Welcome to our new blog segment “Malware 101.” This entry will serve as an introduction of malware to familiarize the reader with terms and how to spot infection.
Malware is a collective short-hand term for malicious software, which is comprised of code that cybercriminals use to extract data, damage systems, or gain unauthorized access into a network. There are many types of malware, each different in their own way in how they interact with a system.
Types of Malware:
Viruses – Viruses are a common type of malware. Typically, malicious code is attached to an executable file and is released onto the system once that file is ran. They can disrupt functionality by damaging core systems & processes, corrupting files, or by completely locking a user out of a system.
Worms – Worms have the unique ability of being able to copy itself from machine to machine. Unlike viruses, it does not need user interaction to function. This can infect an entire network of devices quickly -- see botnet.
Trojans – Trojans appear as harmless applications that trick the user into using them. This type will pave the way for access for other types of malware, such as creating backdoors that allow security control bypass.
Ransomware – Ransomware, as the title suggests, includes paying money or ransom to a threat actor/3rd party. This type of malware is able to lockdown entire networks, through encryption or other means, until the desired sum is paid. Ransoms are often demanded in Bitcoin, making it difficult to trace the transaction or identify the actor behind the attack.
Spyware – This type of malware is designed to spy on the user and collect sensitive information without the user knowing. This can include credit card information, passwords, PHI, and others.
Adware – Perhaps the least destructive form of malware, adware is designed to generate revenue based on the ads it displays to the user. They collect personal data about the user and use it to personalize the ad that’s displayed.
Symptoms of infection: While these symptoms may not always mean there is an ongoing infection, they are likely signs.
Your device is running much slower than usual. You may notice that your device is running slower or functionality has been reduced to a halt. Once your system is infected with malware, there is a lot of work being done in the background. Your resources get allocated to tasks like modifying or deleting files, utilizing resources for unauthorized activities (Bitcoin mining), or replication to name a few.
Increase in Pop-up Ads or security warnings. These warnings or “scareware” are tactics used by attackers to get even more malware on your system by using a sense of urgency. If you are urged by an ad to download an antivirus software to remove the malware on your system, it is likely a scam for you to download additional malware or to volunteer personal information.
Disk space is rapidly disappearing. A common theme for malware is to either modify, delete, or introduce large files (often more malware) into your system. Seeing an increase of files appear with a random naming scheme or an unusual title are red flags.
Join us next time when we'll continue to dig deeper into malware and what it means to you!