Malware
From TSG Library of Knowledge
Malware, short for malicious software, is the term used to refer to any type of software that purposely damages one's computer without the user's knowledge. There are many types of malware, with viruses and spyware being the most common. Many types are listed below.
Contents |
Malware Types
Virus
The most common type of malware, viruses are essentially programs (often hidden) that can do almost anything. They can damage files, be turned into a zombie, spam other people, and download more malware among many other things. Viruses have many techniques to stay hidden and to stay in systems, for example they sometimes attach themselves to Windows files that are necessary to run the computer. This makes removal very difficult.
Spyware
As the name suggests, spyware watches what you do. Spyware can quickly accumulate once you are initially infected and typically records private information, redirects the web browser (possibly to a fake phishing site to steal your ID), and displays pop ups.
Adware
Adware displays additional advertisements in web pages and opens pop ups while online. While adware is usually not harmful, it can be very annoying and hurt a system's performance.
Worm
A Worm is a virus that duplicates itself in the active memory. They are usually invisible to the user, and may only be noticed when they slow the computer down. Worms do not alter files but generally overrun the system, causing crashes and slowing operations. Also, they can travel through the network infecting all available computers. Worms can add themselves to your contacts list and be carried to the next victim when the email is sent.
Keylogger
Keyloggers are used to capture keystrokes. Some companies use legitimate keyloggers to keep track of what their employees are doing. But malicious keyloggers are used to collect passwords, credit card numbers, etc, Keyloggers are also considered spyware.
Rogue Applications
While spyware protection has become popular, black-hat hackers have created fake antispyware programs that can simply waste your money or in worse conditions infect your system. Many of these programs are advertised in pop ups or in ads that mock antispyware/antivirus applications scanning your system. While it is much better to use a common antispyware application (see Antispyware), if a feature in an application interests you and it does not use any of the above advertising tactics, you can use it after ensuring it does not appear on these lists,
- MalwareBytes' List of Rogue Antispyware Programs
- Spyware Warrior's List Of Rogue/Suspect Antispyware Programs
Dialers
The malware Dialer is a program to use a premium-rate telephone line as the Internet connection, the writer of which creams off the additional money from the high cost calls. They can be caught through other malware, such as being the malicious payload of a Trojan horse, being carried by a worm, or sometimes just tricking the user into installing the program with the promise of special content. With the rise of broadband and resulting fall in Dial-up internet the Dialer has declined as there are no longer phone lines involved.
Further reading
Infection Techniques
Trojan Horse
Trogan horses, as the name implies, appear to be good or wanted programs, thus they trick you in to installing them. Trogans may just be annoying, while others can cause serious damage by destroying system information or files on your computer. They also can open a back door to your computer that will allow remote access to it's creator. Once done, confidential or personal files may be viewed resulting in identity theft and more. Trogans cannot self-replicate or infect files like a virus.
Rootkit
Rootkits rely mainly on stealth, to hide from detection by the operating system, it installs itself in the ¨root¨ of the drive. Once in place it can have administrative powers over the system. By doing that, rootkits can help hide other infections on the machine, open a back door for a malicious user, send spam, or install a keylogger. They are virtually undetectable by ordinary means.
techguy.org/w1359
