What is malware?
Malware is the collective name for several different types of malicious software that are harmful to a computer user. Malware can be delivered in several different ways including:
- Email: A link or file is included, and the recipient clicks on the link or opens the file.
- USB hardware device, e.g. memory stick: The recipient plugs the device into their computer and the malware automatically runs.
- “Drive-by downloads” where the malware is automatically downloaded to the victim’s computer without their consent. This may be initiated by visiting an infected website or through a hidden link in an email.
What are the different types of malware?
A virus is the most common form of malware. It can execute itself and spread by infecting programs or files.
A worm is a virus that can self-replicate without using other programs on the victim’s computer. It typically spreads across a computer network without any directives or interaction from the malware authors.
Ransomware infects a victim’s computer and encrypts files or whole disks on that computer. Cybercriminals will then demand payment in exchange for supplying the method to decrypt the files. However, they may take the payment and then not supply the decryption method.
Spyware collects information about the victim’s computer and observes the victim’s activity without their knowledge.
A Trojan Horse (named after the Trojan Horse in Greek mythology) looks like legitimate software, but after installation and execution, delivers its malware payload.
A Rootkit is a special piece of malware that runs undetected and allows a mal-actor to access the victim’s computer with “root” or “system” privileges.
A keylogger program is a special case of spyware that tracks what a user does. In the pre-Windows days, when users worked from the command line, a keylogger would log every keypress that the victim made. Now, it also logs mouse movements and clicks, allowing a mal-actor to recreate everything that a victim has done, including opening emails, visiting websites, and entering usernames, and passwords.
Remote Access Trojan (RAT)
A Remote Access Trojan (also known as a backdoor) creates a backdoor into the victim’s computer which allows a mal-actor to remotely access the computer without alerting the victim.
Scareware tricks the victim into downloading and installing the malware by scaring him, usually by popping up a window that says that the computer is infected with a virus. The victim is then invited to buy a piece of software that will clean the virus. There is no virus and the software that the victim buys is the real malware, so the bad-actor scores twice by persuading the victim to buy, download and install the malware.
How do you protect yourself from malware?
Some simple steps can help prevent malware being loaded onto your computer.
Do you want to learn more?
Network Midlands runs seminars to help you detect and defeat social engineering attacks. Find out more at “The Art of Deception“.