What Are The Different Types of Malware?

Viruses - the most known ones for many years

Viruses need an already-infected active operating system or program in order to work and are typically attached to an executable file (.exe) or Word document (hence the emails). So how does it work really?

The virus lies dormant in the computer until you activate it. The simplest and more known example to us all is when you receive an email with an attached file that contains the virus. In order to activate the virus, you need to download the file onto your computer.

Trojan Horses

A Trojan horse is based on the mythology of the Trojan War back in Ancient Greece. Many of us might know about the Trojan War through the infamous movie “”. During the Trojan War, Greeks built a wooden horse and presented it as a gift to the people of Troy. But the horse was anything but a gift. It was a weapon that led the Greeks to win the war. The Trojan Horse was a disguise in which a select force of men hid inside.

A digital Trojan horse works the exact same way. It is a malicious program that is disguised as a legitimate file. Trojans are essentially a doorway to your computer and this type of malware can do multiple different things such as:

• Delete, modify and capture data
• Spy on your device
• Gain access to your network

Worms

Worms are spread via a glitch or weakness in software or in an operating system (known as software vulnerabilities) or via phishing attacks. Once a worm has been installed onto your computer, it starts to spread, infecting the whole computer and in some cases your whole network (meaning whoever accesses your internet). This type of malware can:

• Modify or delete files
• Steal data
• Install a “door” for hackers to access your computer (gain remote access)

Ransomware

Ransomware is a type of malware that denies or restricts access to your own files. In order for you to regain access to your files, you need to pay a ransom to the hacker. Ransomware can have a huge impact on your computer and cause damages that can reach hundreds of millions of dollars.

To reduce the risk of ransomware attacks:

• Always keep your operating system up to date
• Use and update often your Antivirus or Anti-malware software
• Back up your most important files to an external drive
• Never open attachments from unknown sources

Spyware

A Spyware secretly records your online activity, collecting your data and personal information such as usernames, passwords, browser history, and so on. Spyware is a common threat and is often used for identity theft and credit card fraud. Once you have downloaded the Spyware onto your computer, it sends your data to advertisers or cybercriminals.

Adware (aka Scams)

Adware is one of the better-known types of malware. These are pop-ups or display ads that often have no relevance to you, i.e. “You have won an iPhone, click here to claim your prize”. In general, Adware is annoying and slows your computer down. In most cases, these types of adware that are hidden within an ad are linked to sites where malicious downloads wait to be downloaded onto your computer. Moreover, Adware can also deliver Spyware allowing hackers to gain remote access to your computer.

Phishing & Spam

Phishing is a bit different from other malware categories. Phishing or Spam is a type of social attack, rather than software. Phishing and Spam is the most common and widely known method of cyber attack. Phishing and Spam are shared via emails, texts, and web links which are “requests type of messages” sent by criminals in order to acquire your personal and financial information. For example, “FBI requires you to enter some data in order to disburse the amount of $100,000 that was sent by XXXX from Africa”, “your Netflix billing information needs to be updated”, or “your Apple ID has been hacked”, and many other email phishing scams that look as if they are sent by a well-known company. But when you see carefully who the sender is, you will not see [email protected], [email protected], but [email protected]. These are highly sophisticated phishing scams and can fool even the savviest of us. Always look at the email address sender, look at who else is CC’ed in the email, and think whether this specific email address is actually linked to your apple id, Netflix, PayPal, and so on.

Bots & Botnets

A bot is a computer that’s been infected with malware in order to be remotely controlled by a hacker. Once the hacker has remote access to your computer, the bot can then be used to launch more attacks on other computers or devices that are part of your home network, or to become part of a collection of bots, creating a botnet. Botnets have become a trend because of our IoT and Connected Home devices and it is an easy way for cybercriminals to access your home and spread ransomware.

This type of malware can:

• Keylog your every stroke on your keypad, take screenshots of your computer screen, and gain webcam access without your knowledge
• Send spam and phishing messages to your email or phone contact list
• Denial-of-Service-Attacks [aka DDoS] - is one of the most popular ways Botnets are used for. Multiple computers attempt to access one website at the same time. The more computers the hacker has at their disposal, the greater the attack. Unfortunately, if the website does not have the resources to host the number of computers that attempt to visit it, the site will eventually crash. Because these attacks are done from multiple computers, it is very hard for a simple website to identify the source and thus stop it. As a result, this leads to fake news, fake accounts, data breaches, and many other well-known new digital illegal actions.

This type of network is also known as zombie computers, as computers act similarly to how zombies attack in movies; no identifiable pattern/common sense, all acting the same manner, and going in one direction.

---

Computer warnings of malware infection

One of the most common signs that you have been infected by malware is:

• A slow, crashing, or freezing computer
• Blue or red screen of ‘death’
• Programs opening and closing automatically or altering themselves without your permission
• All of a sudden, a lack of storage space
• Increased pop-ups, toolbars, and other unwanted programs

Unfortunately, the more technology evolves the more sophisticated the cyber-attacks become. Therefore, basic security practices such as educational blog posts, company-focused user awareness training, as well as companies employing state-of-the-art cyber strategy protection, will allow us as a community to better position and protect ourselves against these unwanted cyber threats, making sure that we have a real positive impact on cyber security improvement programs.

- Online safety for everyone, just browse the web you want and leave the rest to the security experts. Make the internet fun again by protecting yourself with security that outsmarts the bad guys.

---

by , Senior Product Manager, and , Director Engineering at Avast Secure Browser Team