A comparison of different malware types and how to protect yourself.

We get this a lot:

“I was using my computer and everything was fine. I went to the store and came back and now my computer is locked and a box is telling me unless I pay the FBI $400 I will never get to use my computer again”

 

Obviously the FBI has not taken over the computer. What this is, is a great example of malware. So what exactly is malware and how do you get it?

Malware is software that is intended to damage or disable computers and computer systems. Malware stands for “malicious software”. This is software that is designed to gain access or damage a computer without the knowledge of the owner. There are many different types of malware.

Some of the different types are: spyware, keyloggers, viruses, and worms. Several of these we will discuss later in the article.

Malware is used to: create profit through forced advertising (adware), steal sensitive information (spyware), spread email spam (zombie computer), or to extort money (ransomware).

What is a virus?

A computer virus attaches itself to a program or file enabling it to spread from one computer to another, leaving infections as it travels. Viruses do not replicate themselves like worms do (which we will also discuss) and can range from mild to crippling.

Almost all viruses are attached to an executable file which means the virus may exist on your computer but it actually cannot infect your computer unless you run or open the malicious program. Viruses can ONLY spread via human action such as running an infected program, sharing an infected file or email. They can also come from clicking suspicious links in e-mails or websites.

computer[1]

What is a worm?

A worm is similar to a virus by design and is considered to be a sub-class of a virus. Worms spread from computer to computer, but unlike a virus, it has the ability to travel without any human action.

A worm takes advantage of file or information transport features on your system, which is what allows it to travel unaided.

The biggest danger with a worm is the it can replicate itself on your system which means instead of sending out one infected e-mail, potentially thousands of copies could be sent out creating a huge devastating effect. How would it do this? One example would be for a worm to send a copy of itself to everyone in your contact list via e-mail, and then the worm replicates and sends itself out to everyone in each of those person’s contact books and it keeps going.

Due to the copying nature of a worm and its capability to travel across networks the end result in most cases is that the worm consumes too much system memory or network bandwidth causing web servers, network servers, and individual computers to stop responding.

Computer_Worm[1]

What is a Trojan horse?

A Trojan Horse is full of as much trickery as the mythological Trojan Horse it was named after. The Trojan Horse, at first glance will appear to be useful software but will actually do damage once installed or run on your computer.  Those on the receiving end of a Trojan Horse are usually tricked into opening them because they appear to be receiving legitimate software or files from a legitimate source.  When a Trojan is activated on your computer, the results can vary. Some Trojans are designed to be more annoying than malicious (like changing your desktop, adding silly active desktop icons) or they can cause serious damage by deleting files and destroying information on your system. Trojans are also known to create a backdoor on your computer that gives malicious users access to your system, possibly allowing confidential or personal information to be compromised. Unlike viruses and worms, Trojans do not reproduce by infecting other files nor do they self-replicate.

trojanhorse[1]

What are blended threats?

Added into the mix, we also have what is called a blended threat. A blended threat is a more sophisticated attack that bundles some of the worst aspects of viruses, worms, Trojan horses and malicious code into one single threat. Blended threats can use server and Internet vulnerabilities to initiate, then transmit and also spread an attack. Characteristics of blended threats are that they cause harm to the infected system or network, they propagates using multiple methods, the attack can come from multiple points, and blended threats also exploit vulnerabilities.

To be considered a blended thread, the attack would normally serve to transport multiple attacks in one payload. For example it wouldn’t just launch a DoS attack — it would also, for example, install a backdoor and maybe even damage a local system in one shot. Additionally, blended threats are designed to use multiple modes of transport. So, while a worm may travel and spread through e-mail, a single blended threat could use multiple routes including e-mail, IRC and file-sharing sharing networks.

Lastly, rather than a specific attack on predetermined .exe files, a blended thread could do multiple malicious acts, like modify your exe files, HTML files and registry keys at the same time — basically it can cause damage within several areas of your network at one time.

Blended threats are considered to be the worst risk to security since the inception of viruses, as most blended threats also require no human intervention to propagate.

 

Now that you’re paranoid. How can you protect yourself?

    1. Always keep your operating system updated. Never ignore those update notifications. Updates are important because they patch security holes.
    2. Use a firewall. Hardware firewalls and software firewalls should be in place. If you only want to use one, typically the software firewall is the best choice.
    3. Don’t open e-mails from suspicious names and never click on a link if you don’t trust it.
    4. Run anti-virus programs once a month.
    5. Always have a data backup solution in place such as MozyPro.
    6. Use common sense. It sounds simple but you would be surprised.

AVG provides some of the best internet security for individuals and businesses.

Recommended programs:

    1. AVG AntiVirus Business Edition 2013 (or just AntiVirus 2013 for personal computers).
    2. AVG Internet Security Business Edition 2013 (or just Internet Security 2013 for personal computers).
    3. Premium Security 2013.

 

We are resellers of AVG and can get these programs in place for you. We can also provide you with more information on any of the products and services they provide if you would like to know what each program does and how it can be beneficial for you and your business.

 

©2011 MyITPeople Ventures, LLC.

 

Posted in Uncategorized.