What is Malware?| DROP Organization

WHAT IS MALWARE?

What is Malware?

Malware in cyber security is a software designed to harm or exploit any programmable device, network or service. Any malicious software intended to interfere with the normal functioning of the system, can be termed as malware. Malicious attackers use this to extract data and use it against the victims for illicit intentions. The threat actors infect the systems with malware to gain access to confidential information such as financial information, medical records, personal emails, and passwords. 

Use of Malware by Threat Actors

The threat actors use the malware for their malicious intentions i.e., to cause harm to computer systems, networks or the users. Generally, the threat actors use malware for the following purposes:

  • Malicious attackers use malware for a variety of purposes. There are many variants of malware including viruses, to infect the use of machines.
  • They use deception to trick the victim to provide personal information for identity theft.
  • They use malware to steal customer credit card details or other financial information.
  • The malware provides remote control to an attacker to gain access to the system.
  • Often, malware is used to send spam from the compromised machine to unsuspecting targets.
  • Malware can allow the attacker to take over several computers and use them to execute denial-of-service (DDoS) attacks against the networks.
  • Attackers use infected computers to mine for cryptocurrencies such as bitcoin.

Types of Malware

Malware is a blanket term used for viruses, trojans, worms, ransomware, spyware and other destructive programs. 

  • Viruses- A virus is a malicious code which is packaged with another executable file. They multiply themselves throughout the system or network. When the infected file is passed from system to system, the virus tends to spread. They can be harmless or can modify or delete data. Even opening a malicious file can trigger a virus. Once the program virus gets active, it will affect other programs on the system. Viruses can be dangerous, resulting in corruption or deletion of data, use of the victim’s email to multiply, or erase everything on the hard disk.
  • Worms- These are self-replicating viruses, which attack themselves to different files and look for loopholes between systems. They exploit security vulnerabilities to spread themselves automatically across computers and networks. Generally, they go unnoticed until replication reaches a scale that consumes significant system resources or network bandwidth. Usually, they slow down the networks.
  • Trojan horse- Trojan appears to be legitimate software that carries out malicious operations under the appearance of a desired program such as playing an online game. Malware trojans carry out those actions for which they were designed, once they are active. Trojans do not replicate through infection. This makes trojans different from worms and viruses. 
  • Ransomware- A ransomware gains the access of a computer system or the relevant data present in it, until the victim makes a payment . Ransomware encrypts data, holds valuable files, data or information in the computer with a key that is known to the attacker only. Once the amount is paid, the victim can regain his control over the system.
  • Remote Administration Tools (RATs)- RATs are the software that allows a remote operator to control a system. Originally, these tools were built for legitimate use, but by the time, they are used by the threat actors for their malicious purposes. Using RATs, an attacker can do anything on an infected computer. They are hard to detect, as they are not in the list of running programs or tasks, and their actions are often mistaken for the actions of legitimate programs.
  • Adware- It displays unwanted ads and pop-ups on the computer. It is packaged with  software downloads and generates revenue for the software distributor by displaying ads. If a user downloads the software, threat actors make unauthorized access to computer systems and disrupt the users to a great extent.
  • Spyware It is a type of malware that collects information about the usage of the infected computer and communicates the same to the attacker. This includes botnets, adware, backdoor behavior, keyloggers, data theft and net-worms.
  • Rootkits- The purpose of rootkit is to modify the OS to make a backdoor. This backdoor is used by the attackers to access the computer remotely. Rootkits are of varied types and hide themselves in the operating system. They take the benefit of software vulnerabilities to change the system files.
  • Logic Bombs- A logic bomb is a malicious program, which is used to activate malicious code. Until the trigger event happens, the logic bomb remains non-functioning. Once triggered, a logic bomb activates a malicious code that can cause harm to a computer. They often destroy the hardware components in a workstation or server including hard drives, power supplies, etc. 
  • Keyloggers- Keyloggers record everything that a user types on his/her computer system to obtain sensitive information and send them to threat actors.

How Do We Know if We Are Infected by Malware?

The following indications states that your system has been compromised by a malware:

  1. Your computer may not perform properly on execution.
  2. Whenever your browser takes you to an unknown or suspicious website, this is known as a browser redirect.
  3. You may face trouble if you start or shut down your computer.
  4. The warnings about the infections are accompanied by offers to purchase a particular product.
  5. Constant popping-up of ads.

How do Malware Spread Itself?

Malware in cyber securityuses a variety of methods to multiply itself to other computer systems, beyond an initial attack vector. Malware may spread in following ways:

  • File servers, those are based on common Internet file systems (SMB/CIFS) and network file systems (NFS), can enable malware to spread as quickly as possible, as soon as the user accesses and downloads infected files.
  • Email attachments may contain malicious code, when opened, they may get executed by unsuspecting users. If you forward those emails, the malware can spread even deeper into an organization, resulting in compromising the network.
  • Peer to Peer (P2P) file sharing can initiate malware by sharing files that may seem to be harmless as music or pictures.
  • File-sharing software can allow malware to multiply itself onto removable media and then on to computer systems and networks.
  • Remotely exploitable vulnerabilities can allow a hacker to access systems irrespective of geographic location with little or no need for involvement by a computer user.

How to Prevent Malware?

There are a variety of security solutions that are used to detect and prevent malware. This includes firewalls, next-generation firewalls, network intrusion prevention systems (IPS), deep packet inspection (DPI) capabilities, unified threat management systems, antivirus and anti-spam gateways, virtual private networks and data leak prevention systems. To secure your systems, use a robust, updated library of malware signatures to ensure testing is completed against the recent attacks. Few are top suggestion to prevent malware:

  • Secure your device.
  • Update your operating system and applications. Install updates as soon as they become available, as the threat actors search for vulnerabilities in outdated software.
  • Never click on pop-up links, instead simply click the “X” in the upper corner to close it and leave the page that generated it
  • Be cautious when using the internet.
  • Avoid installing too many applications on your device. Those apps that you use regularly and need it, shall be installed.
  • Avoid emails that request personal information. Do not click a link in an email that looks like it is originating from legitimate sources and asks for sensitive credentials in order to gain access or reset your password. 
  • Do not visit suspicious or unknown websites. Use a safe search plug-in and try to stick to well-known and reputable websites to avoid any malicious act without your knowledge.

Want to start your learning journey on Cyber Security and Ethical Hacking field?

contact with drop organization
Categories:
, , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest Posts

Categories

Tags

5G network security 5G network security issues 5G network security risks android hacking applications of quantum computing technology basic server-side template injection benefits of 5G network security benefits of zero trust architecture best ethical hacking course biometric security biometric security measures biometric security system cia model cia model in cyber security cyber incident response Cybersecurity In Digital Transformation incident response Malware malware in cyber security Qrljacking qrljacking attack quantum computing technology rmm tools rmm tools examples rmm tools used by threat actors server-side template injection server-side template injection payloads software supply chain security supply chain security supply chain security best practices supply chain security risks types of malware what are rmm tools what is cia model what is qrljacking what is quantum computing technology what is supply chain security what is wi-fi hacking what is zero trust architecture which of the following tool is used in wi-fi hacking wi-fi hacking wi-fi hacking tool wi-fi hacking website zero trust architecture zero trust architecture in cyber security