Malicious + Software = Malware
This is one heck of a topic under ethical hacking. Malware is any piece of software that was built with the intention to do some damage to the device on which it is running on.
There are a lot of variants. Every Malware is built with a dedicated objective. That depends on the hacker who designs in. That said, the main objective of every Malware is one of the these:
- Provide remote control to an attacker to use remote machine
- Send spams from the infected machine to the unsuspecting targets
- Steal sensitive information
Let’s take a look at the different categories/types of Malware that are present on the web.
Types Of Malware
It copies itself and spreads to other devices connected to the network.
Have you heard of Samy?
Samy (also known as JS. Spacehero) is a cross-site scriptingÃ‚Â wormÃ‚Â (XSSÃ‚Â worm) that was designed to propagate across the social networking site MySpace by Samy Kamkar. Within just 20 hours of its October 4, 2005 release, over one million users had run the payload making Samy the fastest-spreadingÃ‚Â virusÃ‚Â of all time.
So you see this is how quickly they spread over the network.
Try to stay away from such excitements Ã°Å¸ËœÂ
It pretends to be harmless legitimate software, or comes embedded with it, in order to trick you that opens doors for other Malwares.
Trojan horse – the names comes from the great strategy used by the Greeks to enter the city of Troy. They constructed this huge wooden horse and hid their selected soldiers inside of it along with Odysseus. Then they pretended as if they have gone away and left everything behind along with this horse. The Trojans pulled the horse inside their city as a victory trophy.
That night the war was ended. At night they crept out of the horse and opened the gates for the rest of the Greek army. They infiltrated in and destroyed Trojan. Greeks won that war and Trojans were destroyed.
That is how this Malware gets into your computer. It pretends to be something else or comes embedded with some software. And as soon as you install the software, the trojan installs itself and opens the gates for other Malwares by lowering down the overall system security.
Be very cautious when you download random software from the internet and installs it. It might open gate for other Malware(s).
Exploits the existing security vulnerability of your device to provide the remote access to the hacker.
These are targeted Malware created by the hackers with a sole purpose of attacking the victims device. This Malware is a small piece of software that allows the hacker to access your device remotely without you knowing about it.
These type of attacks are usually done on people with special information with not so good motives.
It is a self-replicating malware designed to infect program and files and damage the device. It might destroy valuable data, irreplaceable damages or otherwise be a random file and take up all your memory. This is a pain in the ass.
AS the name suggests, spyware is designed to spy on your activities. It can spy on your passwords, credit-card information, your communication or behavioural patterns and send it back to the hacker that can exploit it.
This is one of the most famous Malware which was used way back but recently came to the light again. This Malware locks you out of your own files and system and demands a ransom money for the decryption key. The key which might or might not work (in most cases it doesn’t work).
This ones the best. I also thought of designing something when cryptocurrency was on the high but it was quite tricky to build something like this so I dropped the idea. This might be combined with other Malware to infect your computer and take the necessary permissions from the user. Once the permissions have been granted, or phished, this Malware makes use of your device’s computing power to aid hacker’s objective. For ex – mining cryptocurrency on the net.
Since it will be pushing your device resources to the limit, it might result in overheating and cause physical damage. If you are not a tech savvy person then identifying this Malware will be a tricky task.
What devices can be targeted with Malware?
There is no limit.
Anything that you call “SMART” these days can be infected with Malware. The list will include everything that you interact within your day to day life. Such as laptop, mobile, smart door locks, smart TV’s, smart refrigerators, smart toasters, smart lights, thermostats, toys and the list goes on and on.
I think you got the idea.
Infecting Your Device
Yes… you are the reason that can infect the device with a Malware by being irresponsible.
The are so many ways that a Malware can find a home in your device, but all those ways goes via you.
Let me tell you some of the most common ways to stay protected from such Malware by just being a little more responsible.
Update your operating system, browsers and plugins regularly
The “A new upgrade has been downloaded” notification that you see on your device from time to time is important (unless you are using a pirated software Ã°Å¸Ëœâ€°). Do not ignore such update notifications. The updates are usually made to fix something that has been newly identified.
By updating your device OS regularly, you can be sure that your system does not have any known vulnerability as of date.
Remember – Every patch is important.
I’m a Software Engineer and I can vouch for that. In fact, that’s the reason there is a feature of an automatic update as well. If you are too lazy to update your computer by yourself, leave it to auto-update.
Well, I personally wouldn’t recommend auto-update but still it is better than not updating it at all.
Regularly Scan Your System With Anti-virus Software
Another key thing in keeping your system safe.
No matter whether your device is functioning well or not. Always keep your anti-virus software running. And schedule weekly scans if possible. Choose the appropriate time (usually after 3:00 AM) that’s when I’ll be asleep. And let your anti-virus do some work for you.
Regular scans are a great way to keep your system clean. And whenever a Malware is identified make sure to completely delete it from your device instead of choosing to quarantine. Quarantine only keeps the Malware locked behind the bars, make sure you kill it.
Do Not Run Program From An Un-Trusted Source
I think this point is very trivial. If you are not certain about the authenticity of the source then don’t click on that install button.
This is one of the main sources of the spread of Malware. People are lazy and they just want things to work asap.
As a consequence, they download random software from the website without checking the authenticity of the it. That’s where the mistake happens.
Nowadays, operating systems are smart enough to check the authenticity of the program that you run. Often times they give you a warning before running any new program. And Mac has taken it to another level. They have disabled the feature by default. Even though it’s your computer, you cannot install a software before manually enabling that feature. You will have to go to preference, settings and blah blah… find the flag that says “Allow untrusted software to run” — enable the feature — and then only you will be able to install such software.
I would say find something else instead of doing so much work just to install a software that is a potential Malware (until it isn’t).
Avoid Clicking On The Phishing Email
There was a famous incident that took mail with Outlook back in the days. Back in the days, outlook use to offer people to provide a way to execute
.exe directly by from the mail. This was a big loophole in the security which was exploited by the hackers so badly that they had to quit the entire software for a few days. Then they released a new version of the outlook mail where they disabled that feature.
It’s an amazing story and make you realise that how vulnerable are we? We are just a blink away from some smart hacker who might find a vulnerability in our most used software and exploit it. Not trying to scare you but to tell you how connected we are in this modern world.
Never Download And Run The Package Installer, Always Select The Software That You Want And Download Just That
These kinds of things usually happen when we become lazy. We see a button saying package installer and we just click and run the installer. In the installer section, you blindly click on the NEXT button multiple times till it installs everything on your device.
That is a clear no-no.
Always be more active when downloading or installing any new software on your device. That is the only time where a hacker can make a contact with your device if you are not careful. So always pay attention.
Malware Does More Than You Think
The main target of the hacker is not the personal computers of the users but the corporate devices. This is where they can make the most damage. Imagine that you are working for a multination company or a bank. And hacker managed to get a malware on your device.
Now whenever you are connected to your company network this hacker is also connected with you. He can access secret internal files without you even know about it.
This could become a national level threat if it damages a property. It can also jeopardise your career. So, always pay extra caution while downloading or installing anything to your system. Always use some kind of package manager that is trusted and even after make sure the package you are about to download is legitimate and other people have given good review on it.
Stay away from the excitement of infecting your computer with the Malware.
Just be very cautious and remember to:
- Update your operating system, browsers and plugins regularly
- Regularly scan your system with authentic anti-virus software
- Do not run a program from an un-trusted source
- Avoid clicking on the phishing email
- Never download and run package installer, always download individual software that you want
- Malware does more than you think
In case your android device is infected by the virus then following article might be helpful. These malware(s) could be related to popping advertisement on your android or your device heating because some malware is consuming all the resources.
Well, I hope you will be safe and a bit more cautious from today onwards.
And if you have anything to add just shoot a comment below.