Malware Unleashed

computer virus 2-4-09The ‘always-on’ connection of the modern, high speed Internet is creating an environment conducive for spreading computer malware. Malware is generally defined as software inserted into computers causing harm to that computer or a system of computers. Computers infected with malware may be used in ways not intended by their owners.

There are many types of computer malware with varying degrees of malevolence. Listed below are some of the more common types of malware, how they are used by hackers and the severity of the attacks.

Adware – These are software designed to display or download advertisements. Adware is common on software downloaded from the internet. There is a limited time period when the software runs with all features enabled. Upon expiry of the free trial period, the user is advised to purchase the “full copy” of the software or else the program runs on “crippled mode”. Of course there is another way of enabling full functionality. The user simply allows the software to display advertisements.

Security experts are concerned that adware could be profiling your browsing habits and reporting them to a site somewhere on the internet. This is already one form of invasion of privacy.

Use: Adware is a way for programmers to earn money from freely downloadable software by getting money from advertisements.

Severity: Some adware can be considered as spyware so they can be harmful.

Prevention: almost all antivirus programs are able to detect adware. Regular scanning of harmful software and constant updating of malware signatures offer effective protection.

Backdoor – is a method that is used to gain access to a computer by bypassing normal login or user authentication. Backdoors are designed to get access to the most privileged user level – the root or the administrator. Hackers who are able to secure root privileges can do anything with the computer.

Use: With root or administrative privileges, hackers can read personal data. They can even use affected computers as bot-nets for sending spam.

Severity: Backdoors are used to surreptitiously acquire administrative rights to computers. Damage done can be very severe

Prevention: Backdoors are similar to most computer viruses. Regular scanning using updated security software removes most backdoors.

Boot viruses – A boot virus specializes in infecting the boot sector of the hard disk. The Boot sector is the master directory of all the files in the hard drive. When the boot sector is compromised, the computer may have no way of loading files required by the operating system.

Use: Boot sector viruses are used to bring down computers.

Severity: Downtime due to inoperable computers can have highly damaging and expensive consequences.

Prevention: Regular scanning using updated security software. Back up important files.

Bot-Nets –  A network of compromised computers running autonomously and is controlled remotely using IRC or other similar software such as IM. Infected computers that are part of bot-nets may number in the thousands.

Use: Bot-nets are used to spread spam and other viruses or Trojans. When bot-nets are commanded to access a specific web site, the sheer number of requests may overwhelm the server resulting in denial of service to legitimate web traffic.

Severity: Severity can be high especially if high profile targets are attacked, like banks.

Prevention: The best way to prevent computers from getting infected with worms and viruses that turn them into bot-net robots is regular scanning using updated security software. Apply patches and software updates right away to reduce your computer’s vulnerabilities.

Exploits – Exploits employ vulnerabilities in software resulting in unintended use of the computer. Many exploits are used by hackers to get administrator rights to the operating system making him free to do anything he wants with the computer

Use – By gaining administrative access to a computer, hackers can read personal data.

Severity – Potential damage is high because of the possibility of super-user access to the operating system. Personal data can be accessed.

Prevention – Application of software updates and regular scanning of the operating system using updated security software can eliminate this type of vulnerability.

Keystroke logging This is used to covertly record the keys struck on a keyboard such that the user is does not know that he is being monitored. Keystroke logging may have legitimate use such as debugging.

Use: Keystroke logging can be used to get passwords and other confidential data such as credit card numbers.

Severity: Potentially severe damages may occur especially when loggers are used to gain access to networks.

Prevention: Smart cards obviate the need for typing passwords that is why they are used in high security computer networks. Preventing your computer from being infected with malware is the least expensive way of averting damages caused by keystroke loggers. That is why regular scanning with updated security software is highly recommended.

Spyware is malware usually installed without the knowledge of the user and is used to monitor and collect data on the user, his browsing preferences without him being aware of it. Spyware is differentiated from worms and viruses because it does not replicate.

Use – Spyware can be used to deliver unsolicited advertisements to the user’s browser.

Severity – Spyware may have little or moderate severity.

Prevention – Spyware has become so prevalent that a different kind of software, distinct from anti-virus applications, has been developed. Anti-spyware software scan network data and block off any incoming threat. Additionally, anti-spyware applications scan the Windows registry, files in the operating system and look for signature entries and files that are compared to a database.

Worms – a worm is another form of self replicating malware. It is differentiated from viruses because worms do not attach themselves to files.

Use – Worms may carry a payload. It could be a set of harmful instructions like a command to delete a file. A backdoor could be another payload for worms. When a user is able to get super use rights to the computer because of the backdoor, anything can happen Backdoors are often used to make computers join bot-nets.

Severity – potential damage could be high. Through a backdoor, a user can gain access to personal data.

Prevention – Worms infect computers by using vulnerabilities and exploits. Apply software updates and patches immediately. Some worms are spread by email. Recipients of email from unknown senders must be careful especially when downloading attachments.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.