Malware can affect and wreak havoc on your devices at any given time. It may have iterations and its effects may vary according to its form. Malware can be used to collect and expose sensitive personal information for purposes of identity theft. It can also be used to steal financial data.
With malware attacks becoming more sophisticated as technology continues to advance, they’ve become more than just annoying pop-ups or pages that plague our devices. When cyber threats make their way into a system, they can compromise your device and expose you to a variety of risks.
Now, more than ever, it’s become crucial to keep your devices protected from cyberattacks. This in-depth guide provides you with everything you need to know about malware, including its nature, how it spreads, how to manage it, and how you can stay safe from future cyberattacks.
What is Malware?
Malware, or “malicious software”, is an umbrella term used to describe any software, script, or code that can damage devices, networks, or systems. Contrary to popular belief, malware isn’t a type of virus. A virus is actually one type of malware. The term ‘malware’ covers Trojans, spyware, worms, and ransomware.
When a device or network is infected, malware can take partial control of that platform and interfere with its normal functions. While it’s unable to inflict damage on your physical equipment, malware can steal and compromise your personal, financial, or business data.
While some malware may have relatively ‘milder’ effects, others can create chaos on your systems. Cybercriminals use malware to steal, encrypt, or delete your data, send spam, remotely control your core computer functions, or monitor your computer activity.
How Does It Spread?
Cybercriminals use two main avenues to propagate malware: physical and virtual. One common way to spread malware is through a thumb drive. It can also be spread virtually through so-called drive-by downloads, where you unintentionally download a malicious code or script to your device. This, in turn, can make you vulnerable to cyberattacks.
Another common way through which malware is spread is through phishing. This is something that you may already be familiar with or have encountered before. Phishing involves the use of e-mails or text messages that can seemingly come from a legitimate source. It usually has a link or an attachment, which is used as the method for delivering malware.
Malware has evolved with the times. New strains are designed to outwit both users and security administrators. Some are even capable of deceiving antimalware products by utilising web proxies or through code that continuously evolves to avoid detection.
Other methods for malware spread include:
- Malicious advertising (malvertising)
- Infected apps
- Executable files (.exe files)
A Brief History of Malware
While the term ‘malware’ was first used in 1990, the earliest recorded version of malware appeared 50 years ago and was dubbed ‘Creeper’. Creeper was a self-replicating program that showed the message, “I’m the Creeper. Catch me if you can,” on infected units. It didn’t cause extensive harm to systems and didn’t steal data or alter functions. However, Creeper moved from one computer to another without the user’s permission.
A similar self-replicating program appeared in 1974 and was called ‘Wabbit’. It inflicted considerable damage to an infected system. It multiplied extensively until the system was unable to function optimally, causing it to crash.
Then, 1982 saw the creation of ‘Elk Cloner’, which is considered as the first virus to infect PCs, particularly Macs. It wasn’t until 1986, with the Brain Boot Sector virus, that MS-DOS computers were made vulnerable to malware attacks.
As the decades wore on and computer networks were widely adopted, the spread of malware grew rapidly. In the 1990s, macro viruses spread widely, as more individuals embraced the e-mail. Because of this, many businesses had become affected. This phenomenon indicated that virus propagation was network-driven.
Notable Malware in the ‘80s and ‘90s
The ‘80s and ‘90s saw the growing acceptance and use of e-mail. These decades created an environment that was conducive for the spread of a number of notable malware, including:
- The PC-Write Trojan in 1986
One of the earliest Trojans was disguised as a program called ‘PC-Writer’, which was able to wipe out all the files in the systems it infected.
- The Morris Worm in 1988
Created by Robert Morris, this was the first known malware that was distributed via the internet’s predecessor, which was known as the ARPANET.
- Michelangelo in 1991
A malware that was discovered in 1991, it infected DOS-based systems and was designed to erase a user’s information on March 6, which was the birthday of its namesake, the Italian Renaissance artist Michelangelo.
- CIH in 1998
Also known as ‘Chernobyl’ or ‘Spacefiller’, this virus was first discovered in 1998 in Taiwan. It was a Windows 9x virus that was particularly destructive and prevented Windows 95, 98, or Me computers from booting. It achieved this by corrupting the computer’s flash BIOS. In 1999, it caused extensive damage that amounted to more than $250 million.
- The Melissa virus in 1999
The Melissa virus is considered as the first case of malware distributed via e-mail. This macro virus targeted millions of Outlook users. It was disguised as an e-mail attachment that, when opened, would spam the victim’s computer with pop-up websites. Furthermore, it utilised the victim’s Outlook address book and e-mailed itself to 50 of the victim’s contacts. While it didn’t damage any files, it did significantly slow down e-mail services.
Notable Malware in the 2000s
The 2000s saw an influx of malware attacks, which include:
- The ILOVEYOU Virus in 2000
- Anna Kournikova and Code Redin 2001
- The SQL Slammer in 2003
- My Doom in 2004
- WannaCry in 2017
- Robinn Hood in 2019
Types of Malware
Malware comes in different types, each having its unique attributes. To date, there are 22 types of malware, including common ones, such as viruses, worms, and Trojans, as well as unconventional ones, like RAM scrapers and cryptojacking.
Below, we’ll be discussing the 10 most common types of malware.
Viruses are perhaps the most common type of malware. They’re self-replicating and insert their own code on to a clean code. When an unsuspecting user executes the program with the infected code, the virus spreads quickly and inflicts damage on a system, affecting its core functions, corrupting files, and preventing users from accessing their computers.
The most common methods to distribute viruses is through infected e-mails or attachments, executable files, infected thumb drives, and compromised websites.
Worms, like viruses, are also self-replicating. They’re designed to spread across networks even without a host program or any action from a user. As their name suggests, worms start from one infected unit and make their way through a network. While they don’t infect files or programs, they do carry payloads that can eventually compromise your network security or pave the way for information theft.
Another common type of malware is the Trojan or Trojan horse. The Trojan horse gets its name from the wooden horse used by the Ancient Greeks to enter and destroy the city of Troy during the Trojan War.
Similar to the wooden Trojan horse of the Ancient Greeks, this type of malware is commonly disguised as legitimate or even harmless applications. When an unsuspecting user downloads and executes the infected application, this malware can launch its malicious attack.
Most Trojans act as a backdoor for attackers, giving them access to the victim’s computer. Once a system has been compromised, attackers can obtain the user’s personal data, monitor their activities, or even install other forms of malware.
Trojans differ from viruses and worms, as they don’t attach malicious code to your programs or files.
A profitable malware for cybercriminals, ransomware compromises a system by encrypting the user’s data or shutting a network down, locking you out. Cybercriminals can then demand for a ransom in exchange for users to regain access. The ransom is usually paid in cryptocurrency, making it difficult to trace.
Many cybercriminals have used this type of malware to target high-profile organizations, companies, and even hospitals. It can be spread through various means, including phishing emails, malvertising, and compromised or infected websites.
Scareware makes you think that your device has become infected by malware and it pushes you to purchase a fake application. You might have come across websites that warn you that your computer has been infected by a virus. Unsuspecting victims would then be frightened into purchasing fake applications or security software, which may open up your system to further infection.
As its name suggests, spyware is a program that’s used by cybercriminals to collect and transmit your personal information. It’s installed on an unsuspecting user’s computer, usually without their knowledge, and runs in the background. Spyware allows its users to monitor communications on a targeted device and is commonly used by law enforcement and government agencies.
Adware is short for ‘advertising-supported software’ and is one of the more ‘benign’ types of malware. It’s designed to monitor your browser or download history to display ads (pop-up or banners) that entice you to make a purchase. Many unsuspecting victims fall for adware because they’re often under the pretence of a legitimate advertisement. However, note that some adware can be used means to compromise your cybersecurity.
A rootkit is a program that provides attackers with ‘root’ access to your system by installing or executing a code. It can be difficult to detect, given that it’s designed to stay hidden from users or to overturn certain antivirus programs.
This type of malware is intended to give attackers remote access to your computer or to encrypted files. It can be disguised as a remote-access Trojan that can be used to retrieve, corrupt, or delete sensitive data.
- Fileless malware
Fileless malware don’t require the use of files or a file system. Instead, this type makes use of the existing files on your operating system. Similar to rootkits, fileless malware can be difficult to detect because your OS recognises it as a legitimate file.
Other types of malware you should be aware of include:
- Keyloggers, which track your activity by monitoring and recording your keystrokes on your keyboard or smartphone. Your information will then be stored and sent to an attacker who can use the information to extract personal information or financial data.
- Malvertising, or malicious advertising, uses advertising as a tool to spread malware by injecting malicious advertisements into legitimate websites.
- RAM Scrapers get their name from what they’re designed to do, which is to collect data that’s temporarily stored in your RAM.
- Cryptojacking entails the use of a victim’s computer to mine cryptocurrency.
Signs of Malware Infection
How can you tell if your system’s been infected by malware? Here are some of the common signs that can indicate malware infection:
- Your computer is unusually slow or it’s prone to crashing.
Malware can slow down your operating system, even if you’re only using local applications. It can also cause your system to freeze or crash, often resulting in a blue screen of death for Windows operating systems.
- You’re getting a lot of annoying pop-up ads or windows.
A common symptom of malware infection is getting a barrage of annoying ads. If you notice pop-ups with enticing or urgent messages, don’t click them to minimize the risk of opening up your computer, and yourself to some extent, to cybersecurity risks.
- There’s a strange process running in the background.
Try to open your task manager and check the processes that are running in the background. If you notice that your device is using a lot of processing power despite having little to no programs open, then this could point to malware infection. You may also notice a loss of disk space, which can be attributed to malware that’s hiding in your hard drive.
- You’re constantly redirected to other sites when performing a web search.
When you conduct a web search, you’ll be redirected to dubious webpages, or your browser may show inappropriate ads that suddenly open.
- You’re getting messages from fake programs stating that your PC is infected.
These are usually accompanied by invitations for you to purchase a solution, which usually ends up being a fake application that can open up your system to more malware threats.
- Your browser settings have suddenly changed
You might spot new plugins or toolbars that you yourself didn’t install. You could also suddenly being directed to a different search engine for web searches.
- You lose access to some of your files or have gotten locked out of your PC.
Losing access to your files or to your PC is a symptom of ransomware. Cybercriminals will then require you to pay so you can regain access.
Can Mobile Phones Get Infected with Malware?
Yes, mobile phones can get infected with malware. Keep in mind that your mobile device stores your data and personal information, from passwords to financial details.
Malware and the methods of cybercriminals are evolving. Despite having advanced systems, mobile devices can still be susceptible to adware, Trojans, spyware, and more. Clicking a dodgy link here or opening a dubious email attachment can open up your phone or tablet to malware infection. Sketchy ads may start plaguing your device or you might see some unusual apps you don’t remember installing.
But why are mobile devices becoming more prone to malware attacks? It’s because most users don’t take enough precautions to protect their phones from these threats. When left unchecked, mobile malware can access your private information, including your banking details, contacts, and your e-mail address—all of which can make you a target of identity theft.
While Android phones are more susceptible to these attacks, malware that targets iPhone does exist. It targets jailbreak units as jailbreaking renders the iPhone more vulnerable to malware threats.
Protecting Yourself from Malware
The good news is that there are a number of ways you can protect yourself and your devices from malware attacks. The Australian Government’s Australian Cyber Security Centre (ACSC) recommends that you take the following steps:
- Use strong and unique passwords. If you’re currently employing a common or weak password, now’s a good time to change it to something stronger. Reset all your passwords for all of your accounts, this includes your e-mail, social media accounts, and online banking passwords.
- Regularly backup your files.
- Keep abreast of the latest safety threats by registering for the ACSC Alert Service.
- Observe best practices when browsing the web or using your e-mail.
- Uninstall any programs that you’re not using from your mobile devices.
- If you’re using a thumb drive, perform a scan first before exporting any data or installing any application from the drive.
- Avoid downloading and installing applications from peer-to-peer networks.
Here are some more tips to stay protected against malware attacks:
- Download applications from credible sources and avoid sourcing your downloads from third-party sites. If you need to download a program, do so from the official app store only. It also helps if you do your due diligence and review the program before downloading or installing it. Pay attention to prompts that appear during the download process and avoid giving your permission to install add-ons or bundled applications that may potentially be malicious.
- Avoid clicking links or opening attachments from suspicious or spam emails. Additionally, avoid clicking pop-up windows, messages, or ads. If you’re able to, simply avoid them as clicking these windows may cause even more windows to open up.
- Avoid visiting suspicious websites. Before doing anything on a website, such as entering your email or contact information, double check the website itself. Check its URL and other website features. Many legitimate and secure websites use ‘HTTPS’.
- Disable any browser add-ons you’re unfamiliar with, as these can be used to track your browsing habits or collect sensitive information.
- Utilise your firewall and install an antivirus or antimalware software. Turn on your PC’s firewall and use advanced security programs to beef up your protection against malware threats and other cybersecurity risks.
- Regularly update your operating system and applications. Make sure that all necessary updates and security patches are installed on your device. If you can, turn on automatic software updates. By keeping your OS and applications up-to-date, you’re minimising the risk for any vulnerabilities that come with old or outdated software.
- Don’t forget to regularly check your bank accounts or reports.
- Refrain from connecting to public or unsafe Wi-Fi networks.
- Avoid leaving your mobile devices unattended. If you can, avoid lending your phone to people you don’t trust.
Over the years, businesses have become more prone to ransomware attacks. These attacks have caused millions of dollars for remediation and settlement. These have also crippled many essential services, such as revenue collection in the case of the SamSam ransomware attacks that plagued the City of Atlanta.
On an enterprise level, it’s recommended that you adopt the following precautions:
- Utilise a robust web browser security.
- Implement security measures offline for malware and threat detection to curb their spread.
- Adopt multiple approval and verification levels for B2B and B2C transactions.
Malware is a serious threat that can affect anyone, anywhere in the world. The damage a malware can inflict will largely depend on its type. While some can be considered relatively benign, others can be malicious and steal or exploit your personal data. Some types are even capable of monitoring your activities and controlling your systems.
Fortunately, there are many ways to protect yourself from malware threats and other cyberattacks. By being prudent and observing best practices when using your device or browsing the web, you can minimise the risks of cybersecurity threats.
Be more proactive when it comes to protecting your data and identity. GA Systems delivers a zero-trust strategy for modern enterprises, enabling you and your systems to stay secured. Contact us today and find out how we can protect you, your customers, and your digital assets from cybersecurity threats.