Tuesday, November 1, 2016

Identifying Malware Types Part 1

                              Post - Identifying Malware Types Part 1

 

Ever wonder or think that your computer is performing worse than usual? You think it's a virus/malware but don't know what it is or what it's doing?  Then before we get onto protecting your computer from the danger of malicious programs we must first identify the different types there are. By knowing the differences, should you ever receive such a program or already have one, you will have an easier time rooting out the source of your problems while making cleanup and fixing easier. This would allow you to hopefully be more alert/perceptive about symptoms your computer might be showing and cause you to be more wary when downloading. Each one will be broken down into What is it? What danger does it pose?

         Adware


  • Over the years I have experienced 2 different tactics used by adware; more times than I'd like. Adware is typically the most common form of malware as it is unfortunately not against the law to install/program since they see it as you being the one at fault. One of the kinds of ways adware does its job is by having your computer display pop-up ads on websites and even when you aren't connected to the internet since the ads come with the adware already. Another is to change the default settings of your browser to open in an alternate site, and display even more ads when browsing.

  • Adware generally doesn't pose much of a threat thankfully aside from possibly slowing cpu (slowing performance). The adware itself is just there to generate ad revenue for the programmers by advertising for products and applications. But what may end up being dangerous are the products being advertised; in many cases they may even be a gateway to much more malware.

Image result for adware

  • So, experiencing an influx of ads and popups while online and especially offline (should be a dead giveaway then) or a change in your default browser home page would mean that adware is most likely present on your computer; a quick scan with an anti-malware application should fix the problem with ease.





                  Bots
Image result for computer bots

  • Fortunately I can say that I have yet to experience the terrors of the much more harmful malware types below Adware; bots are one of them. Scary and very dangerous to your computer, these complicated robots are contracted in the standard way; through downloads, sites, emails etc.

  • Bots have number of abilities and commands outside of an infected computer such as performing ddos attacks (denial of service) which ultimately renders a website or Ip useless. (Ever have those times where kids threaten to ddos you over an online game? Because I sure have). As expected by the name, these robots are controlled by the creator who is able to command them to perform specific actions with extreme stealth.
http://www.tubecityonline.com/almanac/images/0710_zombie_illo.jpg
  • Once a computer is infected with bot(s) which are fully operational then the computer is called a "Zombie computer" since it literally gets infected and spreads it to others.

  • A BotNet would essentially be a network of multiple zombie computers controlled by the creator's computer ready for deployment.

  • Signs such as notifications of you sending spam to your contacts would be an indicator of bot infection



      Ransomware
Image result for ransomware
  • Why steal a computer when you could kidnap one? This is ransomware, an extremely annoying form of malware that, yes, kidnaps your computer. Ransomware basically modify files and applications so that only the modifier and a recipient can use it again with a specific encryption key/password.

  • They will typically request money or tasks from you when they have taken control, however there is no guarantee that doing as you are told will result in the return of your computer
Image result for ransomware


  • There are 2 different forms of ransomware you might unfortunate to stumble upon, lockscreen and encryption ransomware. A lock screen will basically lock your screen onto a singular picture with details of the ransom, preventing you from even accessing/getting on the computer. An encryption will lock files and programs with a key that they will request a ransom for as well. Encryption ransomware is the kind most used today.

  • Noticing that you have ransomware should be relatively easy as they do not go the stealthy route and you will almost always be guaranteed to be alerted on this

  • Contracting ransomware would be the same as your standard typical malware, emails, sites etc

No comments:

Post a Comment