Malware refers to the short form of the phrase “malicious software”. Malwares can be classified based on the way they spread, the way they get executed and their impact. The classification overlaps leading to many hybrids - so it is not easy to sort them as one from the other. There are many forms of malware.
Computer Virus is the first most popularly known form of malware. Viruses are called such because of their similarity to the biological namesake. Both can not survive on their own. They need a medium to survive and spread. A computer virus survives within another program on the infected system. It requires the program to run for it to spread. So, to put simply, if you don’t run the target program on which the computer virus is depended on, the virus can never cause any harm. An easy example to understand this is the notorious Word Macro virus. There are countless variety of this kind and all of them depend on your computer having Microsoft Word. Without the Word program, these viruses are useless – they are never activated. However, you can spread the virus by sending the affected file to another user.
Computer Virus is the first most popularly known form of malware. Viruses are called such because of their similarity to the biological namesake. Both can not survive on their own. They need a medium to survive and spread. A computer virus survives within another program on the infected system. It requires the program to run for it to spread. So, to put simply, if you don’t run the target program on which the computer virus is depended on, the virus can never cause any harm. An easy example to understand this is the notorious Word Macro virus. There are countless variety of this kind and all of them depend on your computer having Microsoft Word. Without the Word program, these viruses are useless – they are never activated. However, you can spread the virus by sending the affected file to another user.
Computer Virus as a generic name for all malware: Since computer virus is the most popular and were historically the first to appear, the term “computer virus” is often applied to Worms, Trojans, Spyware and other kinds of malware. The distinction between the different kinds of malware is not made unless they are referred in a technical sense. All antivirus software do not typically restrict themselves to detecting only “virus”. They detect other kinds as well. |
Computer Worms are the second form of malware. They differ from virus because they are stand-alone code and do not require another software to carry it. They do however rely on operating system’s capabilities for execution. Another characteristic of a worm is that it is self-replicating and spreads without user intervention. And while replicating, they consume network bandwidth slowing down the performance. Worms typically impact the network while a virus impacts files. Because of this, worms are typically behind most DoS attacks. Since worms work without user intervention, they are also used in creating zombies – victim computers under the control of the worm author. While viruses spread when the host program or file is distributed, worms spread without a host program by exploiting vulnerabilities in the system. So, by running regular security updates, you can prevent worms from spreading. However, in rare situations, there are vulnerabilities (called zero-day vulnerabilities) for which the vendor patch is not ready. It is difficult to protect yourself in these cases.
Worms also spread through emails – via malicious attachments. There are many popular worms (such as ILOVEYOU) which spread this way by tricking or enticing users to open email attachments.
(Un)Popular Malware Attacks Melissa: 1999 Worm. Targeted Microsoft Word and Outlook and created considerable network traffic by mass mailing itself. ILOVEYOU: 2000 Worm. The most costly worm yet causing about $10bil damage, Anna Kournikova: 2001 Virus. Sends emails to contacts in Microsoft Outlook address book MyDoom: 2004 worm. The fastest spreading mass mailer worm Witty worm: 2004 Worm. The first Internet worm to carry destructive payload Storm Worm: 2007 Worm. Fast spreading email spamming threat to Microsoft systems. Infected about 10 million systems Confiker: 2008 Worm. Infected 15 million Microsoft servers. Microsoft set a bounty of $250,000 for information leading to capture of the author. Source: Wikipedia Article |
Trojan Horse, our third form of malware, derives its name from the Greek legend of Trojan war. Similar to the seemingly benign horse left by Greeks that brought tragic end to the city of Troy, this malware works by disguising as legitimate software downloaded by the computer user. Trojans are executable programs (that you can double click to run) that perform some action when you open it. So, it could be a cool computer game that you found on the Internet that you downloaded and tried to install. The reality could be that it might be a Trojan horse malware which installs and now allows the hacker to access your computer.
A pesky variant of Trojan Horse is the spyware which is installed without your knowledge and collects and sends information to the hacker. It could be as benign as sending your browsing habits or as serious as collecting credit card information.
Can a malware be all-in-one?
Yes, a malware can be designed to be a virus, worm and a Trojan horse too. Malware classifications do not strictly follow its biological analogy. A virus can spread like a worm on the network and could be triggered like a Trojan by disguising as a interesting or free software.
Why should you know about different malwares?
As mentioned above, it is not important to know if a malware is a virus, a worm or a Trojan. Sometimes, they are more than one. Knowing them however helps to understand how they get activated and spread. All types of malwares discussed above are only the means to get access to your computer. Most often they rely on your action and that’s why knowing different kinds of malware helps. It makes you a smart user and not fall for the tricks.
What is the impact on your computer?
The real impact of a malware depends on what damage they can do to your system and your data. Some of them could be irritating but harmless - like proliferating pop-ups that show pesky advertisements. Others collect your information and send it to hackers. Some others use your computer to spread themselves or launch DoS attacks on others. The serious ones could crash or format your hard-drive. They can also steal information such as your credit card number and send it to hackers.
How do you protect yourself from malware?
Malwares rely on few simple things for its survival and proliferation. Most important of them is your co-operation. Following are some of the things you can do to prevent becoming a victim of malware:
- Regularly update your software with vendor patches: All software have vulnerabilities. These are holes that are typically exploited by malware. By updating your software and operating system regularly, you close these holes make your system immune to the malware.
- Keep your antivirus software updated: Your antivirus software detects malware based on its pattern (known as its signature). Ever so often, new viruses are designed and unleashed by hackers which cannot be detected by your antivirus if it doesn’t know its signature. So, just installing an antivirus is not useful - you have to update it periodically (at least once every couple of days) so that new virus can be detected.
- Do not open unknown email attachments: Even if you know the sender, it is not guaranteed that the attachment is safe. Most worms and Trojans propagate by sending emails to your email contacts without your knowledge. So, unless you are sure about the attachments do not download and open them.
- Do not download unknown programs or from unknown source: Free software is always tempting but there is a good reason it is offered free. While not all free software is malicious, you need ensure that it is offered by a source you trust. Many free software are loaded with spyware and hidden software which subsidize the cost of the software you are using.
- Do not transact on unknown websites: You should ideally avoid visiting unknown websites but that’s going to be hard to follow. At the very least, ensure that you set your browser security settings such that active content or hidden frames are not loaded when you visit a website. Also, ensure that you do not conduct sensitive and financial transactions on a website unless you trust them. Another word of caution about visiting website is to avoid clicking on a link sent through emails. A hyperlink in an email from a seemingly legitimate and trusted source could be a phishing attack. For example, a malicious hacker can send a email which looks just like your bank (and its easy to do it). This email may ask you to click on a link which takes you to the hacker’s website. Unless you are watching the URL associated with the link carefully, you end up entering your password voluntarily ending in your account getting hacked.
Wow! very good information and pretty interesting.
ReplyDelete