Is your device performing poorly or experiencing unexplained program interruptions? It could be a sign of infection with malware.
Viruses, Trojans, and other types of malware can steal data, delete files and cause other malicious activities. They spread through phishing, malicious attachments, corrupted downloads, and compromised system vulnerabilities. They can also be hidden in legitimate software programs’ build or update processes with rootkits.
While they have long existed in the public imagination, computer viruses aren’t the only threats. They’re joined by various malware variants that include worms, Trojans, and ransomware. Cybercriminals use these tools to infect computers, mobile devices, and connected hardware like intelligent televisions. As hackers evolve tactics, these malicious programs can cripple device performance, mine your system for PII and sensitive data, hijack your web browser functions, or even encrypt your files in ransomware attacks.
Viruses are microscopic infectious agents that can only reproduce inside the living cells of a host organism. While most are harmless, some cause diseases like influenza, chicken pox, and AIDS. Viruses can be classified by their structural proteins and whether or not they have an envelope. Most are icosahedral, which resembles a soccer ball, while some are helical, with a spiral structure that helps them latch onto and enter host cells.
Computer viruses typically spread by attaching themselves to programs and documents that support macros, which are used in many word-processing programs. They can also spread through floppy disks, network connections, or external storage devices like USB sticks. A standard method for distributing these viruses is through sites that offer popular software such as browsers and PDF readers for free. It’s best to only download well-known apps directly from reputable sources. Otherwise, you may be downloading a virus disguised as a helpful program.
Named after the Trojan horse of antiquity that seemed innocuous, but contained a hidden Greek army that sacked Troy, Trojans are computer programs that infiltrate your system disguised as legitimate software. They then spy on your activity, steal data and install additional malware. Once in place, they can monitor your keyboard and other peripherals, hide keyloggers or perform other harmful activities before you know what’s happened.
Trojans, as one of the types of malware, typically rely on social engineering to gain access to a device. They may appear as email attachments, fake advertisements on the Internet, or even corrupted shared files. Once a Trojan is in place, it can install backdoors that allow attackers to remotely access a device or download more malware from a command and control server.
Some Trojans can be used to create a botnet and enslave your infected device. Once enslaved, your device generates traffic and floods other people’s systems in a distributed denial of service (DDoS) attack.
Other Trojans, such as the Game-thief Trojan, are designed to target online gamers and attempt to steal their account information. Others seek to steal all the email addresses accumulated on a targeted device. Others are meant to steal financial information like bank accounts, credit card data, or billing information.
Worms are self-replicating malware programs that spread between computer systems, networks, and devices. They typically use system vulnerabilities, security flaws, or social engineering to gain access and infect computers, networks, and mobile devices. Like viruses, worms can infect and corrupt data, consume bandwidth, slow down systems, cause network disruptions, or steal personal information.
A worm’s primary goal is to replicate itself and spread as widely as possible without human intervention, which is why it can be so destructive. Once a worm enters a machine, it looks for other connected devices and scans them for weaknesses. Computer worms can also cause massive network disruptions by consuming bandwidth and clogging system connections.
The best way to detect a worm is by noticing that your device is running slower, crashing more frequently, or throwing up error messages. Additionally, your hard drive space needs to be improved.
Cybercriminals create worms for various reasons, including to make a profit (e.g., ransomware), for personal amusement, to demonstrate cybersecurity issues, and even for sabotage or denial of service. They can also evade detection by using strategies to hide their source IP address or modify program code. Worms are most commonly delivered via file-sharing programs, spam email attachments, or instant messaging. They can also spread from a removable drive.
Ransomware prevents victims from accessing their files and systems and demands a ransom payment for them to return. The attacker encrypts the data and provides the key to decrypt the files once the victim pays the ransom, but if payment is not made, the malware will likely publish the encrypted files on data leak sites or block access to them permanently.
Viruses, Trojans, and worms are the most common types of malware, but ransomware is growing in popularity. Attackers use different methods to deliver malicious software, including phishing emails and drive-by downloads.
For example, NotPetya spread via a fake Flash player update, infecting millions of Windows systems. While the threat was short-lived, and a killswitch was created, it highlights how cybercriminals continually experimented with new techniques to infect users.
A more recent example encrypts files and then threatens to publicize swiped information. This type of ransomware has targeted businesses, such as large meatpackers, and even local governments and police departments.
When a system is infected with ransomware, the first thing to do is check for decryptors. A free tool can be found at the No More Ransom Project, and a digital forensics expert can also help recover files from a computer’s backups. Paying a ransom is only sometimes the best option since there are no guarantees that paying will get your files back, and it can encourage additional attacks.