A Malware Bestiary and Primer


Hacking with mXtract, a dark web tool

Hacking with mXtract, a dark web tool

If you own a digital device – a smart phone, a laptop or desktop computer – you need to understand that it is a jungle out there. There are bad guys who want to steal your identity, steal your information and steal your money. There are bad guys who want to steal your computer’s power.

With a little help from the good folks at MalwareBytes, and as a service to readers, WC is providing a bestiary of the threats to your digital devices, collectively called “malware,” a neologism for “malicious software,” in all its bewildering variety. And WC will try to update this bestiary from time to time.

Term Explanation
Adware Unwanted software designed to throw advertisements up on your screen, most often within a web browser, but sometimes within mobile apps as well. Typically, it either disguises itself as legitimate, or piggybacks on another program to trick you into installing it on your PC, tablet, or mobile device.
Cybersecurity Cybersecurity, or computer security, is a catchall term for any strategy for protecting one’s system from malicious attacks aimed at stealing money, personal information, system resources (cryptojacking, botnets), and a whole host of other bad things. The attack might occur on your hardware or software, or through social engineering.
DDoS Distributed Denial of Service, which is a malicious network attack that involves hackers forcing numerous Internet-connected devices to send network communication requests to one specific service or website with the intention of overwhelming it with false traffic or requests.

DDoS can affect you in two ways. If you try to visit a web site suffering a DD0S attack, it cannot respond because it has been overwhelmed. But you can also get hacked and your computer zombified, forced to participate in the attack.

Exploits A means of delivering malware. A type of threat that takes advantage of bugs and vulnerabilities in a computer or its software in order to allow the exploit’s creator to deliver malware. Among other threats, exploits are sometimes linked to malvertising, an attack that uses malicious ads on mostly legitimate websites to deliver exploits. You needn’t even click on the ad to be affected—exploits and their accompanying malware can install themselves on your computer in a drive-by download. All you have to do is visit a good site on the wrong day.
Keylogger Malware that records all the user’s keystrokes on the keyboard, typically storing the gathered information, and sending it to the attacker, who is seeking sensitive information like usernames and passwords, or credit card details.
Malicious cryptomining Sometimes called drive-by mining or cryptojacking, is an increasingly prevalent form of malware or browser-based attack that is delivered through multiple attack methods, including malspam, drive-by downloads, and rogue apps and extensions. It allows someone else to use your computer’s CPU or GPU to mine cryptocurrency like Bitcoin or Monero. So instead of letting you cash in on your computer’s horsepower, the cryptominers send the collected coins into their own account—not yours. So, essentially, a malicious cryptominer is stealing your device’s resources to make money.
Social Engineering A means delivering malware. Social engineering is the description of methods that attackers use to get the victims to breach security protocol or give up private information. There are many tactics that lead to this goal, and they rely on psychological manipulation, such as seducing the victims by playing to their greed, vanity, or their willingness to help someone.
Spear-phishing Spear-phishing is an email or electronic communications scam targeted towards a specific individual, organization or business. Although often intended to steal data for malicious purposes, it can also be used to install malware on a targeted user’s computer.

This is how it works: An email arrives, apparently from a trustworthy source, but instead it leads the unknowing recipient to a bogus website full of malware. These emails often use clever tactics to get victims’ attention. For example, the FBI has warned of spear phishing scams where the emails appeared to be from the National Center for Missing and Exploited Children. It was a spear-fishing attack that led to the hacking of the Democratic Party national offices in 2015.

Ransomware An increasingly common form of malware that locks you out of your device and/or encrypts your files, then forces you to pay a ransom to get them back. Ransomware has been called the cybercriminal’s weapon of choice, because it demands a profitable quick payment in hard-to-trace cryptocurrency. The code for a ransomware attack is easy to obtain through online criminal marketplaces, and defending against it is difficult.
Rootkit A form of malware that provides the attacker with administrator privileges on the infected system and actively hides from the normal computer user. Rootkits also hide from other software on the system—even from the operating system itself. Like ransomware, rootkits are widely available on the dark web. Rootkits are also a malware delivery system.
Spyware Malware that secretly observes the computer user’s activities without permission, then reports it to the software’s author. Spyware includes malware that takes over a computer’s camera and/or microphone.
Trojan Also Trojan horse, is most commonly a delivery method for infections rather than an infection itself. The Trojan represents itself as something useful in order to trick users into opening it. Trojan attacks can carry just about any form of malware, including viruses, spyware, and ransomware.
Virus Malware that attaches to another program and, when triggered, replicates itself by modifying other computer programs and infecting them with its own bits of code. A less common form of malware; the last genuinely new computer virus was seen in 2011 or so.
Worms  A type of malware similar to viruses in that they spread, but they don’t require user interaction in order to trigger.

This is an incomplete list. But it’s already so long that it likely challenges readers’ attention spans.

If you have questions, or suggestions for additional terms that should be explained, drop WC a comment and WC will catch them in the next update.

 

 

 

 

 

 

Advertisements

One thought on “A Malware Bestiary and Primer

Comments are closed.