Malware: Get to Know What’s Looking to Get You

November 15, 2017
Archived, Productivity

Short for malicious software, malware comes in a variety of types, categories, and threat levels. Some malware, like adware, is considered pretty harmless with the worst part being annoying pop-ups. But as the name implies, malware has a truly malicious dark side that has made cyber crime a very profitable business for hackers. Researchers forecast a rise in cybercrime from $3 trillion in 2015 to $6 trillion by 2021. This will make it more profitable than the global illegal drugs market.

Let’s take a look at the most prevalent kinds of threats and how to protect yourself from being the victim of an attack.

Viruses

Like a virus in the human body that attaches itself to cells and replicates, a computer virus attaches to software, reproducing when the software is run. And like the flu, it’s most often spread through sharing, in this case software or files between computers. Once the program is run, the virus can go about stealing passwords or data, logging keystrokes, corrupting files, or even taking over the machine.

One of the most famous viruses was named Melissa. Melissa appeared as an email with the subject “Important Message” carrying an attachment, that when opened, took over Word and Outlook. Once inside, it spread by sending itself to the top 50 contacts in the user’s Outlook contact list. Though it did not carry a malicious payload, Melissa did place a heavy burden on email servers, causing more than $80 million in damage worldwide.

Every internet-connected system should have antivirus software installed, and users should keep the antivirus protection up-to-date. Plus, don’t click on any link that is sent to you that you aren’t expecting. Instead call the person who sent it and ask if it’s indeed “Important.”

Worms

Instead of infecting programs, worms like to clone themselves to the point that they spread throughout a system and then the network. Worms cause the most damage by slowing down the PC to the point that it stops working, or flooding networks, causing Denial of Service (DoS) or overloading the network and causing it to be inoperable or shut down.

Not so loving was the ILOVEYOU worm which attacked tens of millions of PCs, overwriting random files and sending itself to other users through contact lists. The email was enticing with the subject reading, “A Love Letter from Your Secret Admirer” and an attachment. The virus incapacitated computers around the world, including government agencies, such as the Pentagon and the British Parliament, causing an estimated $10 billion in damages.

As with viruses, the best way to prevent worm infections is with the use of antivirus or anti-malware software. And only open links that you are sure of, even when you know the sender.

Trojan Horses

Named after a very dangerous wooden horse from Greek mythology, Trojan Horses hide a harmful code inside a harmless-looking file to create backdoors that allow attackers unauthorized access to share your financial information, passwords and other sensitive materials with criminals. In business networks and the internet, they can create DoS attacks, making the network or specific website unavailable.

Zeus was one of the most harmful Trojans, compromising accounts for such organizations as Bank of America, NASA, Amazon, and ABC, stealing more than $70 million. Consumers were also hit as Zeus stole their online credentials and banking information.

But Trojans can be stopped. Be very careful when installing new software or downloading attachments. Most security software comes ready to protect your system from these kinds of attacks, but make sure you keep your security updated.

Rootkits

Rootkits are sneaky, since they wait to strike by opening the door for attackers to gain administrator-level access to systems without your knowledge. Once inside, they can do almost anything they want with the system, including recording activity, changing system settings, accessing data, and mounting attacks on other systems. And what makes rootkits so insidious, is that many can hide out in the open disguised as necessary files.

The original Gozi virus infected millions of computers, but just when law enforcement thought they had caught the perpetrators, a new more malicious version was released, the Gozi MBR. MBR stands for Master Boot Record and includes a rootkit that runs before the operating system starts. Using this jump on the operating system, the Gozi MBR was able to load before the computer’s antivirus software even got started booting up. It also used Internet Explorer to intercept traffic and perform web injections in order to get the user’s financial information.

Rootkits are very difficult to detect and to remove. Keeping your security software, operating system, and other software up-to-date is essential in preventing rootkit infections. If you get a rootkit infection, experts recommend wiping your hard drive and reinstalling everything from scratch. Some rootkits are so persistent that it is probably best to contact your antivirus technical support team for help.

Ransomware

Ransomware is just as the name states — it’s malicious software that holds your computer for ransom. Disguised as a legitimate file, the ransomware payload infects the system, blocking or encrypting access to files with threats to publish or delete that information if a ransom is not paid. Considered the fastest-growing form of malware, in 2016, ransomware attacks occurred more than 4,000 times a day — every day — up from 1,000 a day in 2015 — a 300% increase.

Appropriately named, the WannaCry ransomware attack in May 2017 was spread globally. The attack hijacked computers running Microsoft Windows, demanding a ransom paid in Bitcoin. Risk modeling firm, Cyence, estimated the potential cost of this attack to be about $4 billion. Though large corporations and even government entities were affected, the attacks also affected hospitals worldwide, leading to the inability to access medical files and general disarray.

Mitigating ransomware attacks is achieved by installing anti-ransomware security solutions, and having up-to-date backups. If locked out of files, you can wipe the system and reboot from the backup.

 

Botnets

Not always considered malicious, bots can actually be very helpful, such as when search engines use them to crawl the internet and index pages of information for our searches. When bad bots come together, they create a botnet that can carry out attacks against websites and even Internet of Things (IoT) devices. Run as a payload for another form of malware or through a contaminated file downloaded by the user, botnets can spread to other machines.

The Mirai botnet was one of the first to target IoT devices. In 2016, Mirai infected IoT devices, such as thermostats, webcams, home security systems, and routers. Using the internet connection from roughly 100,000 IoT devices, the botnet launched a DoS attack on the company that manages the connections between forbes.com domain names and the server that hosts the forbes.com website. This resulted in thousands not being able to connect to a variety of websites, bringing some businesses to a standstill.

Using networking monitoring software can help you determine when a system has become part of a botnet. You can prevent the infection by installing anti-malware software, keeping software up-to-date, using firewalls, and creating strong passwords for all your devices.

Adware

Most of us experience the annoyance of adware at least once a day. Displaying targeted advertising or irritating us with pop-ups, adware is considered the most lucrative and least harmful malware. Adware is usually installed unknowingly by users when they download or install other applications.

Even though adware is pretty harmless, you can protect yourself by installing anti-malware software that includes anti-adware capabilities, disabling pop-ups on your browser, and taking special care when installing new software to unselect boxes that install additional software by default.

Spyware

Exactly as the name implies, spyware is software that spies on you and gathers information about you without your consent. Spyware can be benign, such as cookies used to monitor web browsing for the purpose of sending targeted ads to the user. However, other types of spyware have been used to steal intellectual property and other highly classified information as a form of corporate espionage. And government and police agencies have been known to use spyware to investigate suspects or foreign governments. Spyware spreads by piggybacking on another piece of software or a file.

To prevent spyware from spying on you, install anti-malware that includes anti-spyware capabilities. Also take care and review any software you want to download, knowing it may contain spyware.

Related posts

Want more? Exclusive deals, the latest news: Our Newsletter!