Malware 101: what is malware

Understanding what malware is can be confusing, as it is a very broad term that includes trojans, viruses, spyware, etc. Use this quick guide to learn how to differentiate the different types of malware.

 

Most of the malicious software used for criminal activity is some kind of trojan horse. Some of them log keystroke clicks, others take screenshots when users are visiting bank websites and try to log in. Others may install a malicious code that gives hackers remote access to the computer. One thing all these malicious programs have in common is their purpose of collecting highly sensitive information and stealing money.

What are hackers?

Previously, the term hacker was used for highly a qualified programmer. However, this name is now also used to describe people who discover vulnerabilities and use them to get into systems. Hackers constantly try to get into both individual computers and large networks, and once they have access to the system, they can steal highly sensitive data, install malware or computer viruses, as well as use the computers for sending spam.

What is a vulnerability?

Modern computer programs are very complex, consisting of thousands of code lines. But they aren’t perfect. Thus, it’s not unexpected that mistakes can lead to cyber attacks. Those mistakes in code are referred to as vulnerabilities. They allow hackers to enter a system, install malware, steal information, etc.

What is a phishing attack?

A phishing attack is a form of computer fraud where cyber criminals create fake but legitimate looking bank websites (or any other site related to finances) and try to redirect users to them so that victims could put in their online banking login credentials. If users fall for this, their bank account login details end up in the hands of cyber crooks, which could result in money theft. Cyber crooks don’t just use phishing attacks to steal banking information. Social media, email, entertainment services like Netflix, etc., logins are also often targeted this way.

What is spam?

Spam emails are unsolicited advertisement emails sent in mass amounts, generally without the receiver’s permission. Spam usually advertises questionable products or services. Sending spam usually costs nothing to spammers, and some people do purchase an item or a service, making this way of attracting customers profitable. In addition to advertising dubious things, spam is also often used to distribute malware.

What’s the difference between computer viruses and worms?

A computer virus is a self-replicating program. Viruses spread from file to file and from computer to computer. Computer viruses can be programmed to destroy or corrupt data.

Worms are considered to be a subclass of viruses with specific properties. The worm replicates itself without infecting other files. Once it infects one computer, it then tries to infect others.

The longer computer viruses go undetected, the more files they infect. A worm creates only one copy of its code. Unlike a virus, a worm code is self-contained. In other words, a worm is a separate file, and a virus is a code that is installed into existing files.

What is a Trojan?

Trojans are programs that at first glance seem to be legitimate software, but actually have malicious intentions. Trojans cannot spread by themselves and are different from computer viruses and worms. Typically, Trojans are installed on a computer secretly. They also perform their malicious activity without users noticing. The majority of modern malware is just different types of trojans, which are programmed to carry out a specific malicious activity. Trojans can log keystrokes, spy on users, steal passwords, send spam, etc.

What is a DoS (DDoS) Attack?

A DoS Attack (Denial of Service) is designed to disrupt or interfere with normal web, server, or other network resource activity. Hackers perform such attacks in different ways. One of the ways is to send large amounts of requests to servers, which would disrupt or completely stop it from working if its resources are not sufficient to process those requests.
A DDoS attack (Distributed Denial of Service) differs from a DoS attack because during a DDoS attack requests are sent from many different computers. Hackers use a single infected computer as their main computer and, through it, directs attacks from other computers called zombies.

What is a drive-by attack?

Drive-by attacks are a common method for spreading malware. Cyber crooks search for vulnerable servers on the Internet, via which they can insert malicious code to websites. If no security updates are installed on the operating system or programs, the malicious code is automatically installed on the computer when you visit an infected website.

What is a keylogger?

A keystroke logger is a program that records keystrokes. Using it, hackers can gain access to confidential data (login, passwords, credit card numbers, PIN codes, etc.). It works in the background, so the user would not notice that everything they type is recorded.

What is a rootkit?

A rootkit is a program or a collection of tools that are used to disguise unauthorized access to a computer or some malicious activity. When a rootkit is installed on a computer, neither the user nor anti-virus software usually notices its presence. The fact that many users use administrator accounts and do not create a separate user account for regular activities only helps hackers.

What is adware?

Adware is a program that shows you ads or tries to redirect you to advertising websites. Adware often comes together with free software and is installed without users knowing. In some cases, adware can be installed by a trojan.

There are also browser hijackers, programs that can change browser’s settings, and redirect users to weird websites. They can also change search results to lead to sponsored websites, which often have nothing to do with the query.

Usually the adware is not visible in the system. Only rarely can they be uninstalled manually. Attempting to remove these programs manually may result in damage to the computer.

What is malware?

Malware refers to all programs that are created and used for malicious or illegal activity. Malware includes computer viruses, hidden service programs, keyloggers, password stealing programs and other trojans, macro viruses for Word and Excel, rootkits, script viruses, Java viruses, spyware and adware. With continuous technological advances, malware is also evolving, which means computer protection is essential.

What is a botnet?

A botnet is a network of infected computers called zombies, controlled remotely by cyber criminals. Botnets are often used to carry out DDoS attacks. Because infected computers do not show overly obvious signs of malware, users are often unaware that their devices are part of a botnet.

What is Spyware?

As the name suggests, these programs collect data and send it to third parties without the user’s knowledge and consent. Such programs can track keyboard keystrokes, collect confidential information (passwords, credit card numbers, PIN codes, etc.), and track email addresses in email boxes. In addition, spyware inevitably reduces your computer’s performance.