BreachAlarm

Blog

The Many Faces of Modern Malware

• in categories: advice • by: Michelle Balestrat

Ever since the dawn of computer programming, there have been those of us who have decided to put their skills to more nefarious uses. In the past century, computer code with an annoying and sometimes destructive payload became known as a ‘computer virus’, sparking public fear and sometimes even mass hysteria – notable examples included Code Red and BugBear, to name a few.

A scary-looking ancient mask bares its teeth at the camera.
Image credit: Wellcome Library, London. Wellcome Images.

While viruses are still truly alive and kicking today, irritating programs have since branched out into countless different forms and specialties and are known collectively as malware. Unlike malicious programs of the past few decades – destructive for their own sake – modern malware is often a key moneymaking tool for scammers and other computer criminals. Its effects can range in severity from the occasional unwanted popup window to outright identity theft.

In this article, we’ll cover the main types of malware that you’ll come across in your use of the Internet. This list is in no way exhaustive, but it should give you a good idea of the security landscape.

1. Adware

This is the most common form of unwanted program, and often also the most exasperating. Those with more limited computer savvy can be the most susceptible to this type of malware, due to its often-sneaky installation tactics. Don’t remember how that stupid Ask Toolbar got there in the first place? That’s by design. Adware can come bundled with legitimate software when downloading from trusted sites like CNET and Download.com.

Signs of an adware infection are usually very obvious; they can display ads on your desktop or browser, change your default search engine or add a toolbar to your browser window. They’re usually quite low-risk, and deleting them is often as simple as uninstalling them using your Control Panel or browser’s extension manager.

2. Spyware

Spyware can be seen as a ‘step up’ in risk level from adware, going beyond merely bludgeoning you with advertising to actively spying on your internet usage habits and more, as the name suggests. It’s worth noting, too, that some adware is also spyware!

Common spyware behaviours can include logging your keystrokes, data harvesting (collecting your login and browsing information), and “phoning home” (sending your collected information back to its developers). Some more powerful types of spyware can even alter your security settings without your knowledge.

Most anti-virus packages will detect spyware, and dedicated scanners also exist, such as Spybot - Search & Destroy.

3. Trojan Horses

Commonly known as ‘Trojans’ and named after the story in Greek mythology, this type of malware has garnered a lot of notoriety (but not necessarily understanding) in popular culture.

Operating on the principle of disguise, Trojans pose as legitimate programs and once inside a system, they can be quite difficult to remove. Their malicious payloads can include allowing remote access, screen-watching, keylogging, or even installing further malware without your knowledge.

An up-to-date anti-virus package is your best defence against this type of threat. However, no antivirus software is perfect, so you’ll need to make sure that you’re running software only from trusted sources. (Steer clear of ‘.jpg.exe’ file extensions!)

4. Viruses

These classic computer afflictions don’t get nearly as much attention as they once did. For the most part, modern viruses are far less showy than their vintage counterparts. However, they have become much more sophisticated in recent years.

Like their biological counterparts, viruses are able to copy themselves by taking advantage of a computer user’s file sharing behaviour, even spreading to other files and computers. Some viruses (otherwise known as Worms) can even spread themselves without any intervention at all.

They can originate from virtually any type of file, including Microsoft Office documents (‘macro viruses’), and worryingly – web apps. Once again, exercise a healthy amount of scepticism before running any installer, Office Document or executable file.

5. Rootkits

These are relatively unheard of by the public, but an insidious threat nonetheless. One of the most dangerous types of malware, rootkits can be almost undetectable unless you scan for them specifically using an Anti-Rootkit scanner. Regular antivirus software is often unable to “see” rootkits, given that they run as discreet background processes and usually take very little system resources.

The ‘root’ part of their name comes from the root (administrator) access they give to hackers. Once installed, a rootkit can allow an attacker to execute files remotely, change settings, access information, modify system settings and more.

As previously stated, it’s nearly impossible to detect them through regular means. You’ll want to run a specific rootkit scan (such as GMER) at regular intervals, as well as avoiding downloads from unknown sources.

6. Bots

Automated process robots, or ‘bots’, are a common character in today’s internet. They’re often used to automate dull, repetitive tasks and as such, they can be put to helpful uses in internet auctions, online contests, chatrooms and gaming.

However, there is a dark side to bots that allows some to be used for far less stellar purposes. Sending spam, distributing other malware, as well as joining forces to form “botnets”: a massive network of infected computers, all having their processing power used to complete any of the aforementioned activities.

Your antivirus utility should protect you from bot-related malware, but there might be cases where a rootkit has been installed to help the bot avoid detection. Once again, a regular rootkit scan is your best defence here.

7. Ransomware

Ransomware is one of the cybercriminal underground’s biggest money spinners. In essence, it holds computers captive, demanding a ransom to let regular users into the machine. The less vicious versions will simply lock down the system (lending themselves to easy removal in Safe Mode), while the more sadistic types will encrypt a user’s entire hard drive until money is paid – usually in a cryptocurrency like Bitcoin or via anonymous cash transfer like Western Union.

They will often scare users, telling them about federal surveillance and dubious material found on their hard drive. For extra impact, the webcam might spring to life – claiming to be ‘capturing’ a picture of the ‘perpetrator’. This smoke and mirror tactic can cause panic, causing the user to drop his or her cash in fear and desperation.

Ransomware enters a computer much like a Trojan horse – via a downloaded file that is then run. Other ways for ransomware to infect a machine is via a network vulnerability, or by means of another infection, such as a rootkit. In general, an up-to-date antivirus program will detect this form of malware before it’s run (provided you give it a chance!)

While this wide array of malware can seem intimidating, you’ll be able to give almost all of it a miss by simply keeping your antivirus software updated, and exercising your critical thinking skills before you click.

Boost your breach protection!

Email Watchdog

Guard your online accounts.
  • 10 and 50 email packs available.
  • Detailed breach notifications.
  • Watchdog Update email newsletter.
  • Priority email support.
Learn More

Business Watchdog

Protect your company’s accounts.
  • Protect all email addresses in your domain.
  • Detailed breach notifications.
  • Exclusive access to your domain’s breach status.
  • Watchdog Update email newsletter.
  • Priority Email Support.
Learn More
Browse all posts
Avalanche Technology Group