CyberSecurity: What is the Malware and Types of malware?

Malware refers to software that has been designed for some nefarious purpose. Such piece of software is design to target & invade in the target system or devices. The purpose of these malicious software could be anything: from deleting files, steal private information, spying & access un-authorized systems.

There are multiple types of malicious softwares & all of them fall in the malware category such as Viruses, Trojan horses, Logic Bombs, spyware & worms.

Polymorphic Malware: The detection of malware is anti-malware programs is primarily done through the user of a signature. Files are scanned for sections of code in the executable the act as markers, unique patterns of code that enable detection. Just a human body creates antigens that match marker proteins, anti-malware programs detect malware through unique markers present in the code of the malware. Polymorphic malware is the software which changes signature on regular basis to avoid detection.

Viruses: The best-known type of malicious code is the virus. A virus is a piece of malicious code that replicates by attaching itself to another piece of executable code. When the other executable code is run, the virus also executes and has the ability to infect other files.

Armored Virus: When a new form of malware/virus is discovered, antivirus/researchers will try to find out functioning of malware. Armoring malware can make the process of determining internal working of malware more difficult, if not impossible.

Crypto Malware: Crypto-malware is a malware that encrypts files on a system and then leaves them or unusable either permanently, acting as denial of service or temporarily until a ransom is paid.

Crypto-malware is typically completely automated. Ransomware malware are crypto-malware. Ransomware is encrypt files of the users & keep as deadline to pay ransom. Most of the ransomware uses RSA Public key encryption & it is not easy to decrypt user data.

Keylogger: As the same suggests, a keylogger is a piece of software that logs all of the keystrokes that a user enters. Keyloggers in their won respect are not necessarily evil, for you could consider MS Word to be a key logger. What makes a key logger a malicious piece of software is when its operations is unknown to the user, not under the user’s control.

Keylogger malware are used to target specific user to get critical information such as password, network id’s & banking information etc.

Adware: The business needs revenue steam to support development & marketing and advertising is one form of revenue stream. Software that is supported by advertising is called adware. In general, User/Business agrees to show legitimate ads but some ads could be shown by the adware.

If you keep getting unwanted pop-up windows in your computer without even visiting some sites or application, You can be sure that your computer is infected by the adware.

Spyware: As name suggests, Spyware is a software that spies on users, recording & tracking user activities without user knowledge. Most of the apps are not less spyware than actual spyware. Like Google, Facebook etc. They do track every one of us.

Worm: Worms are piece of code that attempt to penetrate networks and computer systems. Once a penetration occurs, the worm will create a new copy of itself on the penetrated system. Virus needs another file or code. Worms are self replicable malware & network based. Some of the examples of Worms malware: SQL Slammer of 2003, Zotob worm 2005 took down CNN LIVE

Logic Bomb: Logic bombs, unlike viruses & Trojans are a type of malware that deliberately installed, generally by an authorized user. A logic bomb is a piece of code that sits dormant for a period of time until some event or date invokes it’s malicious payload. For example, Logic bomb could be a simple program which checks your payroll regularly, tracking different things regularly.

Trojan: A Trojan horse, or simply Trojan, is a piece of software that appears to do one thing but hides real functionality of it. The perfect example is Troy Movie last scene.

Trojan malware works pretty same as it is seen in the movie. Trojan horse is outside the wall and does not harm until it is within the walls. First, Trojan malware must be brought inside the system, networks. Generally, Trojans are stand-alone program that must be copied & executed by the user.

RootKit: Rootkits are a form of malware that is specifically designed to modify the operation of the operating system in some fashion to facilitate nonstandard functionality. A rootkit can do many things- in fact, it can do virtually anything that the OS does.

Advertisements


Categories: Cyber Security, malware

Tags: , ,

1 reply

  1. Very good article and information.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.