Malware can range from being simple annoyances like pop-up advertising to causing serious damage like stealing passwords and data or infecting other machines on the network. Find out more about the most common types of malware to be prepared for.
Let’s talk about Malware. According to Wikipedia, malware, short for malicious software, is software used or programmed by attackers to disrupt computer operation, gather sensitive information, or gain unauthorized access to computers. It can appear in the form of codes, scripts, active content, and other software. Malware can range from being simple annoyances, like popup advertising, to causing serious damage, like stealing passwords and data, or infecting other machines on the network. There’s even malware designed to transmit information about your web browsing habits to advertisers, or other third parties, unbeknownst to you.
Malware is as old as software itself, and there are many reasons why a program might create malware. From simple pranks and experiments to serious organized crime. Whatever the case, malware writers and programmers are very experienced in using tricks to get users to download their malicious software. So, let’s get started. Although new types of malware are constantly under development, they generally fall into a few broad categories. Probably the most well-known type, the virus. Viruses consist of harmful programs designed to infect legitimate software programs. Once a person installs and runs the infected program, the virus activates and spreads itself to other programs installed on the computer, before taking further action, such as deleting critical files within the operating system. Similarly, worms are standalone programs that are able to transmit themselves across the network directly. Unlike computer viruses, worms don’t need to attack themselves to an existing program. However, both types of malware can cause severe damage by exploiting the shared files and databases.
Another common form of malicious software is a Trojan horse. Similar to Greek mythology, Trojans present themselves as harmless, useful gifts, in order to persuade victims to install them. Thus, Trojans typically appear as regular software. The catch is that the Trojan comes bundled with other software that often includes a backdoor, allowing unauthorized access to your computer. Trojans don’t attempt to inject themselves into other files or applications like computer viruses – instead, they use tactics such as drive-by downloads, or installing via online games, in order to reach their targets. The last forms of malware that we’re going to talk about are adware and spyware. Though not technical fitting into the virus category, at times these programs may invade your privacy, contain malicious code, and at the very least, be a nuisance.
Adware is a form of financially-supported malware that usually presents itself as unwanted ads. The internet is filled with these types of programs that can hijack your computer for profit. Most are hidden inside so-called free downloads and popup ads that forcibly install software onto systems with active vulnerabilities. Spyware is a type of malicious software that surreptitiously gathers information and transmits it to interested parties. Information gathered typically includes the websites you visited, browser and system information, and IP address. Spyware does not have any infection mechanisms, and is usually dropped by Trojans. Once dropped, it installs itself onto the victim’s computer, and will begin collecting information silently, as to avoid detection. A zombie works in a similar way as spyware. The difference is that a Zombie does not usually collect information from the computer. Instead, it just sits there, waiting for commands from a command and control server controlled by the attacker. Attackers infect tens of thousands of computers, turning them all into zombies, and then issue a command so that all of them instantaneously send network requests to a targeted host, overwhelming it with traffic, known as a DDOS attack, or distributed denial of service.
So, what can you do? First, make sure you’re following basic security protocols, like keeping your firewall turned on, and not opening spam email messages, or clicking on suspicious website links. But this type of security can really only go so far. With all the threats to address, risks to calculate, and systems to rectify, dealing with them all at once is almost an insurmountable job. The only effective approach to handling threats is in a just-in-time manner – discovering when things are becoming an issue, and then rectifying them at that time. AlienVault provides organizations of all types and sizes with unprecedented visibility across the entire security stack, with the AlienVault Unified Security Management Platform. By using built-in security capabilities like asset discovery, inventory, vulnerability assessment, and more, AlienVault USM provides accurate and timely detection of malware infection and system compromise, so you can focus on the threats that matter.
Do more with less with AlienVault.