Back to Top

Articles, guides and everything else


A quick guide to malware threats


malware threats

Malware, the abbreviation for "malicious software", consists of a great variety of hostile applications which are often used to gather sensitive information, and sometimes even damage individual computers or entire networks. According to The Independent IT security Institute in Germany, the number of malware applications has exceeded 120 million in 2017.

Attackers utilize a great variety of techniques to infect the targeted computers with malware. Often, a dedicated server is set up for nefarious purposes, to give you an example. Hackers can then use it to create phishing sites, which will send fraudulent emails that claim to come from reputable companies (banks, etc.) and ask the unsuspecting recipients to verify their accounts/information. This way, the attackers can get access to online banking data, and then use that information to steal money.

Hackers are also interested in getting access to PCs, because they can then use them to purchase online goods, which can then be resold quickly, for real money. By getting full access to a personal computer, cyber criminals can also steal various license keys for the operating system and the installed applications, credit card information, and more.

While older generations of malware were relatively easy to detect, because they utilized a centralized infrastructure and were distributed through open channels, modern malware uses stealthy techniques and polymorphism, which make it hard to detect.

 

In addition to this, most malware utilizes distributed infrastructures these days, which means that even when it's discovered, it is quite hard to shut it down for good. Actually, some malware components are now able to install themselves with admin user privileges, thus hiding their existence and preventing the installed antiviruses from detecting them. More than this, some rootkits are able to resist an OS reinstallation as well, because they will often store their code inside the computer's firmware memory.

Malicious software creators are often skilled programmers which utilize advanced anti-detection techniques. Code packing and steganography are just two methods that help them obfuscate code and conceal it inside regular computer files that wouldn't draw any attention under normal circumstances.

Often, people get infected by accessing fishy websites, by clicking links that are included in spammy email messages, by using infected memory sticks, by opening unknown email attachments, by utilizing pirated applications, and so on.

Human error is by far the main source of infection, though. It is surprising, but people continue to do all sorts of silly things online, such as clicking pop-ups which tells them that they just won $1 million for being the millionth website visitor.

Modern malware detection is often complicated. Most virus researchers utilize code analysis to try and reverse engineer the code of the virus. This works well if the code isn't obfuscated, but it is a time-consuming operation. Computer memory analysis is another effective threat research method; it is known that malware needs to be loaded in the memory to run, so a memory dump will reveal its presence and methods.

For home users, good protection against malware starts with the installation of a decent antivirus. Sorry, but free antivirus solutions will not work. So, be prepared to invest $10 per month (or so) if you want to keep your computer in good shape. Don't forget to patch the operating system and the installed applications regularly. If you have a home network, enforce strict policies that will prevent unauthorized people from opening email attachments, for example.

Malware get smarter by the day, so you need to act now. Begin by making it a habit to read at least one or two computer security blogs each week. Then, implement what you have learned in this article. By using a good antivirus and your know-how, you should be able to prevent most threats.