top of page
Writer's pictureThe Tech Platform

Malware - what are the different types of Malware. Learn how to detect them

Malware, or malicious software, is any program or file that is harmful to a computer user. Types of malware can include computer viruses, worms, Trojan horses and spyware. These malicious programs can perform a variety of functions such as stealing, encrypting or deleting sensitive data, altering or hijacking core computing functions and monitoring users' computer activity.



Malware can infect network and devices and is designed to harm the devices, network and their users. This harm can take different forms which depends on the type of malware. In some situation, the effect of malware is mild but sometimes its disastrous.


How malware attack your device

Malware use variety of physical and virtual means to spread malware which effects devices and networks. Malicious programs are delivered from the USB drives by downloading the programs to the system without the user's approval and is spread all over the system.


Phishing attack is the most common type of malware deliver where emails messages contains links or attachments or documents which delivers the malware executable file to the unsuspecting user.


Obfuscation technique is designed to fool users, security administrators and anti-malware products. some of the techniques rely on the web proxies, or the IP addresses to hide the malicious traffic.


Polymorphic malware repeatedly change its underlying code to avoid detection from signature-based detection tools


Anti-sandbox enables malware to detect when it is analyzed and to delay execution until it leaves sandbox.


Fireless malware resides in system's RAM to avoid being discovered.



Types of Malware

Different types of malware contains unique tricks and characteristics. Below is the lists of different types of malware :



viruses

A computer virus modifies other legitimate host files (or pointers to them) in such a way that when a victim's file is executed, the virus is also executed. Viruses are the only type of malware that "infects" other files.


worms:

Computer security pros were besieged by malicious worms that arrived as a message attachments. One can open wormed emails and the entire company would be infected in short period of time. Its self-replicating. It has the ability to spread without end-user actions. Worms exploit other files and programs to do the dirty work.


Trojans:

The Computer worms was replaces by the Trojans as a weapon for the hackers. The trojans contains malicious instructions. For Trojan malware programs , it must be executed by the victim. The trojans are arrived by emails or by visiting infected website (fake anti-virus programs)


Trojans are difficult to detect:

  1. They're easy to write (cyber criminals routinely produce and hawk Trojan-building kits) and spread by tricking end-users — which a patch, firewall, and other traditional defense cannot stop. Malware writers pump out Trojans by the millions each month.

  2. Antimalware vendors try their best to fight Trojans, but there are too many signatures to keep up with.


Hybrids and Exotic Forms:

Most of the malware is the combination of Trojans and worms including virus. The malware appears to the end-user as trojans and when it is executed, it also attacks other victims over the network like worms.


Botnets is the combination or Trojans and Worms that attempt to make individual exploit clients a part of larger malicious network. Botnets range in size from a few thousand compromised computers to huge networks with hundreds of thousands of systems under the control of a single botnet master. These botnets are often rented out to other criminals who then use them for their own nefarious purposes.


Ransomware:

Ransomware will encrypt your data and hold it as hostage waiting for cryptocurrency. Ransomware has crippled companies, hospitals, police departments and even the entire city. Once executed, most look for and encrypt users’ files within a few minutes, although a few are now taking a “wait-and-see” approach. By watching the user for a few hours before setting off the encryption routine, the malware admin can figure out exactly how much ransom the victim can afford and also be sure to delete or encrypt other supposedly safe backups.


Fireless Malware:

Fileless malware is malware that doesn’t directly use files or the file system. Instead they exploit and spread in memory only or using other “non-file” OS objects such as registry keys, APIs or scheduled tasks. Fireless Malware is harder to detect and stop.


Adware:

Adware attempts to expose the compromised end-user to unwanted malicious advertising. A common adware program might redirect a user's browser searches to look-alike web pages that contain other product promotions.


Malvertising:

Malvertising is the use of legitimate ads or ad networks to covertly deliver malware to unsuspecting users’ computers. For example, a cybercriminal might pay to place an ad on a legitimate website. When a user clicks on the ad, code in the ad either redirects them to a malicious website or installs malware on their computer. Cybercriminals have also been known to compromise legitimate ad networks that deliver ads to many websites.


The goal of cybercriminals who use malvertising is to make money, of course. Malvertising can deliver any type of money-making malware, including ransomware, cryptomining scripts or banking Trojans.


Spyware:

Spyware is commonly used by people who wants to check on the computer of loved ones. Criminals can also use Spyware to log the keystrokes of victims and can access to password. Adware and Spyware can easily be removed because they are not nefarious as compared to other malwares.



How to detect Malware

A user may be able to detect malware if they observe unusual activity such as a sudden loss of disc space, unusually slow speeds, repeated crashes or freezes, or an increase in unwanted internet activity and pop-up advertisements. Antivirus software may also be installed on the device to detect and remove malware. These tools can provide real-time protection or detect and remove malware by executing routine system scans.


Windows Defender, for example, is Microsoft anti-malware software included in the Windows 10 operating system (OS) under the Windows Defender Security Center. Windows Defender protects against threats such as spyware, adware and viruses. Users can set automatic "Quick" and "Full" scans, as well as set low, medium, high and severe priority alerts.


How to remove Malware

Many security software products are designed to both detect and prevent malware, as well as remove it from infected systems.


Malwarebytes is an example of an antimalware tool that handles both detection and removal of malware. It can remove malware from Windows, macOS, Android and iOS platforms. Malwarebytes can scan a user's registry files, running programs, hard drives and individual files. If detected, malware can then be quarantined and deleted. However, unlike some other tools, users cannot set automatic scanning schedules.




The Tech Platform

0 comments

Comments


bottom of page