We repeatedly speak about the different techniques that attackers use to infect machines with malware. We also provide precautions that users can take to protect themselves from malware and phishing threats. In this post we will highlight the different strains of malware that are seen in the wild and what dangers they pose.
Though most of these malware types are created and carried in a similar manner, there are subtle differences in their purpose and attack vector that help us differentiate them.
The major malware strains to be aware of:
As the name suggests, a trojan is a malware disguised as a legitimate piece of software. This guise convinces a user to install the seemingly useful program and this is where the danger stems from. Once installed, a trojan causes havoc in a system since it has been granted access willingly. This includes several malicious activities which could also include remote access gained by a hacker.
A backdoor is similar to a trojan in the manner that it enters the system. But once inside, a backdoor opens a direct attack vector for further instructions from an attacker or for other viruses and worms. This is achieved through the establishment of a network connection between the infected machine and the attacker.
Spyware and Adware
These are types of software that literally ‘spy’ on a victim and then use the information for nefarious purposes. This spying extends to viewing monitor screenshots, studying keylogging habits, spying through the webcam and eavesdropping through the microphone. Some strains of spyware are used to study browsing habits and serve relevant ads and they fall into the adware category.
This is a strain of spyware that stores the keyboard strokes of a victim. Keyloggers are commonly used to steal passwords and other personal details typed by a victim. To counter this, financial institutions have started providing a virtual keyboard to input data.
A rootkit is a very stealthy kind of malware that embeds itself in the core processes or the ‘root’ of a machine. This enables an attacker to gain privileged access to the low-level processes of a machine. This access can then be used to disrupt the system or to gain data which can be used for malicious purposes. A rootkit is extremely dangerous because it can disable the best virus protection software that is meant to detect and fight it.
A URL injector intercepts the web browser when a victim attempts to visit a website and then directs the victim to another malicious website instead. Hence, a new URL is injected into the infected machine. This technique is legally used by many companies for advertising purposes but it can also be abused by an attacker for malicious needs.
A worm is a strain of malware that replicates itself over a network and then spreads to other machines through several channels. The worm sends a copy of itself, or of a virus, to all the machines in the same network. This implies that if one machine in a network is infected, every machine can be infected subsequently.
Apart from a standard computer virus, these are the different strains of malware that enter a system through various sources. There are many innovative social engineering techniques that attackers actively use to achieve this and users need to be aware and cautious at all times.
These malware strains afflict victims in unique ways that lead to a loss of data and money. Today, these strains are increasingly being used for cyberwar and cyberespionage purposes as well. So it is crucial to know the basic differences between such threats. Quick Heal has several products that combat such threats with the help of innovative features and you can view these products here.