What You Need to Know About Malware

​Malware is short for malicious software. It is a broad term that applies to any software that has unwanted effects for the victim. It spreads in various ways, but always has the same goal: to infect your computer.

You should treat malware seriously and take action if you're infected. Some malware programs don't pose a huge threat. However, most malware infections are serious and can have real-life consequences like identity theft.

Types of Malware

Malware is an umbrella term and includes many different types of threats. These range from mild annoyances to severe problems. Here are a few examples of well-known types of malware:

Viruses and Worms

Viruses and worms are what may come to mind first when you think of malware. They can be relatively mild pranks, or they can cause serious harm to your operating system and files. However, even prank viruses can be dangerous. They can have unwanted side effects, like slowing down your computer or crashing it.

Virus is commonly used as a synonym of malware. In common usage, it's perfectly fine to use virus as an umbrella term. However, in computing, virus has a more specific meaning. It's a sub-type of malware with its own properties. Viruses work by attaching themselves to a file or program (a host). Then, they copy themselves and attack other programs on the computer. Viruses can spread can various ways. However, many of the best-known viruses spread by sending emails to the victim's contact list.

On the other hand, worms are much like viruses. Like viruses, worms copy themselves to spread. However, they don't require a host and can spread through computer networks. They take advantage of security holes to infect any computers that aren't protected.⁶

Viruses were a hot topic in the earlier days of the internet. However, they are much less common in the modern age. On the other hand, worms are making a comeback as ransomware, which you can read about below.

Adware

Adware generates ads on the victim's PC so that the creator can make money. On top of this, it may install annoying, hard-to-remove browser add-ons like toolbars. It may change your browser settings and redirect you without your permission. This is called browser hijacking.

The term can mean any software supported by ads. However, it's usually used to mean malware that generates annoying, unwanted ads. Adware is usually considered a "mild" threat. However, some sources classify it as a serious threat. This is because some adware breaches security settings on your computer, exposing your data to worse threats. It can also cause other problems like slowing down your computer and eating up your data plan.¹

Spyware

Spyware is software that gathers info from your computer without your knowledge. Some legitimate organizations use it to monitor computer systems. For example, some companies use spyware to keep track of employee activities. However, you won't usually hear the term applied to anything but malware.

Spyware can be used to steal your sensitive data, such as account passwords and financial info. If you're infected, it will secretly send data from your hard drive to the attacker. It may also log what you type or track your internet browsing. In extreme cases, spyware may install a rootkit. This is a software bundle that lets the spyware access the operating system at an admin level. Rootkits are hard to remove and can hide themselves from antivirus software.

Overall, being infected with spyware can open you up to identity theft. Because of this, you should treat it as a more serious program than adware.

Trojans

Trojan (short for Trojan horse) is malware that hides its true intentions. Trojans are disguised as legitimate programs, but this is a cover for what the malware is really doing to your computer. Instead of copying themselves to spread, Trojans trick you into downloading them.

The effects of a Trojan can be anything. However, they're typically used as a "backdoor," a method of breaking security on the victim's computer. Once infected, attackers have direct access to the infected computer. They can steal info, spy on the victim, and even control the computer remotely. Trojans often use some of the same methods as spyware, but they are much more dangerous.

A good example of a Trojan is "rogue security software." This is a type of malware that pretends to be an antivirus tool. Their goal is usually to get you to pay for the "full version." If you fall for it, a criminal now has your money and credit card number. These types of Trojans often use scare tactics to trick victims into downloading them and paying.

People create Trojans for a few reasons. Here are two examples:

Stealing the User's Info/Identity

Like spyware, it's easy to use a Trojan to get the victim's data or break their online accounts. Trojans may be able to watch the victim's screen, log their keystrokes, or even access their files directly. Or, in the case of rogue software, it can use phishing tactics.

Creating Botnets

A botnet is a network of computers that an attacker secretly controls via Trojans or other malware. Victims often don't know their computer is part of a botnet. Computers in botnets are often called "zombies." Attackers use their "zombies" to carry out denial-of-service attacks or spread spam messages.²

Ransomware

This type of malware has been growing in popularity. It is arguably one of the most dangerous malware threats today. The "WannaCry" incident of May 2017 was just one of a handful of notable ransomware attacks.

Ransomware programs can spread in a variety of ways. For example, they sometimes work like Trojans. However, there have been a couple of them in recent years that worked like worms, like "WannaCry." This is one of the things that makes ransomware so dangerous.

On infection, ransomware "locks" the victim's PC in some way and demands them to pay to "unlock" it. It essentially holds the computer "hostage." Some ransomware simply puts the PC behind a "paywall," blocking victims from their files. Some actually encrypts the victim's files. This means it scrambles the files so that they're unusable until the ransom is paid.

Ransomware attacks are almost always done to make a profit, because they're such an easy way for criminals to make money.

PUPs

A PUP is a potentially unwanted program, an app you agreed to install but probably didn't want. They're usually "bundled" with the program you did want to install. They use several tactics to hide the fact that you're installing them and are usually hard to remove. These include dark patterns, user interfaces designed to confuse or trick you.

PUPs aren't considered malware, but they're still something to look out for. They tend to use methods used by adware and spyware, such as browser hijacking. They may also compromise your security settings, opening you up to more problems.

How Malware Spreads

Malware spreads in a variety of ways. Here are a few examples:³

• Email – The attacker links you to a malicious site, or tricks you into opening an attachment that installs malware.
• Social Media/Forums – Attackers may post alluring posts, messages, or comments. These usually try to get you to click a link.
• Outdated Software – Criminals look for security holes they can take advantage of. They can use an "exploit kit" that searches a computer for out-of-date software to find an opening.⁴
• Drive-By Downloads – A drive-by download is an attack that downloads malware to the victim's computer without them knowing. This can happen if you visit a site with a malicious script.
• Online Ads – Attackers can take advantage of ad services to spread malware. They may submit ads with malicious scripts or drive-by downloads in them. These ads may also trick you into clicking on them in some way. This is called malvertising.
• Storage Media – Malware creators may leave a device containing the program in a seemingly random place. They are usually mislabeled so the victim mistakes it for something else. Putting the device into a computer will infect it.

What's the Point?

Making malware seems pointless at first glance. You may ask, why would a criminal want to ruin a random stranger's life? The truth is, most criminals who create malware want to get something out of it.

Here are a few common reasons for creating malware:⁵

1.  Profit

Many criminals want to make money from their activities. Cybercriminals are no exception. In fact, money is probably the biggest reason modern criminals create malware.

There are a few reasons for this. For example, ransomware is a way for criminals to extort money out of unsuspecting victims. Also, Trojan horses and spyware give access to personal details that allow identity theft.

2.  Theft of Digital Goods

While it sounds too out there to be true, virtual goods do have a real-life value attached to them. Some criminals will want access to a victim's online accounts, so they can reap the benefits. Also, buying and selling accounts is more common than you think.

For example, in online games (MMOs), thieves will crack player accounts and sell the player's virtual items to other players for real-world money. This works like a virtual "black market" of sorts. They often do this through malware disguised as useful software aimed at players.

3.  Causing Chaos for Its Own Sake

While many malware creators have a clear goal, some just want to watch the world burn. They may create malware as a twisted "prank" or to show off their technical skills. They like taking down other computers, or entire systems, for no reason other than to feel powerful and laugh at the victim. They may also do so to expose security holes in software.

These types of people were common in the earlier days of the internet. However, they're rare today. After all, most modern malware creators do it for the money.

Defending Yourself

Don't worry, you don't have to be a computer genius to protect yourself against malware. All it really takes is a few simple habits. Here are some examples to get you started:

Install Anti-Malware and Antivirus Software

Some people think that common sense is the best defense against malware. They say that they won't get infected because they're cautious. Unfortunately, this is a not always the case. Being infected with malware isn't always your fault, and you aren't safe even on trustworthy websites. Installing good security software should be a standard action.

Another common myth is that you have to pay subscriptions for good security software. In reality, most paid models only give you extra features. At a basic level, free versions do what they're meant to do just as good as the paid versions.

Antivirus and anti-malware are actually different things. Antivirus software protects your computer against infection before it happens. Anti-malware scans your computer for infection and helps remove it. It's true that both types usually have elements of the other type. Antivirus can scan your computer for malware and anti-malware usually has a simple shield feature. However, they put most of their focus into different things. In other words, antivirus is like a flu shot, while anti-malware is like medicine.

For antivirus, a good place to start is Avast Free Antivirus. For anti-malware, the absolute best is arguably Malwarebytes.

Install Ad Blockers, and Don't Click Ads

A good ad blocker can protect you against malvertising. This way, malicious scripts from these ads won't be able to touch you.

However, some sites don't let you use ad blockers. In this case, make sure your security software is enabled, and NEVER click on any ads. While not all ads are harmful, there's no way to tell until you click them. Since they're a popular tool for attackers and scammers, it's best to avoid clicking them altogether.

Also, watch out for misleading ads. Some criminals will buy an ad in a spot and size that makes it look like something else. For example, download pages will sometimes be full of ads that look like download buttons. Also, some ads may be disguised as part of the site. Thankfully, it's not too hard to spot ads. Most are labeled as ads, and they will always link to outside the site you're on.

Keep Your OS and Apps Up-To-Date

This helps you avoid being exploited by hackers and malware.

Don't Trust Strange Storage Devices

If you find a flash drive, CD, DVD, etc. lying on the ground somewhere, you probably shouldn't trust it. Yes, it's possible that someone has just lost their device. However, you shouldn't take your chances.

Watch Your Downloads

There is a lot of legitimate, free software on the internet. Make sure you download these programs from the right sources. Trojans sometimes pose as well-known free software like Adobe Flash Player.

Be careful on software download sites like Softonic, Sourceforge, and Filehippo. These sites are perfectly safe and used by legitimate software developers. However, they're also an easy way to distribute malware. Make sure the program you're downloading is legitimate (see the next point) instead of blindly downloading it. It also helps to use ad blockers because attackers will sometimes exploit ad services to trick people into thinking they're clicking a download button.

Be Careful with Email Attachments

This a very popular way to spread malware. Never open attachments if you don't know the sender, or if the email seems suspicious. Don't let your guard down if the attachment looks like a "safe" file like a PDF or Word document. Attackers can disguise files by using misleading file names (e.g., "document.pdf.exe") or even changing the icon to look real. Also, Word has a "macro" feature that can easily be used to write a virus.

Watch Where You Click

For example, be wary of those Facebook posts that tell you to click a link to win something or enter a drawing. The same goes for messages and comments. Also, be wary of short URLs like bit.ly. Many legitimate companies use them. However, malware creators and scammers love using them to hide link locations. If you're not sure, run the link through a URL expander to see where it goes.

Avoid Bootlegs

Never, ever, download pirated content. Beside it being illegal, these types of sites are popular places for distributing malware. They're also popular malvertising spots.

Use Common Sense

Antivirus software and ad blockers aren't a replacement for critical thinking. This isn't to say you shouldn't use those things. However, you should always take care when surfing the web above all. Letting your guard down leaves you open to getting infected.

Also remember, if something seems too good to be true, it probably is. Trust your gut, and be on guard if something seems wrong.

Sources

¹https://www.avg.com/en/signal/what-is-adware

²https://en.wikipedia.org/wiki/Botnet

³http://www.peachpit.com/articles/article.aspx?p=1960827&seqNum=5

⁴https://us.norton.com/internetsecurity-malware-5-ways-you-didnt-know-you-could-get-a-virus-malware-or-your-social-account-hacked.html

⁵https://www.computerhope.com/issues/ch001404.htm

⁶https://usa.kaspersky.com/resource-center/threats/computer-viruses-vs-worms