Different Types of Malware and The Purposes They are Used For

A computer should always be running in top condition. Over time, memory (hard drive) usage may impact a computers speed. Otherwise a well taken care of computer should stay in good shape. However, a computer infected with any type of malware can impact the performance of a computer, in some cases making it unusable. The underlying goal of malware and why it’s created is for stealing information and mostly profit (stealing money).

This section describes different types of malware, why malware exists, and where it comes from so you can understand it and have a better idea on how to keep your computer safe. All malware can generally spread the same way. Infected websites, spam email, infected programs the user downloads, and a weak or no firewall. Smartphones can be infected with malware although it is less common.

Malware

Any type of software that is harmful to your computer. Obtained by downloading files/programs that seem harmless, opening or following through with spam email instructions, or visiting bad websites. Every definition in the list below is malware. A virus, worm, and trojan are all different types of malware even though a virus is often used to describe other types of malware which is technically incorrect.

Virus

A computer virus is attached to a .exe file and is only ran while the infected file/program is running. A virus can run in the background remaining undetected if the user does not know how to check processes. A virus requires a user to run an infected .exe file to spread and infect other programs and computers while a worm can spread by itself. The payload of a virus can range from displaying messages on your screen to deleting critical files as well as infecting the computer with other malware. A virus can be obtained by visiting websites infected with malware. Android uses .apk files for apps so technically viruses do not exist on android but other types of malware do.

Worm

Unlike a computer virus, worms can spread by themselves without running a .exe file. A worm can infect your email contacts and send copies of itself to other networks and computers. A strong firewall is important to prevent worms along with other security measures.

Trojan

Usually hidden inside of a download, email, or an infected website (drive by download) that seems harmless. A trojan can create a back door. Allowing the trojan to gain remote access to the computer. Unlike a virus or worm, a trojan does not copy itself or spread. A trojan can drastically slow down a computer due to processor and network usage. A trojan can also be used to infect a computer with other types of malware such as a keylogger, or turn the computer into a bot for DDOS attacks.

Ransomware

Ransomware is malware that encrypts (locks) files on a computer (or sometimes the entire hard drive) and will only decrypt them or not publish them if the user pays the demanded amount of money. Some ransomware can be reversed if it’s not that advanced and most likely created by a script kitty which is a term for a amateur cyber criminal. Otherwise, serious ransomware will encrypt the files making it highly difficult to reverse. This is why it is always important to back up important information such as pictures, files, videos, and whatever else that has high value. The use of ransomware has grown between the years of 2012 and 2014. Ransomware is usually a trojan disguised as a safe file.

Botnet

A bot is a computer that has been compromised by a hacker or malware and is used to send out email spam or a ddos attack and is usually controlled remotely. When multiple computers are compromised and used for malicious purposes, it is then called a botnet. People may be unaware that they have a compromised computer.

Keylogger

A malicious program that is used to record what the user types. It is often used to crack passwords and other information such as bank or credit card information.

Spyware

Malware used to monitor web browsing habits such as what websites the user visits and what they search for. Spyware can collect information without you knowing and then sell it to other company’s. Spyware does not spread like a virus. It is installed by exploiting security holes and can also be hidden inside of programs and files.

Adware

Adware is malware that places unwanted ads and pop ups on your computer while your on or offline. Adware can track a users internet activity and record information without the user knowing. The data that is collected is usually sold to third party’s. If you are infected with adware then you might notice unfamiliar toolbars in your browser. You may also be redirected to ad pages when using your browser. Alot of free software contains adware so be cautious when downloading programs.

Rootkit

A rootkit is a malware program that can modify the operating systems and programs. It is designed to hide software. It can be hard to detect and sometimes very complicated or nearly impossible to remove.

Bootkit

A bootkit is similar to a rootkit. Bootkits are also hard to detect and remove. A security exploit in Windows allows the bootkit to infect and hide itself in the master boot record or the volume boot record. Anti virus may not detect a bootkit because the bootkit is not located in the regular files where the anti virus scans.

Different Web Browsers

A web browser is a program that is used to access the internet. A web browser is always pre installed on any PC operating system or mobile operating system. It is the program that you use to listen to music, watch videos, and read email. A Mac(PC) and iOS (I phone) both come with their own pre installed Safari browser. Linux and Windows also come with a pre installed browser. Linux usually comes with Ice Weasel which is a variant of Firefox. Windows comes with a pre installed browser called Internet Explorer. The newer Windows browser is called Microsoft Edge which has new security improvements. Android comes with a basic pre installed browser. The Safari browser is unique to Apple and can only be installed on Apple devices, unlike Google Chrome and Firefox which can be downloaded on other devices. Each web browser has it’s own functionality but the settings on popular well known browsers are relatively the same. Some other unpopular web browsers don’t have the best security and therefore shouldn’t be used. This is a list of the most popular and most used web browsers.

Internet Explorer

This is the web browser that is pre installed on Windows operating systems. It was first introduced when Windows 95 came out. Internet Explorer dominated the market for so long until other browsers like Chrome and Firefox started gaining ground. It isn’t the most secure browser compared to others which makes people not want to use it.

Microsoft Edge

This is the new browser introduced in 2015 when Windows 10 came out. The browser has significant security improvements over Internet Explorer.

Mozilla Firefox

Created in 2002 under the project name Phoenix by the Mozilla community. It was released in 2004. Mozilla Firefox was the first browser challenge Internet Explorer’s dominance. Available for MAC OS, Windows, and Linux. Firefox for iOS was released in late 2015. All of these platforms use the Ghecko layout to render web pages except iOS due to Apple’s restrictions limiting other web browsers like Chrome to the web-kit based engine built into iOS.

Google Chrome

Developed by Google. Google Chrome was first released in 2008 for Windows and was later made available for Linux and MAC.

Opera Browser

Developed by Opera software. Available for MAC, Linux, and Windows. Out of the web browsers listed it is the least popular browser. It had a reputation for being a slow browser with to many features for a while until recently. The new version has significant security improvements over the earlier versions. It is now considered a decent web browser but It is still at the bottom of the popularity list.

How to Protect Yourself Online and Stay Safe From Malware

Knowing how to be safe online is very important. When you go online with your computer you are part of a world wide network called the internet. A very large amount of information is on the internet. Unfortunately unwanted online ads and websites can track your web activity such as what you search for without you knowing. Your email can be the target of unwanted spam, and you can download a program with a hidden virus or Trojan. Anyone who isn’t familiar with internet security can be a much easier target of this.

There are multiple possible security vulnerabilities when using a computer. Virus protection, firewalls, browser settings, and strong passwords are all examples that play a major role in internet security and all must be properly configured and updated to ensure a secure computer.

Virus protection

Virus protection is an important part of internet security. The paid for versions have more features and offer slightly better protection, however, free versions such as avg can also be very effective. They can detect viruses, Trojans, adware, spyware, and keyloggers. Good virus protection will rarely fail, however, a new virus, Trojan, or some other form of malware has to be reported, inspected, then updated to the virus protection database, therefore sometimes leaving a period of vulnerability. This is uncommon with good virus protection but it’s still possible. Aside from that possible flaw, virus protection is still a very important online security measure that should be used with every computer.

The Mac and Linux operating systems are both known to be very secure by default without virus protection. This should not be overlooked because a lot of people claim that Linux or Mac can’t be infected by malware. This is not completely true. Even though it is a little harder to infect a Linux or Mac based computer it is still possible. One of the reasons why they are more secure is because criminals and malicious software makers create malware mainly for Windows operating systems. This is because most people use Windows making it an easier target compared to Linux or Mac based computers.

Firewall

A firewall is a internet security device that filters computer information (packets) entering and leaving the network. A secure firewall can prevent malware such as computer worms from infecting a network. It is always recommended to have a firewall in place. A network without a firewall is very dangerous and can infect the computers on the same network easier.

The user of the firewall can adjust the firewall settings to their liking making it more for less secure. You can control who can connect to the internet, what kind of content can be accessed and what kind of connections can be made. You can only allow certain websites to be accessed and only allow certain websites to access your computer, allow devices on the network to use certain protocols, block or disable ports, also edit keywords to block offensive data from flowing in.

A firewall is often installed inside of the router making it a non separate device. A firewall also comes preinstalled with a operating system. Using a firewall with Windows is a must but a smartphone generally doesn’t need a firewall. Android uses .apk files which can’t run in the background without the users permission like .exe files on Windows can.

Even though smartphones don’t get infected with malware that often, anti-virus can still be used just for precaution. A firewall is a very important part of internet security and should not be overlooked.

Virtual private network

Used for privacy and online security. A VPN completely encrypts web traffic and hides the users real ip address, spoofing the users geographical location. Changing the location can allow users to access online content not normally available in their country.

ISPs (internet service providers) can throttle you for using to much bandwidth. For example if you use a video streaming service often the ISP may reduce your bandwidth which may slow down your connection speed and streaming quality. With a VPN the ISP can not throttle you because they see a stream of encrypted data not knowing what service you’re using. Internet activity can not be spied on by ISPs using a VPN.

A VPN is very useful for unprotected WiFi networks such as inside of a cafe of restaurants since the connection is open allowing anybody to spy on the network. VPNs can be free or they can cost a small monthly fee. They are available for desktops, laptops, and smartphones.

Proxy server

A proxy server and a VPN work in a similar way. The difference is a proxy does not encrypt web traffic. When you request information from a website, a proxy server will access the site for you and then send the information back to you from the proxy server. When this happens your IP address and other information is hidden but the content you are viewing is not encrypted.

Browser settings and cookies

An important part of internet security is the browser settings. Which makes sense since the browser is what you use to access the web. Web browsers have simple settings like how to set a home page. They also have more advanced privacy and security settings. All of these settings can be found in any web browser by going to settings or advanced settings. There is usually an option to block users from dangerous websites, pop ups, sending a do not track request when a user visits a site, and deleting browser history.

Let’s talk about cookies. Cookies is a computer term. When a user visits a website, the website will issue a file (cookie) or more to that user. When the user returns to that website, the server will then send the file back to the user which retrieves information such as login information, web activity, and history to remember user preference and to display ads suited to the users interest.

Ecommerce websites and others will issue cookies to users so that when they log into their account the website can identify the device they are using. If somebody logged into their bank account with another browser or device it will ask to verify the account through a sms text or email. It will send you a code that you have to enter on the website to verify that it is you.

Cookies are not classified as malicious but they can be used for malicious purposes. If you don’t have browser security settings in place, tracking cookies from malicious third parties can track your activity and act as spyware. Selling your information and sending ads, spam, and malware to your email. Fortunately you can block third party cookies, block cookies completely, or delete all cookies when the user closes the browser.

Understand that some websites require you to have cookies enabled. Blocking third party cookies is ok and reduces the risk of privacy invasion. Cookies store your login information so if you delete your cookies you will be logged out of all current websites that you’re logged into having to reenter your log in information so be careful. Most sites will have a privacy policy explaining what computer information they collect and what type of cookies that they use. Also make sure that your browser is up to date.

As long as you don’t accept third party cookies or go to possibly malicious websites, cookies are relatively safe and are essential for web browsing.

Strong password

A password is used to log into an account such as your YouTube or Facebook account. Having a strong password is very important part of keeping your important information secure. A weak password can be easier to obtain. A password such as *ocean* can be relatively easy to crack. A password such as *Ju83]@)+17!80l^+<* can be a lot harder and take a lot longer to obtain with a good chance of never having success. Dictionary/brute force attacks are programs that generate possible character combinations. This makes obtaining a password such as *ocean* or *forest* relatively easy to obtain.

When creating a password you should use a combination of numbers, letters, and symbols. This makes the possible number of combinations a lot higher as apposed to using just numbers or just letters. You should use a total of at least 10 to 15 characters in your password but as long as it’s a strong password this number can vary. Never use any personal information or words from the dictionary. Also make sure you never use the same password on any of your sites. It is a good idea to write down passwords and put them in a place where you can remember them.

Benefits of Two step verification and how to use it

Two step verification is a process where after you enter your password a code is sent to your email address or mobile number as a text or a prompt. You then ether accept the prompt or enter the code on the site you are trying to log into. Two step verification is used to verify that you are the one accessing your account and not somebody else who has stolen your password. It is probably best to have the code sent to your number since your phone cannot be accessed by anybody else unlike an email address. A lot of accounts also offer two step verification using an authentication app which uses an application to generate security codes which are refreshed every thirty seconds or so. Two step verification is available for most applications and websites. You can enable it through security and privacy settings. You should always have two step verification enabled on any application or website that you use. It’s better to secure your account then regret it later down the road.

Having both a strong password and two step verification enabled will ensure that your account is highly secured. Even though these two important factors will keep your account safe it is always best practice to never click on spam/phishing email, download untrusted software on the internet, or have a computer with software that’s out of date or has lack of internet security such as no anti-virus. Information stealing malware is somewhat rare on a smartphone but is possible so it doesn’t hurt to use anti-virus on a smartphone.

With all the criminal activity on the internet, having an account secured such as Pay Pall or a bank account is one of the most important parts of staying safe.

Supported operating system

Older versions of operating systems such as Windows XP are not supported. Not supported means that they no longer receive security updates which can make them targets for malware infection. Windows XP stopped receiving updates as of 2014. It’s possible to use this OS but recommended not to. If you have Windows XP or any other OS that is no longer supported and you can’t upgrade right away make sure you are careful online and have all security measures in place.

Malicious websites

Websites can issue malicious cookies used for tracking and spam, as well as infect computers with malware that visit the site. Sometimes the website creator purposely puts malware on the site and other times websites are hacked by other criminals and then infected with malware due to outdated code and low security. If you own any websites it is important to keep them up to date. Also have virus protection, firewalls, browser settings, and other settings in place.

Phishing and email spam

A phishing email is a fake email, text, or pop up that is sent to a user claiming that it is from a legitimate company. It will have a message claiming that your account has been hacked or needs to be updated such as Netflix, PayPal, Twitter, or YouTube. It will most times have a URL link back to the website where it falsely asks you to enter your information such as your username and password, bank info, or other information.

Malicious emails also contain links that may redirect you to websites containing malware. If there’s any malware present when you visit the site it can likely infect your computer. A lot of companies will send you an authentic email or notification if they detect that another device has logged into your account so it’s important to determine the differences between real and fake emails. Good email providers will have a spam folder to filter out the unwanted ads and other spam but sometimes a message can get through. The email will contain images and logos to make the email look real.

A lot of phishing emails will also have spelling errors in the email and URL. The from section in a fake phishing email can be changed and altered so it’s easy for somebody to think it’s from a legit sender. There are other signs to look out for. If you highlight the URL (The link that the email wants you to click on) with your mouse cursor, the bottom left of the browser will display the real URL. Often times it will be the wrong address, having spelling errors, or other errors to alter the URL.

Everything explained will help you remain a lot safer online. Remember to use good judgment, keep everything updated, have good virus protection, use a VPN if you prefer, and have all other security measures in place.