Malicious software or malware is used to refer to any harmful software.
Malware can perform a number of functions — stealing credentials, encrypting or deleting data, monitoring user activity without permission, illegally using the system’s processing power.
Malware can be classified based on a number of factors such as delivery methods, unique characteristics, objective, and vulnerabilities it exploits to name a few. In this article, we’ll take a look at the common types of malware.
This is a malicious program that can spread from one system to another through infected files. It attaches itself to legitimate files and has the capability to modify or destroy data.
It displays advertisements based on browser history and downloads. It is used for marketing purposes and may potentially collect data without your knowledge. AndroidOS_Hidenad.HRXH is an adware that was in the news for disguising as various legitimate applications on Google Play.
Trojans pretend to be legitimate applications to gain access to a user’s system. Once they gain access, malicious code is executed. Recently, the infamous TrickBot trojan launched a massive phishing attack against various states in the U.S.
This malware also spreads from computer to computer like a virus, but it does not need a program to attach itself to. It can modify and delete files, introduce malicious code in the system, or overload a shared network by creating copies of itself. Stuxnet is a notorious computer worm that was used in an attack targeted at Iran’s nuclear facilities.
Bots and Botnets
Bots are malicious programs that are used to take control of a computer. They can self-propagate, and connect to a central server that gives them the commands. They have the capability to compromise a network of connected devices, and this is called a botnet.
Bots have the capability to record keystrokes, steal passwords, and launch DDoS attacks among others. Gucci is the example of a newly discovered botnet which is said to be targeting IoT devices in Europe.
The most common characteristic of a ransomware is to encrypt data and demand a hefty ransom for the decryption key. Some variants of ransomware may lock users out of systems or threaten to publish sensitive information in the system if ransom is not paid. The ransom is demanded in the form of bitcoins in most cases so the identity of the attackers is not revealed.
The Ryuk ransomware has been in the news quite often for disrupting the operations of various firms and government agencies.
With the intention of wiping data and/or the systems it infects, the motives of a wiper malware may be to send a message, induce fear, or erase all traces of its activity. Usually, there is no chance of recovering data after a successful wiper attack, making this form of malware a fatal threat to organizations.
The Destover wiper hit Sony Pictures Entertainment a few years back, causing complete havoc. Thousands of files including confidential data, unreleased movies, and employee records among others were rendered unusable.
Rootkit is a malicious software that provides attackers with unauthorized administrator access to a computer. With this access, hackers can execute files and change system configurations. Examples of rootkit include Vanquish, Stoned Bootkit, and Rkit.
Pieces of malicious programs that record every keystroke on the system are called keyloggers. Hackers can deduce credentials and sensitive data using this malware. Earlier this year, the Hawkeye keylogger was distributed through a phishing campaign.