Types of Malware
Malware, the abbreviated word for ‘malicious software’ is the name for any code that can be used to steal data, cause damage, circumvent access, or compromise systems.
How does it work?
Once installed on the device, the malware gains access to the data stored on the device and can perform actions on behalf of users by stealing the users access permissions.
What is the objective?
he main objectives are for the attacker to obtain financial data, collect confidential information, attain healthcare records, access personal emails, etc.
Table of Contents
Learn the most common types, how they act and how to identify them
Spyware – Malware designed to monitor a user’s activities, acting as a spy and transmitting this information to third parties. It usually has activity trackers, touch screen collection, data capture and modifies security settings so as not to be noticed. It is often associated with legitimate software or Trojan horses.
It can be used legitimately or maliciously, depending on how it is installed, what actions are taken, what types of information are monitored and how the collected information is used.
- Legitimate purpose:when installed on a personal device, by the owner himself or with his consent, in order to check if other people are using it in an abusive or unauthorized way.
- Malicious purpose:when performing actions that may compromise the user’s privacy and computer security, such as monitoring and capturing information related to the user’s navigation or inputin other programs (ex: usernames and passwords).
Keylogger: Type of Spyware that captures and stores the keys typed by the user on the computer keyboard. Its activation, in many cases, is conditioned to a previous action by the user, such as access to a specific e-commerce or Internet Banking website.
Screenlogger: Type of Spyware that stores the cursor position and the screen shown on the monitor, when the mouse is clicked, or the region where it is positioned. It is used by attackers to capture keys typed by users on virtual keyboards, mainly available on Internet Banking sites.
Adware: Malware designed specifically to advertise. It can be used for legitimate purposes when incorporated into programs and services, like in the form of sponsorships. For malicious purposes, adware presents advertisements based on the user’s navigation and without the user knowing that this monitoring is being done. Adware is commonly accompanied by Spyware.
Backdoor: Software that allows an attacker to return to a compromised device, through the action of other malicious codes, that have previously affected the machine; or through a breach left by attackers who previously invaded the machine, taking advantage of vulnerabilities in the installed software. This tactic is used to guarantee future access to the compromised computer, allowing it to be accessed remotely, without having to resort to the methods used in the invasion or infection and, most importantly, without being noticed.
Trojan Horse: A Trojan Horse is malware that can be hidden in image files, audio files, games, animated virtual cards, and screen savers. A Trojan horse performs malicious operations without the user’s knowledge, exploiting their privileges to perform system operations.
Another way installation happens is when an attacker, after invading a device, changes an existing program so that it functions normally while executing malicious actions in the background. The user is often unaware of any malicious activity taking place.
There are several types of Trojan Horses, which vary depending on the actions they take when infecting a device:
- Downloader Trojan: installs malicious code obtained from Internet sites.
- Dropper Trojan: installs malicious code embedded in the malware code itself.
- Backdoor Trojan: adds backdoors to devices, allowing the attacker remote access to the hacked device.
- DoS Trojan: installs denial of service tools and uses them to launch attacks.
- Destructive Trojan: changes or deletes files and directories, formats the hard drive, and can leave the device out of operation.
- Clicker Trojan: redirects the user’s navigation to specific sites, with the objective of increasing the advertisements and site visits.
- Proxy Trojan: installs a proxy server, allowing the computer to be used by the attacker for anonymous browsing and spam.
- Spy Trojan: installs spyware programs that collect sensitive information, such as passwords and credit card numbers. This information is then sent to the cybercriminal.
- Banker Trojan: collects bank user data by installing spyware, which is activated when the user accesses Internet banking sites.
Bot: this malware has communication mechanisms with the attacker that allow it to be controlled remotely, acting according to the attacker’s commands. In addition, it has the ability to automatically perform the action for which it was intended, exploiting vulnerabilities in programs installed on the device.
The communication between the attacker and the device infected by the bot can occur via IRC channels, Web servers, and P2P-type networks.
A computer infected with a bot is often called a zombie computer, precisely because it can be controlled remotely, without the knowledge of its owner.
When the bot turns the device into an email server and uses it to send spam, it’s called zombie spam.
When thousands of zombie computers form a network, it is called a botnet.
Protecting the user and their access is the first step to preventing malware attacks.
The majority of crimes via the internet come from users who have inadequate privileges that access sites containing malware. Outdated software and system hacks where leaked or stolen credentials are used also poses a serious threat to online security.
VaultOne provides state of the art security using Privileged Access Management (PAM) that protects your credentials in an encrypted Password Vault. This encrypted vault prevents malicious code spying and keeps your information, systems, and devices safe and secure.
Talk to our experts today and find out how VaultOne can help you.