In recent months the word ransomware is often heard; however, it is not the only malware that exists. Do you know the types of malware to which we are exposed with the use of new technologies?
The most common types of malware and the differences between them are described below:
Worms: This type of malware uses network resources to distribute itself. Their name implies that they can spread from one computer to another. This propagation is carried out through instant messaging systems, shared file networks (P2P), email…
The propagation speed is very high.
Classic viruses: These are programs that infect other programs by adding their code to take control after execution of the infected files. The main objective of a virus is to infect the system.
The speed of spread of viruses is somewhat slower than that of worms.
Trojans (Trojan horse). This type of malicious program presents itself to the user as an apparently legitimate and harmless program, but when it is executed, it gives the attacker access to the infected computer without the user realizing it and without their consent, Trojans collect data and send it to the cybercriminals; they alter or destroy data with criminal intent, cause malfunctions in the computer, or use the computer's resources for criminal purposes, such as sending mass unsolicited mail.
Trojans do not infect other programs or spread; they cannot infect the computers by themselves, but they need to be camouflaged in some "desirable" software for the user and that the user installs it using techniques, such as social engineering.
Spyware. It is a software that allows the collection of information about a user / organization in an unauthorized way, they can collect all kinds of data such as: hard drive content, connection speed, installed software, user actions, etc. …
Its presence may become invisible to the user.
Adware. This type of malware shows advertising to the user, it appears in the interface and sometimes they can even collect and send the user's personal data.
Most adware programs are installed using free software.
Rootkit. It is a set of software that allows continuous privileged access to a computer but that keeps its presence actively hidden from administrators' control.
This action is normally possible in two ways: by replacing files or system libraries; or by installing a kernel module.
Rogueware: This type of malware whose main purpose is to make people believe that the computer is infected by some type of virus, inducing them to pay a certain amount of money to eliminate it.
Sometimes it comes in the form of a trial version of an antimalware product that the user downloads in good faith, but they act by purposely generating false positives by detecting non-existent malware to get the user to pay for the full version.
Keylogger: It is a type of software that is responsible for recording keystrokes that are made on the keyboard, to later store them in a file or send them to the attacker via the internet.
Ransomware: As it was mentioned at the beginning, the malware that has recently caught the attention is ransomware, it is a type of malware that prevents or limits user access to their own computer system. This type of malware encrypts and blocks the files of its victims, who are asked for a monetary ransom in exchange for recovering them.
The ways of infection of our devices are numerous; Among the most common are the following:
- Downloading and installing attachments in email messages. Downloading applications from untrusted sources. Infected USB, DVDs or CDs. Suspicious websites. Fake advertising.
At Áudea we recommend following a series of recommendations to avoid becoming victims of an infection by any type of malware:
- Adopt a safe and cautious behavior when browsing the internet. Avoid downloading and installing unknown programs. Do not click on links from emails to access banking services as well as doubt any suspicious email. Keep the system protected with security solutions such as: firewalls, antispam filters, etc. In addition to keeping the operating system and all installed programs updated.
___________________
Plácida Fernández
Cybersecurity Department
Áudea Information Security
