The malwares continue being the evil

The malwares, in the internet world, still remain the main attack technique used by hackers and to prove it, we can check in the Hackmageddon’s Cyber Attacks Statistics report [8]. In the first moment we need to clarify what exactly malware is and then give some important recognizable signs to use in the event situation case. It is very common the people use the related terms, but not considering the technical background behind, and it is completely comprehensible once that malware is a term to describe some threats we have in this complex, huge and vulnerable internet world. In accord with McAfee [1]: “Short for “malicious software,” malware is computed code that is designed to harm or exploit any programmable device, server, or network.”. Regarding this, we should understand this code is a program that might reach your devices and behave in a different ways, depending on the kind. Following the general explanation and symptoms for each threats we have nowadays, in accord with different well known sources:

Virus

Malicious code attached to executable file (Windows: EXE; Apple iOS: IPA; and Linux: there is no pattern, we should check the file permission); The most of them need to be started by the user when it executes the file. The virus is transmitted since you have access to the infected file and use it. It doesn’t matter if you got the file from an e-mail, executable file from internet, neither from a pen-drive. Once it was executed, if don’t have an up-dated anti-virus, probably you will be infected. The contamination affect other programs, including operational systems, and others devices that are in the same network. As a virus, it might have mutations and it makes the virus not detectable by non up-dated anti-virus software [2]. It might delete, or encrypt files, modify apps, or even disable system functions [1].

Worms

Malicious code that spreads copies of itself from a computer to another one, so being in a network environment is required. They don’t need a host program as the viruses do, neither any human interaction. All of them have one way to propagate themselves trough the network.

It might lead to a slower network or/and computer speed additionally we need to check if there is any deleted, or replaced files on a computer [3].

Trojan horse or Trojan

Malicious code that looks legitimate (as a software for instance), but can take control of your computer. They cannot replicate themselves as the viruses do, but they need a start from human side (the famous click). We have many different kinds that we can check on Norton’s website [3]. They often download other malware as well [4]. The Trojans can access your personal information typed on your infected device, delete files and make your computer slower [4].

Logic bombs

“Malicious code inserted into a software system that will set off a malicious functions when specified conditions are met” [5], usually date, or time. As the Trojans, it needs to be executed to be in a latency, or stand by mode. Logic bombs might corrupt your data, damage your device’s hardware, or at least takeover it. If you are lucky person, maybe just wipe your hard drive.

Ransomware

Malicious code that propagates itself like a Trojan. It might reach different levels (just a file, or the entire hard disk), depending on the kind. But this malware is a cryptographer program that it will gives you the access back to the encrypted file(s), or to the system, when you pay, in time, the amount requested by the hacker. Here we don’t need to give further details about how to recognize, because you will be noticed clearly for sure.

Backdoors

Malicious code that ignores the system authentication to have access to a specific comunication door. It let the door accessible even when you correct the vulnerability later on, in some cases it opens new doors to the hacker and can affect other systems [6]. Usually it is installed by a Trojan and “ the malicious users can exploit backdoors easily, without leaving any special traces in the system.” [6]. You can recognize if your device has this kind of malware comparing the hardware performance or the performance in the internet, once your device is working for two persons.

Rootkits

Malicious code that uses the software vulnerability to obtain permissions on the system and modify the operating system to create backdoors. They can change the computer forensic system and the monitoring system tools. Regarding this, “they might be the most dangerous” [7] among the malwares we have described here. Different types can be checked in Norton website [7].

Usually format the computer is the recommendation to eliminate it. The symptoms are the same as those reported in the previous threat.

After all these details, for sure it is clear that you might have problems if you get, at least, one of them. So it is strongly recommended you have antivirus and antimalware updated in your devices and don't explore e-mails, files or suspicios messages that might reach you.

References

[1] https://www.mcafee.com/enterprise/en-us/security-awareness/ransomware/what-is-malware.html

[2] https://learningnetwork.cisco.com/s/ccna

[3] https://us.norton.com/internetsecurity-malware-what-is-a-trojan.html

[4] https://www.avast.com/c-trojan

[5] https://en.wikipedia.org/wiki/Logic_bomb

[6] https://owasp.org/www-pdf-archive/OWASP_10_Most_Common_Backdoors.pdf

[7] https://us.norton.com/internetsecurity-malware-what-is-a-rootkit-and-how-to-stop-them.html

[8] https://www.hackmageddon.com/2021/02/10/january-2021-cyber-attacks-statistics/