Malware is a moniker for software that has been created with malicious intent. The three most common types of malware are Viruses, Worms, and Trojan Horses. These terms are often used interchangeably, but they are actually very different. Each is a type of malicious software, but they differ in how they infect and affect computers.
Examples of computer viruses are:
– Macro virus
– Boot virus
– Logic Bomb virus
– Directory virus
– Resident virus
How Malware Spreads?
• Malware is a program that must be triggered or somehow executed before it can infect your computer system and spread to others.
• Here are some examples on how malware is distributed:
a) Social network
b) Pirated software
c) Removable media d) Emails
- Data Loss
Many viruses and Trojans will attempt to delete files or wipe hard drives when activated, but even if you catch the infection early, you may have to delete infected files.
- Account Theft
Many types of malware include keylogger functions, designed to steal accounts and passwords from their targets.This can give the malware author access to any of the user’s online accounts, including email servers from which the hacker can launch new attacks.
Many types of malware also subvert control over the user’s computer, turning it into a “bot” or “zombie.” Hackers build networks of these commandeered computers, using their combined processing power for tasks like cracking password files or sending out bulk emails.
- Financial Losses
If a hacker gains access to a credit card or bank account via a keylogger, he can then use that information to run up charges or drain the account. Given the popularity of online banking and bill payment services, a hacker who manages to secrete a keylogger on a user’s system for a full month may gain access to the user’s entire financial portfolio, allowing him to do as much damage as possible in a single attack.
A computer virus is an executable piece of code that can infect computers without knowledge or permission from the user. An important point concerning viruses is that they cannot replicate independently; they need to be transferred to another computer and run by a user. The can be transferred by various means, such as using deception to convince the user that the file they are opening is benign. Problems from viruses can vary greatly, with symptoms ranging from only using system resources to formatting hard disks. In general, the problems are related to the specific computer in question and will not affect others on the network.
The main feature that separates worms from viruses is that worms are self-replicating. A worm can use a network to send copies to other computers. Worms can be benign, in which case they simply replicate from computer to computer (but still consume network bandwidth), or they can be malignant, in which case, they carry a payload designed to attack the computers they infect. The attacks may be similar to viral attacks and range from encrypting files (with the intent to blackmail the owner) to installing backdoors to control the computer. The latter is commonly used to send junk mail and initiate Denial of Service attacks.
Trojan horses are applications which appear to be useful, legitimate applications, but run malicious, hidden code. The application may appear to perform tasks, such as scanning for spyware, but actually steal personal data from your system. Executing Trojans may result in changing desktop wallpaper, creating pop-ups, or even deleting files. One of their most popular uses is creating backdoors to allow malicious users to gain access to files and information. Unlike viruses or worms, Trojans cannot infect other systems.
Example of Trojan Horses
• Remote access Trojans (RATs)
• Backdoor Trojans (backdoors)
• IRC Trojans (IRCbots)
• Keylogging Trojans.
While not actually malware, phishing has recently become a real security concern. Users are directed to a seemingly trustworthy website and defrauded into giving up personal information, such as credit card details, passwords, etc. Anti- phishing measures have been implemented in the current version of most browsers including Internet Explorer 7, Firefox 2, Netscape 9, and Safari 3. The anti-phishing measures generally involve checking URLs against a list of known phishing websites.
How can I prevent my system from being infected?
The two most important things you can do to ensure your system is secure: keep Windows Updates up-to-date and run a trusted antivirus program. Running Windows Updates will give you the latest security patches and prevent system vulnerabilities from being exploited. An antivirus program is the most reliable method of detecting and eliminating malware. Keep in mind that an antivirus program is only as good as its latest update, so the key to maximizing security is to allow it to automatically update and auto- protect. Since the antivirus program searches for known threats in its repertoire, up-to-date definitions are essential. Enabling auto- protect ensures that new programs being installed or attachments being downloaded are scanned and safe. The last thing you can do to prevent infection is be aware and be skeptical. Unless you’re sure that you’re downloading something from a safe site, malicious code is always a possibility. Always remember that if you’re suspicious of a file, a simple internet search should provide enough information about it to make an educated decision.
How do I know if my system is infected?
The sure way to ensure that your system is free from malware is to run a system scan using the latest virus definitions, but the following are indicators that your system might be infected:
• Your computer is running at a slower pace than usual
• You computer locks up often
• Your computer crashes and restarts every few minutes
• Applications stop working correctly
• You receive unusual error messages
• Your computer restarts on its own, then fails to run normally
Again, these are just indicators which could also signify hardware or software issues. The only way to know for sure whether there is an infection is to run an anti-virus or anti-spyware scan.
Usage of Malware
• Many early infectious programs, including the first
Internet Worm, were written as experiments or pranks.
• Today, malware is used primarily to steal sensitive personal, financial, or business information for the benefit of others.
• Malware is sometimes used broadly against government or corporate websites to gather guarded information, or to disrupt their operation in general.
• However, malware is often used against individuals to gain personal information such as social security numbers, bank or credit card numbers, and so on.