Malware is a form of malicious software that causes harm to a computer’s system. Computer viruses are the most well-known example. Although all malware is commonly called viruses, viruses are only one type of infection that can infect your computer. There are many types of malware. They differ in how they spread, reproduce and how they escape detection. Here’s a list of common malware types and what hackers want to do with them.
Malware
Virus
Although this is what media outlets and people call all types of malware, it is only a small fraction of all malware. A virus is any malware that infects other computers and inserts its code inside. While most viruses are designed to infect Windows, they have recently started appearing on Mac Operating Systems.
Worm
A worm, a self-replicating malicious program, attempts to infect other computers. It duplicates itself and travels over a network. To replicate itself, a worm does not require any other programs. The worm is usually programmed to exploit security vulnerabilities. Once it infects one computer, it will then search for others with the same vulnerability and infect them. This cycle continues until all computers are infected.
Trojan
Trojans are malware programs that trick users into downloading and running them. They pretend to be legitimate programs. Its name derives from the Greek tale of the trojan horse, which led to the fall and destruction of Troy.
Rogue Security Software/Scareware
Although this is a subset, I am putting it in its own category due to how common it is and how numerous variations it has. Rogue security software is malware that attempts to trick you into downloading it. They will often present you with a popup message saying that there are viruses on your computer. Then, they will tell you to download their product. This is a scare tactic. Avoid downloading any antivirus software that you don’t know about.
Malvertising
Malware advertising is when legitimate ads are used to spread malware to users who visit a website. This involves someone injecting malware in a legitimate advertisement block. When someone clicks on the link, they are redirected directly to a fake website where they can either have their information stolen or download malware directly. Some malvertising also uses a drive-by download, which means that your computer will be downloaded to the malware just by visiting the page hosting it.
Fileless Malware
Any malware that does not need to infect any other program to spread is called fileless malware. It is a computer-based artifact that exists only in the computer’s RAM. If you don’t know, a file is saved to the computer’s hard disk when it is downloaded and saved. This malware is stored in the computer’s memory. But, a computer can only use it temporarily. This type of malware does not need to be downloaded or saved to the computer as other types. It is only stored in memory so restarting your computer will get rid of it. Computer memory is volatile and is therefore lost if the computer is powered down for any length of time. This does not mean that this malware leaves a forensic trail. All evidence of its existence is lost when the computer is turned off.
Rootkit
This malware is the most dangerous type of malware. It allows the attacker to steal and access user information while being detected by antivirus software or other security software over long periods. rootkits are difficult to remove or detect because they embed themselves deeper than the application software. This is where security and antivirus systems are located. There are kernel-level rootkits, for example. The kernel is the computer system that runs an operating system. By compromising it, the attacker can take complete control of the computer. Bootkits are rootkits that infect software that runs and launches the computer before you reach your login screen.
File Macros
This malware exploits macros in Microsoft Excel and Microsoft Word. Malware can be attached to these files and then it can run once the user opens them and activates macros.
Polymorphic malware is malware that changes its identifiable features constantly to avoid detection. It could change its code, modify the filenames or alter the size of malware. This is because many anti-malware programs create profiles or signatures for each piece or variant of malware based upon its characteristics and behavior. Anti-malware software will quarantine any program it finds that matches one of these profiles. It allows the malware to bypass detection and infect multiple computers without being blocked by creating a malicious program capable of changing its features. 97% malware employs some form of polymorphic technology.
Types Of Malware
This section will focus on different types of malware. They are all unique in their characteristics. This section explains what malware does once it is installed on your computer. Each of the malware types described in the previous section may have features that are unique to one or more of them.
Adware
This malware is relatively benign. Adware displays advertisements to users that are intended to make a profit for the hacker after it is installed. Technically, a lot of software installed for legitimate purposes is adware. It is a nuisance, but it does not cause any harm to your computer.
Ransomware
This malware is the most lucrative and popular. This malware encrypts all information on infected systems and requires payment from the owner to restore normal files. It is used repeatedly against businesses and generates large amounts of revenue each year.
Spyware
This malware is able to sit on your computer and collect information. The attacker then sends the information back. These include websites visited, location on mobile phones, and turning on your camera to view the person or take photos.
Backdoor
Backdoors are piece of malware that allows hackers to access your computer from anywhere. A backdoor is what hackers do first when they gain access to your computer system. This is so hackers don’t have the burden of hacking back into your computer system every time they need to.
Bots/Botnet
Bot malware is software that lies dormant until a hacker issues a command to it using a Command & Control server. The hacker will then give the bot malware a command using a Command & Control server (C&C). Once that command is received, the bot malware will take control of the computer and perform the task. A bot is a computer that can be controlled by another computer. A botnet is a group of computers controlled together.
Here’s an example of a botnet, and how it can be used.
Cryptojacker
This malware uses your computer’s processor power to mine cryptocurrency for profit. They usually target thousands or hundreds of computers to mine cryptocurrency quickly and make a huge profit.
KeyLogger
This malware records keystrokes and sends them back to the attacker. This information can be used to find usernames, passwords and PINs of people, as well as other login information. However, it can also be used for other personal information. This is less common.
RAM Scraper
RAM is short for remote access memory. It’s a temporary storage area on a computer. A RAM scraper is a program that collects information from RAM and sends it back to the hacker. This is very lucrative for point-of sale (POS) systems such as cash registers because they temporarily store credit card numbers unencrypted. By collecting this information, a hacker can gain access to credit card payment details that can be used or sold to others for profit.
Browser Hijacking
Browser hijacking refers to malware that alters how your web browser works in order to redirect you to a site that the hacker wants or steal your information from the cookie that your browser keeps about your online activities. Your web browser creates a cookie when you surf the internet. This is how websites can remember you’re logged in, save shopping carts, and recommend products based on your search history.
