Malware Types

Malware is an “umbrella term” that describes any software or a piece of code designed to infiltrate a computer system and possibly damage it without the user’s knowledge or consent.

How do I get malware?

The topmost two common ways that malware accesses your system are —the Internet and email. So basically, anytime you’re connected online you are vulnerable.

Malware can penetrate your computer when you surf through hacked websites, click on game demos, download infected music files, install new toolbars from an unfamiliar provider, set up software from a dicey source, open a malicious email attachment, or pretty much everything else you download from the web onto a device that lacks a quality anti-malware security application.

Malicious apps can hide in seemingly legitimate applications, especially when they are downloaded from websites or messages instead of a secure app store. Here it’s important to look at the warning messages when installing applications, especially if they seek permission to access your email or other personal information. 

Common Malware Types

1. Viruses
2. Worms 
3. Trojan horses 
4. Ransomware 
5. Spyware 
6. Rootkits 
7. Spam

Viruses

Viruses are malicious code that runs on a machine without the user’s knowledge and infects the computer when executed. A Virus requires user action in order to reproduce and spread. Different types of Viruses are:

• Boot Sector
      Viruses stored in the first sector of a hard drive and are loaded into memory upon bootup.
• Macro
      Virus embedded into a document and is executed when the document is  opened by the user.
• Program
      Viruses infect an executable or application.
• Multipartite
      Virus that combines the boot and program viruses to first attach itself to the boot sector and system files before attacking other files on the computer.
• Encrypted 
• Polymorphic
      Advanced version of an encrypted virus that changes itself every time it is executed by altering the decryption module to avoid detection.
• Metamorphic
      A virus is able to rewrite itself entirely before it attempts to infect a file (advanced version of a polymorphic virus).
• Stealth 
• Armored
      Viruses that have a layer of protection to confuse a program or person analyzing it.
• Hoax

Worms

Worms are malicious software, like a virus, but is able to replicate itself without user interaction. Worms self-replicate and spread without a user’s consent or action. Worms can cause disruption to normal network traffic and computing activities.

• Example 2009: 9-15 million computers infected with “conficker”

Trojan horses

Trojan Horse is a malicious software that is disguised as a piece of harmless or desirable software.
Trojans perform both desired functions and malicious functions. Another form of Trojan Horse is:   

• Remote Access Trojan (RAT)
  Provides the attacker with remote control of a victim computer and is the most commonly used type of Trojan

Ransomware

A malware that restricts access to a victim’s computer system until ransom money is paid.

Ransomware uses a vulnerability in your software to gain access and then encrypt your files.

• Example: SamSam Ransomware cost the City of Atlanta $17 million to save data.

Spyware

Spyware is a type of malware that secretly gathers information about the user without their consent. It captures keystrokes made by the victim and takes screenshots that are sent to the attacker. Other types of spyware are:

• Adware displays advertisements based upon its spying on you.
• Grayware is a software that isn’t safe nor malicious but tends to behave improperly without serious consequences.

Rootkits 

Rootkit is software designed to gain administrative-level control over a system without detection. Types of Rootkits malware are:

• DLL (Dynamic Link Libraries) injection is commonly used by rootkits to maintain their persistent control. Also, it is inserted into a running process on a Windows machine by taking advantage of Dynamic Link Libraries that are loaded at runtime.
• Driver Manipulation is an attack that relies on compromising the kernel-mode device drivers that operate at a privileged or system-level. 

• Rootkits are activated before booting the operating system and are difficult to detect

Spam

It is an activity that abuses electronic messaging systems, most commonly through email. Spammers often exploit a company’s open mail relays to send their messages

• Example CAN-SPAM Act of 2003