The 11 Most Common Types of Malware and What They DoUpdated: February 28, 2019
When browsing the internet, there are high risks of becoming the target of a malware attack, in most cases, without even realizing it before it's too late.
The topic of malware shouldn't be taken lightly.
While some types of malware are less dangerous and easy to remove, some can seriously damage your computer or can even be used for someone to steal your private information (including your bank account information).
Knowing what types of malware are out there will help you understand how they spread, how to prevent malware attacks, and how to remove malware in case you become a victim.
Malware (also known as malicious software) is a term used to define any malicious program or code that aims to harm systems.
The goal of a malware attack is to intrude, destroy, or damage a computer, computer system, smartphone, or another type of device.
There are different types of malware, a couple of examples being viruses, worms, bots, Trojans, ransomware, adware, spyware. Some are extremely dangerous while some are not so hazardous on their own yet they can create vulnerabilities in the system that are followed up by an infection with other types of malware.
Social engineering has been around even before computers and the internet. And social engineering, although is not an exact type of malware but more of a psychological technique, is a dangerous type of attack.
Social engineering refers to someone using his/her own charisma to trick people into giving him/her private information. The goal of a hacker using the social engineering technique can be either to get access to a computer system or to get hold of one's private data.
A common example of a social engineering attack is someone convincing you that your computer is infected with malware and she/he can point out the infected files. After convincing you that your computer needs a solution, the hacker will direct you to a website from where you have to download a software. Once the software is on your computer, you're a victim of malware attack.
The most common type of social engineering is known as phishing. With this technique, a hacker will send you an email impersonating someone you trust such as a friend, your bank, or other familiar entity. The goal is to trick you into giving him/her personal information such as usernames and passwords or credit card details.
For example, you might receive an email that seems to be coming from your bank, asking you to click on a link and use your username and password to authenticate to your account. It can also ask for more credit card information. The website you'll access will look genuine, but in reality, it is just a counterfeit and all the data you give will reach the hacker who sent you the email.
How to avoid social engineering attacks
- Don't react when someone you don't know is telling you that you need a solution out of nowhere.
- Don't reply with private data to emails, even if they show as coming from your bank. Reliable companies don't ask for private information via email.
- If something sounds to perfect to be true, it most likely is.
Viruses are a common type of malware designed to destroy the data on a computer. Viruses attach themselves to executable files or pieces of software and insert their own code.
What makes viruses so dangerous is that once they are in a computer system, they will start reproducing, trying to infect as many files as possible. This means they are particularly hard to get rid of.
Viruses are often transmitted via social engineering techniques or through exploiting security vulnerabilities.
There are two categories of viruses:
Hardware - These computer viruses destroy hardware components such as the hard drive or even the RAM.
Software - These are computer viruses that destroy files and programs, including operating systems. They alter the programs' code and reproduce themselves until they either cause the computer to crash or delete all the data on the computer.
System or boot infectors - These types of viruses infect the boot sector meaning they reside in the operating system. Nowadays, especially on operating systems like Windows 10, system boot infections are rare.
File infectors - These are viruses that infect the .com and .exe files. Often, they hide in the memory and are always active, meaning that when a program is launched, it will get infected. They can also infect script files such as .JS, .BAT, .VB, and .SCR.
Macro viruses - These viruses are found in the Microsoft Office Suite files such as Word, Excel, PP, and Access files.
How to avoid getting your computer infected with viruses
A good antivirus software will go a long way. If there are any viruses on your computer the antivirus software will detect and remove them. It will also prevent infestation if you're downloading an infected file from the internet or run an infected USB drive. The key is to keep your antivirus software updated as hacker are continuously creating new viruses.
Worms are one of the common types of malware that, similar to viruses, spread themselves through a computer. But, unlike viruses, they don't live in the infected files but are standalone pieces of software. Another difference is that worms don't need any user action to infect a computer and start replicating themselves, whereas viruses need an initial action (i.e. running a program, opening a file) to come to life.
Worms usually affect the computer system by consuming the bandwidth and overloading web servers. Their main way of spreading is by emails. If a computer gets infected with worms, they will send mass emails to all the user's contacts containing malicious attachments.
Trojan horses, also referred to as simply Trojans, hide themselves behind other programs. The program will try to look as it's useful when, in reality, it will infect your computer system the moment it is launched.
Trojans are one of the most dangerous types of malware because, usually, Trojans open a backdoor which allows attackers to access your computer remotely and control it without your knowledge. Once the cybercriminal gets access to your device, s/he can steal your private information such as usernames and passwords or credit card data.
Trojans are often used to install keyloggers on the victims' computers to capture their private data, or, they are used in ransomware attacks by hiding malicious code in files that seem harmless.
Unlike viruses and worms, Trojans do not reproduce themselves and they can not be automatically transmitted from one system to another.
How to avoid Trojan Horses attacks
Don't run suspicious programs - For Trojans to run on your computer they need your permission. You give them permission by launching an infected program or opening a malicious file. Stay aware of the files you download over the internet and don't open files from suspicious sources.
Keep your software up to data - Outdated software, including the operating system and the browsers, expose security holes that hackers can exploit.
Use an antivirus software - The antivirus software automatically scans all the files you download or run and will detect if there's any Trojan hidden in them.
Bots are software programs that automatically run specific tasks over the internet. Bots are usually used for harmless actions, such as web spidering (web crawlers). Still, bots can also be used for malicious automated attacks.
One of the most common bots attacks is the Denial-of-service attack (DoS). This type of cyber-attack implies flooding one's computer with requests until the system is overloaded. Botnets can also run a DDoS attack (distributed), meaning the requests will come from various sources, making it impossible to stop the attack by blocking a single source.
Another common way that bots are used maliciously is for click-fraud. This type of fraud is exploited in PPC (pay-per-click) online advertising by website owners that are trying to increase their revenue through dishonest methods.
A bug refers to an error, flaw or failure in a computer system or program that causes an unexpected behavior and even freezing or crashing. Bugs result from an error made by a human in the source code of a program. Not only bugs interfere with a program's functionality, but they also represent a vulnerability that hackers can exploit for malicious attacks.
The most dangerous types of bugs are security bugs because they can enable cybercriminals to bypass security layers and gain unauthorized access to a computer system.
There were cases when software bugs have caused disasters. For example, in the 1980s, the bugs in the code of the Therac-25 radiation therapy caused the patients death.
One of the most famous bugs is known as the Y2K bug. Computers thought that the year was 1900 instead of 2000 which created some panic that a worldwide economic collapse will happen.
Fileless malware is not an exact type of malware but it refers to the way the malware spreads and acts on a computer system. Fileless malware resides in a computer memory (RAM). It does not affect the hard drive (the files on the system), meaning it is highly resistant to common antimalware detection and removal.
Because this type of malware is located in-memory, the system can be cleaned out only by rebooting the system.
A rootkit is a collection of malicious software allowing cybercriminals remote access to one's computer without being detected. Once the rootkit is installed, it will run in the background and the attacker can modify system configuration, steal private information, or modify the software.
The rootkit installation can be automated or the attacker can install it after gaining administrator access. The attacker can gain such access either through direct attacks (exploiting vulnerabilities) or by stealing account information through social engineering techniques.
The rootkits are hard to detect because they hide themselves, making them a dangerous type of computer malware. Usually, for rootkits to be detected a close analysis of the system is necessary to spot any unusual behavior. The removal is also complicated and, often, it requires a system reboot.
Ransomware is a common technique hackers use to limit or prevent a user's access to his/her computer. This can be a highly harmful malicious software as the hackers will lock the screen or inhibit the access to personal files then they will require monetary compensation. They can also threaten the victim that they will delete the files or make them public.
What's worst about this type of malicious attack is you have no guarantee that the cybercriminal will return the access to the data once the ransom is paid.
Simpler types of ransomware will lock the system, an action that can be reversed by users that are a bit tech savvy. But there are also more advanced types of ransomware that will encrypt the data on the computer, making it inaccessible. Often, the attacker will watch the victim for a few hours before encrypting the data so he will know exactly what files to target and how much the victim can afford to pay.
In most cases, ransomware programs are Trojans and they are spread through social engineering.
How to avoid ransomware attacks
As with all types of malware, ransomware can be prevented by being careful of what programs you download and execute. Once you run a ransomware program, it will be highly difficult to decrypt the data. A best practice here is to always backup your most important files.
Keyloggers are malicious software that record all the information typed on a keyboard. Although they may seem harmless because these types of malware are not affecting any files, they are a serious threat.
By recording the keystrokes on your computer, attackers can find out your usernames and passwords, PIN codes, and credit card data. Further, they can use this information to steal money from your account.
Keyloggers are usually installed by using the phishing technique to convince the victim to download a file that contains a Trojan virus. Common ways to receive such files are emails, chats, social networks, and P2P networks.
One important aspect to mention is that keyloggers can't record what's typed by using a virtual keyboard.
Grayware refers to potentially unwanted programs. At first sight, it's not as malicious as other types of malware threats, but it is highly annoying and can turn out to be harmful.
Grayware infections can spam you with pop-up ads, making your device slower, or can even track your online activity. And even if they don't directly affect your system and files, they cause security issues and vulnerabilities, creating a great opportunity for other forms of malware to get into your computer.
There are two common types of grayware: adware/malware and spyware.
This type of grayware is designed to make money from spamming you with advertising. It's called Adware when it's on a computer and Madware when it's on a mobile device.
Adware/madware will show you ads, often in the form of pop-ups, and usually, you are not able to close them. They are becoming more and more popular on mobile devices. Not only they are annoying, but they can cause your device to crash.
As the name suggests, spyware is a software designed to spy on your online behavior. The goal is to collect information about your internet activities to further send you adware.
Grayware software is the easiest to remove from a computer because it is not designed to cause as much harm as other types of malware.
Install an antivirus/antimalware software
You should never use the internet without installing an antivirus software. Always keep it updated as new types of malware are born every day.
Remember to scan your computer
Once you install an antivirus program, don't forget to scan your computer regularly. Once a week is a good rule of thumbs.
Update your operating system
It doesn't matter what operating system you use, you should always keep it up to date. With every update, OS developers issue security patches and fix security leaks.
Don't click just on anything
Avoid clicking on the links or downloading attachments in emails from people you don't know. Also, be careful when you download files from websites. If you're not sure the website is thrust worthy, scan the file you're about to download before you run it.
Backup your data
You should always backup your files, especially those important ones. Ideally, you should back up important data on an offline storage such as an external hard drive.
Make sure the network is secure
A poor WiFi connection is a high vulnerability for attacks. Properly securing the WiFi network is a key step in malware protection. Make sure your connection requires authentication and the password is strong, and use WPA or WPA2 encryption.
If you travel a lot or work remotely from coffee shops or hotels, you should know that public WiFis are one of the hackers' favorite spots for targeting victims for cyber attacks. Public WiFi networks are poorly secured and attackers can easily get access to your device and infect it with different types of malware.
To keep yourself safe when connecting from public places, using a VPN service is one of the best practices.