Explanation of the 8 common types of malware
1. Virus
The virus is the most well known form of malware. Originally, this category was the only form of malware. It was only when the classification of malware was better defined that the term “malware” came into common usage instead of “viruses.” Nowadays, the distinguishing characteristic of a virus is that it is capable of replicating itself to spread, and it usually attaches itself to another legitimate, commonly used program that acts as its switch.
The associated file also acts as a transport mechanism. If a virus attaches itself to a music file, every time that file is copied onto a disc, memory card, or USB stick, the virus accompanies it. The virus will also accompany the infected file when it is transferred over the Internet.
The most common form of virus infection is illegal copying. Indeed, commercial entertainment and software distributors ensure that their systems are virus-free. Individuals are not as rigorous.
The best way to avoid virus infections is to install an antivirus system. Many operating systems now come with a free antivirus solution. Commercial antivirus applications rely on a database of characteristics that is constantly updated by the software producers.
This search and update function is part of the value of the antivirus program, so you should ensure that you keep your system up to date.
Most antivirus programs constantly run in the background and identify viruses when they enter your device. They also periodically scan your processor and files for viruses. Antivirus programs can use a lot of processing power and it can be annoying when the system scan starts unexpectedly, in the middle of an important task. Automatic updates can also slow down your device.
It's tempting to change your antivirus settings to disable these automated processes — updates and scans can be ordered manually. However, many users forget to start the update process or keep putting off system scans to avoid slowing down the computer. Postponing updates and scans reduces the value and effectiveness of antivirus software.
2. Ver
Worms are very similar to viruses. Originally, the distinction between a virus and a worm was that the virus was spread on physical media, such as a boot disk, while the worm was spread on the Internet.
The distinction between worms and viruses now includes how they work. While a virus attaches itself to another program, the worm is an independent process.
This malware creates a process in the background, which means that it does not depend on the user accessing a particular file. A worm infects a network rather than an individual computer because it communicates with other devices associated with the computer it has already infected. This strategy constitutes the worm's reproductive mechanism.
The network that the worm infects does not have to be a private corporate network. It can also infect a network of friends. Infected emails are often sent by worms. The worm infects a computer or email account, accesses that person's contact list, and uses the email program to send copies of itself, thereby spreading. Worm distributors also acquire email address lists and organize bulk email mailings to send the worm to these people. The worm is always hidden as an attachment to emails.
Antivirus systems can trap worms. If your anti-malware program is running all the time, it will detect dangerous attachments and issue an alert when you attempt to download them. Worms spread through email because their original transmission method was blocked by firewalls.
Originally, worms could search for contact records on the Internet, obtain a list of target addresses, and then send infected messages directly to those computers. However, firewalls block unsolicited incoming connections. Install a firewall and keep it on to prevent worms from returning to their original method of invading your computer.
Be skeptical to protect yourself from worms. Never download an attachment from an email sent by someone you don't know, even if the source of the email seems to be a credible organization. Don't be fooled by enticing descriptions of the contents of attachments. If you did not request information and do not know the sender personally, do not access the attachment.
If a friend's email seems a bit too salty, or if the subject of the email doesn't seem to match that person's usual interests, check with that friend about the exact subject of the attachment before downloading it.
3. Trojan
The Trojan horse is the third largest distribution system for malicious software. It is the largest method of distributing malware today and includes remote access trojans (RATs). If Trojan horses overshadow viruses and worms, it's because the characteristics of a Trojan horse overlap a bit with those of its rival mechanisms.
The Trojan horse is presented as a useful program. It can be a file space cleaner or a utility that speeds up your computer. Sometimes you actually get the useful tool and it can work really well. However, in cases where the proposed software actually exists, the Trojan horse is installed with the desired program through an installation wizard without your knowledge.
The Trojan horse is just a delivery system. The real danger comes from what we call the “payload.” Given the amount of work that goes into creating these programs, few hackers simply give their Trojans a single piece of malware to introduce. It is more common for the Trojan horse to install a “back door.”
The backdoor is designed to bypass firewalls. Remember, the firewall blocks unsolicited incoming connections. However, it allows responses to outgoing requests. The backdoor works in exactly the same way as the automatic update processes used by all major software companies. A background process is running constantly and periodically checks the instructions. These instructions may include new malware for download.
The best way to avoid Trojans is to think twice before downloading a new program, especially if your anti-malware system is warning you against it. Be especially careful when downloading software via BitTorrent networks and avoid anything on a torrent download if it's packaged in a zip file. While zip files speed up the transfer process, they can also hide malware from anti-malware protection systems until it's too late.
Only download software that has been recommended. Check user reviews to find out if anyone has reported receiving malicious software by downloading the application you are interested in. Above all, ask yourself how the software company that created the utility earns money if it gives the fruits of its efforts.
4. Rootkit
A rootkit is like a security system for malicious software. This category of software is not specifically designed to cause harm. Rather, it is a way to protect other malicious software on your computer. Rootkits penetrate directly into your computer's operating system and acquire elevated privileges, such as administrator rights.
A rootkit can rename processes to disguise malicious programs as regular programs. It can also restart malicious programs if you or a utility have killed one. Although the rootkit resides in the operating system, it can coordinate browser hijacking systems to prevent you from looking on the Web for a solution to the symptoms that your computer displays. It may also redirect you away from the websites of anti-malware software producers.
Rootkits are so successful at defending themselves and the malware associated with them that sometimes the only way to get rid of them is to reinstall the operating system.
5. Spy software
The aim of spyware is to steal your data and to report on your activities. There are many different types of spyware, and they don't just infect computers, phones, and tablets.
A type of spy software, called “RAM scraper,” specializes in infecting electronic point-of-sale devices, i.e. store cash registers. The RAM scraper collects payment details from customers while they lie fleetingly in the machine's memory.
Spyware intended for the general public is particularly interested in login credentials and financial data.
Keyloggers record all keystrokes made on a computer. The connection procedures of online banks attempt to thwart these processes by requesting random pieces of information. Indeed, the keylogger does not record what is displayed on the screen, but only the keys pressed on the keyboard. So instead of asking for your PIN, the login screen will ask for the third digit of your PIN code. The position of the requested number changes with each connection attempt and this request is also accompanied by a request for a letter specifically positioned in a second password. On-screen keyboards also make it possible to outsmart keyloggers.
Spyware also aims to gather identifying information about your computer and Internet connection. This information includes your browser type and IP address. The spy software will track your activities, recording the web pages you visit, and is often used to run adware.
6. Adware
Adware comes in several different forms, but it usually operates through your browser or network settings. The aim of the adware is to make you watch an advertisement that makes money for the hacker who controls it.
Adware can be implemented by redirecting your web visits to pages other than the ones you thought you were going to. You may arrive at the page you were waiting for, but the adware has injected its own ads into the page code.
Another technique is to hijack your browser settings to add unwanted toolbars, change your default search engine, and change your new tab page.
Be sure to check your browser's DNS proxy settings as some adware selectively redirects your traffic using both of these techniques. Using this method, the adware can add affiliate codes to the web addresses of the online stores you visit. This way, the hacker makes a percentage of everything you buy online without you noticing.
7. Ransomware
Ransomware often makes the headlines. They are scary and therefore a good topic for international news agencies. In a ransomware attack, a virus encrypts all the files on your computer. Nothing is stolen or damaged, but everything on your computer is locked and you can't access it without the encryption key.
The creation of bitcoin has greatly helped hackers and allowed this form of attack. Cryptocurrencies allow for pseudo-anonymity, so hackers can ask for a ransom to be paid in bitcoin. They cannot be traced by the police departments that track the money to a bank account if they manage to change the currency so as not to leave a trace.
Ransomware attacks are spreading rapidly. The encryption systems that implement them are usually delivered by Trojans and worms. The 2017 WannaCry ransomware epidemic attracted a particularly large press.
The media attention given to this type of malicious software has given rise to a digital form of protection racket. In this scenario, a business receives a ransom note before the attack occurs. This is a warning that gives the company the option of paying to prevent the attack. More often than not, this is a scam that is carried out by scammers. Attacks never happen regardless of whether the victim pays or not. However, a sufficient number of businesses decide to pay just in case and these few companies make racketeering profitable.
Scammers don't even need technical skills to launch an attack using “ransomware as a service.” The Cerber ransomware can be praised, with the malware's creators taking a 40% share of the attack revenue.
8. Botware
Botware is control software that allows a hacker to access your computer and its resources. The aim of botware is to turn your computer into a “zombie” and part of a “botnet.” Botnets are used to launch distributed denial-of-service attacks, better known as “DDoS.”
During a DDoS attack, individuals' web servers or devices connected to the Internet are overwhelmed by connection requests.
The messages that flood a computer during a DDoS attack come from tens of thousands, if not hundreds of thousands, of computers around the world. The attacker who commands these attacks does not own any of the computers that participate in them. On the contrary, the attack participants are ordinary residential computer owners like you.
You probably won't even notice that your computer is participating in a DDoS attack. Indeed, the contribution of each computer in the botnet can be summed up in a single short message sent via your Internet connection.
Cryptocurrency botnets are another matter. Cryptocurrency mining has become an important business. However, the blockchain formula that controls these currencies makes generating new tokens an expensive and time-consuming task. The cost of electricity for the computers that manage currency mining operations particularly erodes the profitability of the company. Hackers have found a way around this problem by using botnets for mining.
If your computer has been enslaved to a cryptocurrency botnet, you'll notice it. Your computer's processor will run constantly and the fan will run longer than usual. You'll also notice that your home's electricity bill is skyrocketing.
How to prevent malware attacks
The main defenses against malware are the same, whether it's adware, spyware, viruses, or ransomware. Below are the four basic steps you can take to avoid malware attacks and protect your PC or laptop.
Here's how you can protect your PC or laptop from malware:
- Be careful where you copy files and do some research before downloading a free utility.
- Don't download software or zip files from P2P systems and try to avoid being too eager to get a free program.
- As a minimum anti-malware, be sure to enable the antivirus and firewall programs that are available with your operating system. (Ideally, choose a appropriate antivirus provider to protect your PC).
- Let your antivirus run at startup and allow it to scan and update automatically.
As a general rule, never download email attachments. If you receive an email from a company in response to your request for information, you can safely download this file. However, you should always be wary of PDFs and Flash videos, even if they were sent to you by a friend.
Malicious software is evolving and new types of attacks seem to appear every year. Use anti-malware software and use common sense to make sure you don't get infected.