What is malware?
Our computers and mobile devices have become necessary for just about anything and everything in our daily lives. We use them for work, entertainment, communication, and more. However, with an increased use of technology comes an increased risk of inevitability stumbling upon cyber threats.
Malware, short for “malicious software,” is any type of software designed to harm or exploit a computer system, network, or device without the knowledge or consent of the owner.
For as long as the internet has been around, hackers have been looking for ways to exploit weaknesses in digital code with malicious software. But while the concept of malware has always stayed the same, the complexity of said threats is constantly evolving.
This blog will cover some of the more prominent types of malware, how they end up on your device without you knowing, and tips to detect/remove some threats on a device.
Popular types of malware
Hypothetically, since malware is an umbrella term for any kind of software that’s deemed malicious, there’s an infinite number of different forms that it can take. Some kinds of malware even work in conjunction to accomplish objectives by disguising or spreading malicious files across a system.
Thankfully, criminals have generally continued to use the same types of malware in recent years, making some forms easier to learn about than others.
Here are some commonly seen threats
Virus
The terms “malware” and “virus” have become interchangeable when referring to computer threats. However, while all viruses are malware, not all malware is considered viruses.
A virus infects other programs or files on a system and can spread from one system to another by infecting files that are shared over a network or via email attachments. When the infected program or file is executed, the virus code is activated and can perform various malicious actions, such as deleting files, stealing data, or spreading further. Viruses can also be used to install other harmful forms of malware.
Example: An older, but still relevant example would be the “Melissa Virus” which appeared in 1999 and spread via infected email attachments that contained a macro that would infect the recipient’s computer when opened. The virus then sent copies of itself to the first 50 contacts in the recipient’s email address book.
Learn More
Worm
A worm is similar to a virus because they both spread themselves and have the potential to perform several different things like deleting files, stealing data, or installing other forms of malware.
What makes computer worms different is their ability to self-replicate without any human intervention. Also, instead of spreading through file-sharing, email attachments, or infected websites, worms typically infect computer networks, exploiting security vulnerabilities to infect other systems.
Example: One more recent computer worm is the “EternalRocks” worm, also known as “MicroBotMassiveNet” Once EternalRocks infects a system, it downloads and executes multiple components, including a backdoor that can allow attackers to remotely control the system, and a tool that scans the network for other vulnerable systems to infect. The worm also uses multiple techniques to evade detection, such as encrypting its communication with command-and-control servers and using random file names to avoid detection by anti-virus software.
Learn More
Trojan
Trojan horse malware, as the name would suggest, disguises itself as legitimate software containing hidden malicious code. Unlike viruses and worms, trojan horse programs do not have the ability to self-replicate or spread to other computers on their own. Instead, they rely on social engineering techniques to trick users into installing them. After installation is complete, credentials/information can be stolen, or computers can be taken over.
Example: A trojan discovered in 2016 was used a popular technique to obtain banking account info. Typically spread through phishing emails or infected websites, it tricked users into installing it onto their victim’s system, and then stole banking credentials, credit card information, and other sensitive data.
Learn More
Ransomware
Ransomware is our first example of malware that requires a user to inadvertently download and install it on their computer, or in combination with a virus, worm, or trojan. This frightening type of malware can make files inaccessible by encrypting them or completely lock a victim out of their computer and demand payment in return for access.
Example: There have been many high-profile ransomware attacks in recent years, but one that’s notable is the WannaCry ransomware attack that occurred in May 2017. WannaCry is a type of ransomware that exploits a vulnerability in Microsoft Windows and uses a computer worm to spread rapidly across networks, infecting computers. The attack initially targeted computers running older versions of Windows that had not been updated with the latest security patches.
Once a computer was infected with WannaCry, the ransomware encrypted the victim’s files and demanded payment in exchange for the decryption key. The ransom demanded was typically around $300, payable in Bitcoin. The attack affected hundreds of thousands of computers in over 150 countries, including hospitals, businesses, and government agencies.
Learn More
Spyware
Spyware is a type of malware that can monitor a victim’s computer activity completely without their knowledge. Spyware can do any number of things that directly harvest data, such as collecting your keystrokes, browsing history, or even capturing video/audio recordings of your monitor. There are a few unique types of spyware, but they all require some method of external installation.
Example: A modern day use of spyware, FinSpy, is actually used by governments and law enforcement agencies to monitor the activity of targeted criminal individuals. It is capable of recording keystrokes, capturing screenshots, logging chats and emails, and even turning on the victim’s webcam and microphone to record audio and video.
These five types, although more common than most malware, are only just a few different types out of a list of hundreds. If you want to learn more about each specific type, and see more in-depth examples, be sure to click “Learn More” for each one.
As for all the other different types, we’ll work on creating individual articles for other dangerous forms in the future.
How is malware installed?
Malware can be installed using various methods, all of which try to be discrete, effective, and deceptive. Chances are, if you commonly browse the internet or use any kind of email service, you’ve been exposed to one of these techniques.
Phishing/Smishing
A basic, but extremely effective tactic, phishing is when criminals send out emails with the hopes of tricking individuals into clicking malicious links or downloading attachments that will install harmful programs. Phishing emails can range in complexity from appearing obviously fake, to being exact copies of authentic emails from real organizations.
Smishing is the same exact concept but done through text messages rather than email.
Learn More
Social Engineering
Similar to phishing, social engineering often begins with an email, but it can also happen over the phone call, or from visiting a malicious site.
The main idea of social engineering involves manipulating the user into downloading or installing the malware themselves. This may sound easily avoidable, but far too many people have become victims due to the elaborate tactics that criminals use to persuade individuals.
They impersonate real organizations or authorities, scare people by stressing that time is of the essence, and create realistic programs to make these situations all the more believable.
Learn More
Software vulnerabilities
If you weren’t aware already, there’s a strong incentive to keep your software updated. Software vulnerabilities are flaws or weaknesses in software that can be exploited by attackers. This allows cyber criminals to collect your data or credentials, or infect victims with malware without having to install anything, as it’s already on their system.
Learn More
Drive-by downloads
While becoming more and more uncommon due to modern web-browser security, these attacks occur when a user visits a website that has been compromised by hackers. The malware is simply installed when the site is visited, or when performing a certain action, and happens without the victim even knowing.
Learn More
Malvertising
If you thought advertisements were annoying enough already, some advertisements can be used to install malware, known as malvertising. These advertisements look legitimate and can be pop-ups that you’re forced to click on if you wish to continue browsing the site. When the user clicks on the ad, the malware is downloaded onto their computer or device.
Learn More
These are just a handful of examples that are used by cybercriminals to steal sensitive information, cause disruption, and generate revenue. It is important for individuals and organizations to stay informed about these threats, and to take steps to protect their systems and data against them.
How to detect/remove malware
Depending on the type of malware, and how advanced it is, finding these programs and uninstalling them can be very easy or exceedingly difficult.
Using an antivirus
An obvious solution, but sometimes overlooked one, is to make sure to use an antivirus. Some anti-viruses don’t do regular system scans on their own, so it’s imperative that you check your system on a regular basis.
On top of that, making sure it’s up to date is also key in order to be sure that it’s working efficiently.
Here’s a list of our recommended antivirus programs, where we go over what each one has to offer.
Unfortunately, anti-viruses are only so effective when it comes to catching malware on your device. More complex forms of malware can remain undetectable on a device and never be noticed by an antivirus at all.
Check for unusual behavior
Aside from using an antivirus, detecting viruses can be tricky, especially before it’s too late. Never underestimate something suspicious on your device.
- Is your search history different from what you last saw?
- Is your device taking a lot longer to process things?
- Are any recently accessed files different from what you’ve used recently?
- Are your security settings different than that they were before?
While seeming trivial, noticing small abnormalities can be an indication of something much larger. Catching malware before it’s too late can make all the difference when it comes to having an easy recovery.
Take your device to an IT specialist
If you’re confident that there is malware on your device, taking your device to a specialist is often the best thing to do in these scenarios.
As stated throughout this article, the software that criminals use becomes more complex each year, making some programs overly hard to find for someone that isn’t highly proficient at detecting them. Not to mention that removing malware incorrectly can leave your device in worse shape than it was before.
Want to learn more?
Our blog is your one-stop-shop for all things related to identity theft and digital privacy protection. We provide you with the latest news and updates on identity theft trends and offer practical tips and resources to help you safeguard your personal information. We also cover a wide range of topics, from protecting your passwords and financial accounts to things like securing your social media profiles and online shopping habits.
Our team has over 15+ years of identity theft restoration and prevention experience, and we’ve created comprehensive guides and tutorials that will show you everything we’ve learned about detecting, preventing, and recovering from identity theft.
In addition, we offer reviews and comparisons of the top identity theft protection services, so you can find the best solution to fit your needs and budget.
Feel confident that you’re taking all the right steps to keep your privacy, finances, and devices protected. Don’t wait until it’s too late – join our community today!