Malware: 2021 guide to most common types of cyber threats

What is malware? Judging by the definition, «malicious software» is any kind of working code made by someone, created specifically to cause damage to a device, steal data, or gain access to your finances. The type of damage can greatly vary: from stealing to encryption (with later ransom demands), from hijacking of social media accounts to transferring all your money into some criminal’s pocket. Back in the 90s and early 2000s, these malicious programs were called “viruses”, but now, as it is not technically correct, a more neutral term is used.

There are a lot of malware
There are a lot of malware

There is a lot of malware. Almost 600,000 new pieces are detected every day, and over 1 billion are currently active. Mobile phones are most vulnerable: according to Kaspersky Security Network, in the first quarter of 2021 they detected almost 1,5 million of mobile malware installation packages, most of them adware, the second runner up is the mobile banking trojans category (the ones that steal your money).

There are two main types of malware attacks. An automatic attack is when the malware is self-replicating according to the pre-programmed script: after infecting a PC or smartphone it uses them as a jumping-off ground for further dissemination. Manually coordinated attacks on specific targets when hackers are going for a specific company, factory, or even city administration, using phishing tricks to deliver the malware into the system.

If the malware is sophisticated enough, which is quite common now, it will allow hackers to communicate with an infected computer system via remote access and steal sensitive or classified information from the hard drive.

The main ways of malware delivering are: phishing (luring emails or messages that contain the malicious link), system vulnerabilities, infected websites (where every time the page loads, the infected code will attempt to sneak on to your device), infected torrents and other scenarios involving social engineering.

Today, the most common types of malware are computer viruses, ransomware, worms, trojan horses and spyware. There are also hybrids or polyfunctional malware which can combine several types of threat in one. There are also weird and hardly-detectable types like polymorphic malware, which changes its code, or fileless malware that only exists in a system’s RAM. We will tell you details about the 11 most common types to keep you informed about the very possible threats of today’s web.

Adware Type: Adware
What it does: serves unwanted advertisements
Delivered: with the torrents, with the unsafe apps, via email
Notable examples: Fireball, DeskAd
Backdoor Type: Backdoor/Rootkit
What it does: secures remote access to a computer for a hacker
Delivered: as a part of the trojan, or via phishing ar a separate program
Notable examples: FinSpy, Zacinlo
Bots Type: Bots
What it does: infects IoT devices and gadgets, use them later as cannon fodder for DDoS attacks
Delivered: automatically via exploits
Notable examples: Echobot, Mirai family
Computer worm Type: Computer worm
What it does: spreads through a network by replicating itself, damaging the host files
Delivered: self-spreading via security failures
Notable examples: Stuxnet, Mydoom
Fileless Malware Type: Fileless Malware
What it does: makes changes to system files
Delivered: Mainly phishing
Notable examples: Astaroth, SamSam, Meterpreter
Infostealer Type: Infostealer
What it does: stealing data with a possible further ransom demand
Delivered: as a part of other viruses, phishing, or via unsafe apps
Notable examples: TrickBot
Keylogger Type: Keylogger
What it does: monitors and writes down users’ keystrokes
Delivered: Business Email Compromise, phishing
Notable examples: Olympic Vision
Miner Type: Miner
What it does: use the host’s device to mine cryptocurrency for its master
Delivered: via unsafe apps, torrents, phishing
Notable examples: CoinMiner, MrbMiner
Ransomware Type: Ransomware
What it does: encrypt and/or steal data, demands a ransom in cryptocurrency (by the way, you should never pay it)
Delivered: numerous, from exploit kits, scan-and-exploit techniques, and RDP servers to the using of backdoored software installers and classical phishing
Notable examples: REvil aka GandCrab aka Sodinokibi
Spyware Type: Spyware
What it does: give its master full control of what the host does
Delivered: via phishing and unsafe apps
Notable examples: DarkHotel, Internet Optimizer, CoolWebSearch
Trojan Type: Trojan
What it does: disguises itself as a “good” code, then gain full control over the device
Delivered: via unsafe apps, torrents, phishing
Notable examples: IcedID, Pegasus, Cerberus, Emotet, Dridex

What to do to avoid meeting with these guys:

  1. Always use anti-malware security software.
  2. Don’t download files or apps from weird places. Even with popular stores (like Google Play), think twice before installing something and, in the case of mobile apps, always check what privileges they are demanding.
  3. Don’t click that link. And that pop-up too. And that file attached to this suspicious e-mail.
  4. Do the backups of all important information.
  5. Use the password manager and/or strong passwords. Always change the default credentials everywhere.
  6. Constantly update everything that needs to be updated to avoid being the victim of some exploit.
  7. Be aware of the current cyber threats to be ready for the encounter.

Malware is one of the most dangerous threats to mankind these days, when all critical infrastructure is dependent on computers. It is billions of dollars worth of economic damage each year, by causing system failure, wasting resources and corrupting important data.

And it makes life significantly harder for common internet users. However, if conforming these simple rules listed above, your chance of encountering the virus will be relatively low. So do this and be safe!

Author: Nicolas Cuts

Product Managers at SwitcherryVPN. Have 5 years background in management and marketing. I never stop learning!

Leave a Reply

Your email address will not be published. Required fields are marked *