School of Information Systems

Type and Protected from Malware

Malware is the collective name for a number of malicious software variants, including viruses, ransomware and spyware. Shorthand for malicious software, malware typically consists of code developed by cyber attackers, designed to cause extensive damage to data and systems or to gain unauthorized access to a network. Malware is typically delivered in the form of a link or file over email and requires the user to click on the link or open the file to execute the malware.

Malware has actually been a threat to individuals and organizations since the early 1970s when the Creeper virus first appeared. Since then, the world has been under attack from hundreds of thousands of different malware variants, all with the intent of causing the most disruption and damage as possible.

Sign that you have malware on your system:

  • Your computer slows down. One of malware’s main effects is to reduce the speed of your operating system, whether you’re navigating the Internet or just using your local applications.
  • Your system repeatedly crashes, freezes, or displays a BSOD (Blue Screen of Death), which can occur on Windows systems after encountering a fatal error.
  • You notice a mysterious loss of disk space, probably due to a bloated malware squatter which hides in your hard drive.
  • There’s a weird increase in your system’s Internet activity.
  • Usage of your system resources is abnormally high and your computer’s fan starts whirling away at full speed signs of malware activity taking up system resources in the background.
  • Your browser’s homepage changes without your permission. Similarly, links you click send you to an unwanted web destination. This usually means you clicked on that “congratulations” pop-up, which downloaded some unwanted software. Likewise, your browser might slow to a crawl.
  • New toolbars, extensions, or plugins unexpectedly populate your browser.
  • Your antivirus product stops working and you cannot update it, leaving you unprotected against the sneaky malware that disabled it.
  • Then there’s the painfully obvious, intentionally non-stealthy malware attack. This famously happens with ransomware, which announces itself, tells you it has your data, and demands a ransom to return your files.
  • Even if everything seems to be working just fine on your system, don’t get complacent, because no news isn’t necessarily good news. Powerful malware can hide deep in your computer, going about its dirty business without raising any red flags as it snags your passwords, steals sensitive files, or uses your PC to spread to other computers.

Types of Malware :

  • Adware is unwanted software designed to throw advertisements up on your screen, most often within a web browser. Typically, it uses an underhanded method to either disguise itself as legitimate, or piggyback on another program to trick you into installing it on your PC, tablet, or mobile device.
  • Spyware is malware that secretly observes the computer user’s activities without permission and reports it to the software’s author.
  • A virus is malware that attaches to another program and, when executed—usually inadvertently by the user replicates itself by modifying other computer programs and infecting them with its own bits of code.
  • Worms are a type of malware similar to viruses, self-replicating in order to spread to other computers over a network, usually causing harm by destroying data and files.
  • A Trojan, or Trojan horse, is one of the most dangerous malware types. It usually represents itself as something useful in order to trick you. Once it’s on your system, the attackers behind the Trojan gain unauthorized access to the affected computer. From there, Trojans can be used to steal financial information or install threats like viruses and ransomware.
  • Ransomware is a form of malware that locks you out of your device and/or encrypts your files, then forces you to pay a ransom to get them back. Ransomware has been called the cyber criminal’s weapon of choice because it demands a quick, profitable payment in hard-to-trace cryptocurrency. The code behind ransomware is easy to obtain through online criminal marketplaces and defending against it is very difficult.
  • Rootkit is a form of malware that provides the attacker with administrator privileges on the infected system. Typically, it is also designed to stay hidden from the user, other software on the system, and the operating system itself.
  • A keylogger is malware that records all the user’s keystrokes on the keyboard, typically storing the gathered information and sending it to the attacker, who is seeking sensitive information like usernames, passwords, or credit card details.
  • Malicious cryptomining, also sometimes called drive-by mining or cryptojacking, is an increasingly prevalent malware usually installed by a Trojan. It allows someone else to use your computer to mine cryptocurrency like Bitcoin or Monero. So instead of letting you cash in on your own computer’s horsepower, the cryptominers send the collected coins into their own account and not yours. Essentially, a malicious cryptominer is stealing your resources to make money.
  • Exploits are a type of malware that takes advantage of bugs and vulnerabilities in a system in order to allow the exploit’s creator to take control. Among other threats, exploits are linked to malvertising, which attacks through a legitimate site that unknowingly pulls in malicious content from a bad site. Then the bad content tries to install itself on your computer in a drive-by download. No clicking is necessary. All you have to do is visit a good site on the wrong day.

How to protect against Malwares?

There are actually two areas to consider where protection is concerned: protective tools and user vigilance. The first is often the easiest to implement, simply because you can often set and forget best-in-class protective software that manages and updates itself. Users, on the other hand, can be prone to temptation (“check out this cool website!”) or easily led by other emotions such as fear (“install this antivirus software immediately”). Education is key to ensure users are aware of the risk of malware and what they can do to prevent an attack.

With good user policies in place and the right anti-malware solutions constantly monitoring the network, email, web requests and other activities that could put your organization at risk, malware stands less of a chance of delivering its payload.

REFERENCES : 

  • https://www.forcepoint.com/cyber-edu/malware
  • https://www.malwarebytes.com/malware/
Joni Suhartono