Basics of Malware- An overview

Shivashankar Saravanan
Share and Support Us

“A good read on the types of malware and the ways to protect yourself from them! ”

Protecting against malware has become a primary goal for organisations and also  a very complicated process these days because of the different forms they come in and the fact that they are hard to detect and eradicate.

What is Malware?

Malware is a script, code or a software that is designed to interrupt computer operations, gather confidential information, gain unauthorised access to computer systems without permission of the owner. Its primary function is to replicate and deliver its payload.

Since the widespread use of the internet globally, hackers have found their way of attacking through malicious software. There are different types of malware and they differ in their functionality.     

Types of malware:

There are different types of malware and they are differentiated based on their behaviour when they are implemented in the system. 

Virus:

A computer virus is a form of malware that reproduces itself when implemented. When the user runs a program that has a virus embedded in it, the virus takes control of the system and reproduces through the files or network. Viruses are of different types based on their functionality.

  1. Program virus: It is part of an application and gets implemented when then application is installed
  2. Boot sector: This is a type of virus that infects the boot sector and doesn’t need an operating system to function.
  3. Scripts Virus: This type of virus runs as a script in the OS or the browser.
  4. Macro virus: Macro viruses are viruses that are written in macro language and commonly attack microsoft office services.

Worms:

A worm is a type of malware that self-replicates and is one of the very dangerous and fast spreading malware. It takes advantage of the Network transport features like email attachments and instant messaging. Worms have the ability to edit, delete files and even inject additional malware into the system. In addition to these, it can also install a backdoor so that a hacker can gain access to the system by avoiding the authentication process.

It is very hard to contain the worm because it spreads rapidly. A firewall might be able to stop a well known worm but nothing can be done when it bypasses the firewall. The two most important types of worms are the Bots and Ransomware.

  1. Ransomware: In today’s world, everyone is aware about the ransomware attacks happening all over the world. It is one of the most prevalent cyber attacks and hard to battle against. A ransomware attack encrypts all the data in a system and demands a ransom from the owner to provide them with the decryption key. If confidential data is lost it causes heavy loss to the organisation and also damages the reputation. So it is always advisable to backup all the files and data so that none of it is lost during such attacks.
  2. Bots: Bots are robot devices that are used by hackers to attack the victim devices. A group of bots is called a Botnet which is commonly used in implementing a Distributed denial of service(DDOS) attack. An example of a well known bot is the Zeus bot that was used to exfiltrate money from bank accounts and give it to the hackers.

Trojan: 

Trojan horse is a type of virus that looks like a genuine application but has malicious code embedded in it. When a user downloads and installs the application the malware has the same access as the user. Trojan horses usually come in the form of music file, videos, or games and spread through human interaction. Below are the different types of Trojans;

  1. Backdoor: It is a masked way of accessing the system by avoiding the authentication process.
  2. Keylogger: It is a software used by hackers to capture keystrokes as they are struck by the user.
  3. Remote Access Trojan(RAT): As the name suggests it is used to have remote admin control, copy files, keylogs and also embed more malware from a remote site.

Rootkit: 

Rootkits are usually hidden in the computer and it is hard to notice them even when they are active. Rootkits give the hackers the ability to have privileged access to the system which makes it a very dangerous attack. There are different types of rootkits that attack different part of the system;

  1. Firmware: Malware is embedded in the firmware.
  2. Kernel: The malware modifies and attacks the kernel
  3. Persistent: In this case the rootkit gets enabled when the system starts and stays active till shutdown.

Logic Bomb:

Logic bomb is a malware that behaves just like a time bomb. It is a piece of malicious code inserted in a software and is activated when certain criteria are met. Just like any other malware , logic bombs are hard to detect and it is usually implemented by someone who has admin access.

Spyware:

As the name suggests, spyware is a malware that is implemented in the computer system to collect information about the organisation or the user without their consent and provide the information to the attackers.

Adware:

Adware is one common type of malware that every internet user is aware of and have come across on a daily basis. Adware is a type of malware that automatically delivers advertisements. An example of adware would be the pop up ads and message we receive when we visit a website.

How can you protect yourself from Malware?

It is a difficult process to detect and eradicate a malware, but if the precautionary steps are taken it is possible to prevent malware from attacking us. Below are a few techniques that can be used to protect our systems from being infected;

i) First and foremost there must be a proper antivirus(AV) and antimalware(AM) software installed in the system. If an AV or AM detects a program that has malicious code embedded in it, it quarantines the program separately and prevents it from attacking.

ii) There are thousands of new viruses. So it is important to update the signature list of the antivirus software so that none of the new viruses are left out.

iii) The Operating system has to be updated regularly and patches have to be applied before the vulnerability is exploited. 

iv) One of the most important tips would be to not download unauthorised softwares and not click any unknown links. Most of the malware comes in the form of links or softwares.

v) Backup is one of the most efficient ways of preventing data loss by malware. By having a backup of all the valuable data we do not have to worry about losing them. Taking a backup of sensitive data is always a best option.

Malware is still a major problem in organisations worldwide because of its advancement and efficiency.So it is important for an organisation to take the necessary steps to protect themselves from being attacked and securing their workspace.

If your IT infrastructure system is compromised or if you would like to be prepared you can contact us at info@rootfloe.com for a free consultation.

Related posts

Leave a Comment