search engines, but when a hacker or cybercriminal uses a bot, they usually turn it into a self-replicating malicious file, that is capable of connecting to any central server.
These bots are oftentimes used in significant numbers to form a botnet, which is basically a network of bots, which are then used to carry out remove attacks, such as DDos attacks. These botnets can grow quite significantly, from 10k up to millions.
A keylogger is basically spyware, designed to monitor the activities of the user. Keyloggers are used legitimately in many cases, such as when a business wants to keep tabs on its employees. A family may want to use it, to monitor what their children are doing, while on the internet.
However, when they are setup for malicious activities, these Keyloggers are oftentimes used to steal banking information, personal data and other such things. These Keyloggers can get onto an end users system through malicious downloads, phishing scams and social engineering.
Polymorphic malware is amongst the most sophisticated malware around. It’s able to evade antivirus scanners by altering its identifiable features.
As it infects a file, it makes alterations to itself, in order to make it difficult for virus scanners to detect. Some of them are designed to mutate at a specific rate, to make it difficult for antivirus scanners to reliably discover them or know the full extent of their size.
The best way to detect these kinds of viruses is to use a method called pattern analysis, so as to identify the key characteristics of this malware type. There are other advanced security methods, such as endpoint detection response, and threat hunting that are highly efficient at locating these kinds of infections, whether it be polymorphic or not.