Malware infections are a dangerous form of cyberattack. The problem is that malware comes in different shapes and sizes, making it hard to pin them down, learn their malice, and prevent infections. This article looks and the different types of malware—what they are and how they work. We’ll also cover tips for protecting digital assets from malicious software.
What is Computer Malware?
Many of us take malware to mean computer virus. But this is not entirely wrong because “malware” is an umbrella term for any software made to deliberately cause harm or exploit a device or other software, including viruses. A virus is a type of malicious software that spreads through self-replication and attaching its copies to legitimate files or programs.
A malware’s intention can range from data breaches and manipulating software or OS operations to taking over or sabotaging computing resources.
Where does malware come from? Malware infections happen in three main ways: they can be installed directly onto a device by the threat actor, sent via email as attachments, or downloaded from malicious websites.
What Are the Different Types of Malware?
Classification of malware is based on the malware’s ill intentions. Common types of malware include:
At the top of this types of malware list is ransomware. Ransomware encrypts the victim’s data or disables access to the data. The attacker then demands payment to decrypt or release the data. These types of malware attacks have become quite common in recent years. SonicWall logged over 300 million ransomware attempts in just the first half of 2021.
A trojan is a malware that disguises itself as a legitimate or desirable program, fooling unsuspecting users into installing it. Trojans are usually sent as payloads in phishing emails or embedded in malicious apps, games, and software patches. Emotet is one of the oldest and most dangerous trojans. The banking trojan is known to hide in Word documents and, once installed, steals FTP credentials and emails from the infected device.
Spyware collect information about a user’s activities on a device or software application without the user’s knowledge or consent. They gather any information of value, including credentials, emails, browsing habits, and personal details. Spyware work in many different ways, such as recording keystrokes, tracking browser history, tapping webcams and microphones, and taking screenshots.
Unlike most malware, which rely on executable files, fileless malware do not require any installation. Instead, they use non-file commands such as macros and PowerShell scripts to manipulate system files or programs on the fly. These are notoriously difficult to detect and mitigate.
A password dumper is specifically designed to steal login credentials from browser and OS logs. They target saved user credentials, which they extract and try to decrypt using various techniques. Cracking a long string of hashed credentials may only yield a handful of useable passwords, but a single compromised password might be all it takes to launch a company-wide attack.
Rootkits give the attacker unlimited or unhindered access to the victim’s computer. The attacker can exploit the privileged access to computing resources for a myriad of malicious activities, from launching more attacks and mining crypto to running advertising click fraud.
A bot is a software program that performs automated tasks on demand. Bots are useful in automating online interactions and transactions, but they can also be weaponized as malware. In fact, 39 percent of all internet traffic comes from malicious bots. Cybercriminals typically synchronize thousands of bots from multiple infected computers to create powerful botnets capable of initiating massive DDoS attacks.
Keyloggers are a type of spyware that monitor and record a user’s input actions: keystrokes, mouse clicks, and screen taps. Attackers then use the input logs to piece together passwords or other sensitive information such as work and personal messages, banking information, and contact details.
Worms clone themselves onto devices connected to the same network. They infiltrate corporate networks through backdoors, software vulnerabilities, open ports, or unsecured access points. Most worms are designed to consume network bandwidth and disrupt transmissions through DoS attacks. Some are also used in multi-stage attacks to open network pathways for other intrusions.
Adware is any malware that intrudes on user privacy to serve personalized ads. This type of malware captures online user behavior data, which it uses to generate spammy in-browser or in-app ads. Most adware are harmless, but the frequent pop-up ads can be frustratingly annoying. Plus, adware processes can significantly lower the infected device’s browser and network performance. Adware is normally embedded in web-based freeware or shareware, such as browser add-ons, extensions, and toolbars.
Malware attacks are opportunistic and do not discriminate between large and small businesses. Some of the biggest cyberattacks in 2021, including the Colonial Pipeline, CNA Financial Corp, and Kaseya attacks, are all examples of malware attacks.
Sadly, there is no silver bullet for all the different types of computer malware. Safeguarding networks, computers, endpoints, and servers from malware infections calls for a multi-faceted security approach that includes efforts such as:
- Keeping all software applications up to date
- Installing strong antimalware tools and spam filters
- Keeping a close eye on endpoints through remote monitoring and management
- Educating and urging users to be wary of suspicious links, attachments, and downloads (safe browsing and cyber hygiene)
- Regularly auditing the IT’s software ecosystem
- Using admin accounts only when absolutely necessary
- Continuously monitoring servers and networks for unusual behavior
- Blacklisting non-secure websites
This concludes our list of common malware programs, but there are many more types of malware in the wild. Some worthy mentions include RAM scrapers, mobile malware, grayware, malvertisers, cryptominers, and browser hijackers.
Malware families keep growing and evolving as new attack vectors join the cybercrime ring. It’s actually not that easy to keep up with malware trends. But the important thing is to have a general idea of the threats out there and be prepared to face them. In other words, ensure your cybersecurity framework has powerful provisions for deterring, detecting, and eliminating potential malware threats.
Endpoints are the first line of defense against malware attacks. Reinforce your endpoints’ security with Action1 remote endpoint management. Our robust solution includes remote software deployment tools, remote assistance software, and automated patch management services. Action1 gives you complete control and visibility into your endpoint infrastructure. Sign up today and get free endpoint management for the first 100 devices.