May 22, 2012

What's this malware? Explained.

<em>Illustration: Dionne Gain</em>
As users with technology, we would have encountered at least a virus in our lives. Where we are just surfing the internet or downloading files, somehow malicious software sneaks in and makes our life more miserable. Malicious software (or malware for short) comes in many different forms so it is good to know what you are dealing with to prepare for an attack or to protect yourself. This is important for Windows users as must viruses target the platform. Mac users are quite safe, however, not completely. A few weeks ago we all heard about the Flashback virus that has been rampant on Mac's platform. Linux users, you are pretty safe if not completely; but still take caution when dealing with the internet.


Most widely known and used term in the world. "Virus" can be used as a generic term to describe any malicious software. However, in a more specific term, a virus must be able to replicate itself without user intervention. The most common way is through macros, which are automatic commands that run when you open an email or attachment. Viruses can attach itself to other files in your system and spread through other communication channels such as email. Viruses tend to damage files, install other malware and infect other people's computers.


A "Trojan horse" is a type of malware that arrives in your computer disguised as something else. Although a trojan horse doesn't actually do anything itself, it can be considered as a "carrier" - meaning it carries the actual malware into your computer such as a virus, worm, spyware, bot or something else. Trojan horses can come in varied types and sizes ranging from your innocent JPEG image to a full-length movie video file.


A worm is a type of virus that operates from the shadows of your computer. You will not notice anything wrong until you find that your computer has slowed down dramatically. It's purpose is to replicate itself until it consumes system resources thus making it impossible for you to do your work. Worms are mostly spread via instant messaging networks slowing down the whole network for all users.


Spyware is malicious software installed on your computer without your knowledge and tracks what you are doing on your computer. It then will send information back to the source of the virus. Most notable form of spyware is the keylogger. It tracks your typed keys and retrieves your details such as login, passwords, credit card information and any sort of authentication passwords you use. Spyware can spread via email attachments, links, online ads and even a drive-by attack.


Adware, as you might have guessed, it software that pops advertising on your screen without notice. It is quite annoying for end users and can slow down system resources. A lot of adware also sends information back to advertisers about what you're up to, so it's a form of spyware.


There are good bots and bad bots. We are talking about bad bots here. This software behaves like a human being on the internet but at automated speeds. Good bots are purposed to gather volumes of information from websites such as what Google does for search results. However, bad bots are used to infect computers so as to turn them into more bots, or zombies that do as they are told. They can be used to organise a Distributed Denial of Service (DDoS) attack on a particular website. A botnet is a term that describes a whole network of zombie computers controlled by one or more attackers.


A form of "fishing" that deals with technology and the act of stealing credential information from you. A technique to gather some of the information that keyloggers also gather. Phishing involves sending people links in emails or instant messages purporting to be legitimate communication from banks, eBay or other reputable organisations. The links in these emails, however, do not lead to the legitimate sites but to fake sites that look remarkably like the real ones. When users enter usernames, passwords and other information, the ''phisher'' receives them. The attacker now has the credentials to impersonate users and access their account.

Social Engineering

Like phishing, social engineering is an attack technique designed to tempt people to fall for scammers' tricks. It takes advantage of the fact you're human, thus likely to be curious and open a photo a friend has sent or a link that offers ''proof'' people have been talking about you. Once opened, the file or the link allows a piece of any of the malware types to install on your computer in the background.

In conclusion, Windows users must have some form of antivirus installed on their systems. This is essential as there is an increasing amount of new malware everyday. As for Mac and Linux users, you guys are quite safe from most attacks, but keeping your system up to date would be the most appropriate thing to do.