Spyware, Malware and (the not as common term) Bots – most of us have heard about them and the not so lucky have had first-hand experience with them. The term “Virus” has been the commonplace word for all malicious software programs for years now. I would like to touch on them and go into a little bit of detail of what they are and how they work.
1. Malware that causes annoying behaviors on our systems
Not all malware is destructive in nature. However it can still cause all sorts of annoying behaviors such as generating copious amounts of pop-ups and cause your system to run extremely slowly. The scary part is that it can also steal data. This type of malware is not classified as a Virus or a “Trojan Horse” (which I will touch on a little later), but can still negatively affect a computer system and lead to other security risks.
The name pretty much sums this one up. Adware is software that displays unwanted advertising on your computer or mobile device, generally in the form of pop-up ads or redirecting your browser to a specific website. While it won’t always cause harm to your device, the behavior is annoying and can also sometimes contain Spyware.
3. Browser Hijacker
Browser Hijacker containa a similar trait to Adware where malicious software is introduced to the system redirecting your computer’s browser to predetermined websites – generally used to display advertising. Unfortunately some of the pages you are redirected to can contain malware that is downloaded to your system.
Spyware is designed to do exactly what its name suggests. It hides on your computer and monitors everything that you do. It can track your web activity, access emails and even steal usernames and passwords.
5. Malware that can cause data loss and damage
Malware that is malicious in nature aims to steal your data, cause data corruption or allow an attacker to take control over your computer.
Bots (or robots), are an application that carries out automated tasks on the system, such as attacks on other machines in order to create a botnet. Once the bot infects the computer, that computer is often referred to as a “Zombie”, as it is now under the control of the hacker. These botnets can be used to carry out various tasks, such as distributing spam emails, injecting Adware onto computers, recruiting other computers for Denial of Service (DoS) attacks and more.
7. Macro Viruses
Macro Viruses are a type of Virus that are specifically written to alter macros, which are common commands found in programs such as Word, Excel and PowerPoint files. The macro will not cause any harm to your computer until it is launched – which usually simply consists of opening the document. Once executed, the macro can cause changes in text (inserting or removing words), changing the font and other strange and annoying behaviors. Some macros can even access email accounts and send out copies of itself to the users in your contacts list.
This is a high level threat, as it will hold your data hostage via file encryption. It usually transmits itself via a Trojan Virus, and once infected it encrypts the data on your hard drive (and can spread to other computers on your network). Once the data is encrypted, the attacker demands payment in order to provide you with the encryption key to unlock (decrypt) the data. The last thing you want to do is pay a ransom for what is rightfully yours (I have in the past recommended that a company do not pay the ransom, which they did and the decryption did not work!). Instead, do regular backups and, if infected, restore your data from the most recent backups available.
9. Rogueware / Scareware
Rogueware is an insidious form of malware because it masquerades as Internet Security Software. It acts as an antivirus program and performs a false scan on your computer and will alert the user to a virus on what is most likely a clean computer. The program will then offer to clean up the virus for a small fee. Clicking on the link generally redirects the user to a compromised website allowing the injection of malware onto the machine. The easiest way to check whether messages have come from a legitimate source is to do an internet search of the program’s name and the results will usually show you if it is Rogueware.
10. Trojan Horses
Trojan horses can cause severe damage to both data and network activity. Data damage usually occurs in the form of deletion, modification, copying and stealing. Network damage usually consists of a disruption in network activity. There are a multitude of Trojan Viruses out there – here are a few of the most common:
- Backdoor Trojan: These Trojans can create a “Backdoor” on a computer allowing an attacker to control it, steal data and load more malware onto the computer.
- Downloader Trojan: The main purpose of these Trojans is to download additional malware onto the machine.
- Infostealer Trojan: The main purpose behind this Trojan is to steal data from the infected machine.
- Remote Access Trojan (RAT): This Trojan is designed to give the attacker complete control over the infected computer.
- Distributed Denial of Service (DDoS) Attack Trojan: This Trojan performs DDoS which are designed to take down a network by flooding it with traffic.
Computer Worms are designed to duplicate and spread as many copies of itself in any way possible from computer to computer. They can replicate themselves without any human interaction and do not need to attach themselves to a program in order to cause damage. What you can expect from a worm is deleting files, modifying files and even injecting additional malware onto the system.
In our previous blog post. we covered the ways to avoid being the victim of hackers and targeted phishing attacks. Many of the same rules apply: if you don’t recognise the source of an email attachment or link, don’t click on it. Your IT Manager should also ensure that you have Virus Protection software installed from a trusted source. If you suspect that your computer has been infected by any type of malware, it’s best to speak to your IT department to find the best course of action to remove it.
Conosco offers a holistic programme of Information Security Awareness Training, which starts with educating business leaders and employees on how to mitigate the risks and impact of cyber attacks.
Look out for our next blog post: ‘How do I get malware on my Computer?’.
Written by Kenneth McNeill, Security Engineer, Conosco