3 min to read
Malware Overview
Malware Basics
What is Malware?
Malware stands for Malicious Software, It is any software that is used for malicious intents
According to Malwarebytes, Malware is an umbrella term that describes any malicious program or code that is harmful to systems.
Malware Goals:
- Disrupting host system operations
- Stealing critical information
- Obtaining unauthorized access
- Espionage (Spying)
- Sending Spam
- Utilizing the victim’s system (e.g. convert the host to zombie to use it for DDOS attacks)
- Locking up victim’s files on a host and holding them for ransom (i.e ransomware)
Malware Capabilities:
- Spreading: makes many copies of itself on the save host or via a network or usb
- Unauthorized access: it accesses the user’s device and files without his consent in order to perform an action on the device, such as sending an email, opening certain websites, or using the device to attack other devices
- Vandalism: deletes and destroys important files or data
- Information theft: steals data such as accounts, credit cards and passwords
- Exploitation: exploit vulerabilities in systems & networks so that it can take control of them
Malware Types:
1. Virus
A malicious software replicates itself by modifying other computer programs and inserting its own malicious code into these programs (host programs)
2. Trojan
A malicious program depends on deceiving the user that it is a good and useful program, but it is actually not
3. Worm
Is a software code that exploits a vulnerability in the system or network and spreads automatically through the network without opening any other program (it relies on exploiting vulnerabilities and spreading only)
4. Backdoor
A malware that negates the normal authentication procedures to access a system. the backdoor used by attackers to allow them enters and exits at any time it can steal or send data and place other viruses on the computer (i.e RAT)
5. RAT
Remote Access Trojan or Remote Administrative tools are a remote control tools which let the attackers enter the computer without the user knowing and they can steal data or control the device or blackmail the user
6. BotNet
A network of infected devices controlled by a single device called Botnet Controller or Command&Controller (i.e DDos Attacks that exploits this large network of devices in the attack
7. Logic/Time Bombs
Time bombs are Malicious code, the attacker placed it in the system and runs at a certain time or on a certain condition, for example: someone works in a company that puts a Logic Bomb that deletes all files in the case of he is fired from the company
8. Ransomware
Is a software that encrypts the user’s files and prevents him from accessing them until he pays the ransom and threatens to leak them or delete them forever in the event of non-payment.
9. Spyware
Software that spies on the user, collects his data and transfers it from his device to a server or attacker device in order to exploit it.
10. Adware
It displays advertisements for the user in order to profit from it or make him buy a specific product or pay money. The data is transmitted from the attacker’s device or server to the user’s device (unlike the spyware that transfers data from the user’s device to the attackers’ device).
11. Scareware
This type takes advantage of users’ fear of their data and devices to force them to buy unnecessary programs and install them, and sometimes they are harmful, such as programs that told you that your device has viruses and you download them to clean you computer, but in reality they will not clean it, they will harm it more.
12. Fileless Malware
A type of malicious software present in the memory and does not write any part of its activity on the hard drive or files. It spreads easily because most of the protection programs used to scan the disk and files, so it was difficult to detect it.
