Episode 2 - Types of Malware Show Notes

Welcome to the second episode of the Simple Cyber Defense Malware series. In this episode I will discuss the different types of malware. So let's begin.

There are 4 common types of malware: Viruses, Worms, Trojan Horses, and Spyware. There are 2 newer forms of malware that is starting to gain in popularity: ransomware and crypto jacking.

Viruses are programs that executes and spreads after some human interaction. Viruses can be easy to spot on a system or sometimes hidden. The main goal of viruses is to execute the commands of its maker. This could be from locking you out of your computer all the way to completely destroying your computer.

Worms are like viruses but they do not need human interaction to infect or spread on a computer. Their main goal is to infect as many systems as possible to be able to have maximum damage.

Trojan Horses are particular dangerous because these are bad software that hides itself as good software. The most common types of Trojans are fake anti-virus software. When the software starts to install it will install other hidden software that will do malicious things in the background. Trojans will run as expected so that their malicious activities are not easily spotted. There are different types of Trojan Horses that server different purposes. A Banking Trojan is designed to steal your banking details so that a hacker can transfer all your money from your account to their account. This is done by tricking you into thinking that you are talking to your bank instead of the Trojan. A backdoor Trojan is a type of Trojan that creates a backdoor to your computer. This backdoor allows hackers to gain control of your computer in order to install more malware or even steal files off of your computer. A downloader Trojan allows a hacker to install whatever information they want onto your computer. This type of Trojan is usually bundled into other software that you want in order to trick the user into installing the Trojan. Once the downloader Trojan is installed, it will install other types of malware onto the computer without you noticing. An information stealing Trojan has one objective, to steal any information from the infected computer. A remote access Trojan is a type of Trojan that is designed to give a hacker full control over your computer.

Adware, though not always malicious in nature, particularly aggressive advertising software can undermine your security just to serve you ads — which can give a lot of other malware a way in. Plus, let’s face it: pop-ups are really annoying.

Spyware are programs that collect information on you and sends them to the hacker. These programs can range from simple to complex. The most common types are keyloggers, which copies everything you type (passwords, social security numbers, and credit cards), and trackers that keeps a hidden history of everything you do on your computer. The data the spyware collects is sent to the hacker.

Ransomware is a form of malware that encrypts your files so that you cannot access them. The hacker will leave a note with demands stating that they will restore the files once payment is received. The worse part about ransomware is that only the hacker can decrypt the files. Ransomware is a particularly bad type of malware that started to spread worldwide in 2008 and gained the news headlines in March of 2017. Once infected, all files on the system are encrypted with strong encryption. The hacker will leave a ransom note on the desktop informing the user that their files have been encrypted and the only way to regain access to their files is to pay the ransom demands. Payments are usually done through bitcoin, which is a type of crypto currency. The bad part of ransomware is that there is no guarantee that the hacker will give you the decryption key needed to unlock your files. There are a few things that can be done to prevent becoming a victim of Ransomware.

Crypto jacking is malware that runs on your computer in order to generate crypto currencies (digital money) for the hacker. These programs will slow your computer down tremendously but they will not cause any harm to your computer. Their main goal is to generate money for the hackers not cause harm or steal any information (yet). Crypto Jacking is the most harmless form of malware in existence. The only thing it does is use your computer as a crypto miner. This will slow your computer down a lot but no damage will be done. All your files are safe, none of the files are copied, and no one is watching what you are doing. The only thing that happens is you computer is slowed down to a crawling speed making it impossible for you to do anything, even if it is brand new.

How does malware work and what can malware do to a computer?
Malware is a program that has lines of code that will alter the computer's code in order to have the malware take over the system. Depending on the type of malware there will be different outcomes. Some will be more of an annoyance due to poor performance, as with the case of Crypto Jacking, while others will destroy everything, as in the case of really bad viruses.  

How does malware spread?
Many forms of malware are downloaded from shady websites. These sites are mostly websites that offer free movie downloads or free versions of paid software. These sites lure you in with free stuff (things you would normally have to pay for) and then install malware in the background. A lot of the time a popup will be shown informing you that you need to upgrade some software or call a number to remove a virus. But once you click on ok or download the software, your computer gets infected. Another way hackers trick users into downloading malware is through what is known as malvertisment. The hacker will buy advertisements on legitimate advertisement space on legitimate websites. Within the advertisement there will be malicious code.

Not all malware is downloaded from websites, some of them are installed from email attachments. These emails can look like they come from legitimate sources, like your bank, a friend, or even family. Other emails look totally ridiculous, like telling you that you won a million dollars or you owe back taxes to the IRS. Either way these emails will have either links or attachments that once clicked on or opened the malware is installed. For mobile devices malware is installed through apps. A hacker will create an app with malicious code in it, upload it to an appstore, and wait for users to download it. In most cases the appstores do remove the malicious app before too many user download and install them. However, there are a few that do slip past the appstore's defenses; stay active for a while before getting discovered and removed.

Now that you have learned the types of malware, in the next episode I will discuss how to prevent malware from infecting your computing device.