The Family of Malware

Hello readers, long time it has been since by last blog on Hacking, Hackers and Types! This blog is third in the series of Cyber Security. If you haven’t read my second blog, you can read it from here,

Hacking, Hackers and Types!

In this article, I’ll touch the topic of Malwares, Virus and Trojans. At the end, I’ll also include some good resources to read.

We’ll get to know about what is Malware, Virus or Trojan; Types of Malwares and many more.

“People’s computers are not getting more secure. They’re getting more infected with viruses. They’re getting more under the control of malware.”

Let’s begin >>

Malware

Short for “Malicious software”, is any software used to misuse computer systems with the intent to:

• Cause Denial Of Service (DOS)
• Spy on User’s Activity
• Get unauthorized control over one or more computer systems
• Cause other malicious Activities

Malware classification is based on behavior of the software rather than malicious features it provides. These mentioned comes under category of Malwares:

1. Virus
2. Trojan Horses
3. Rootkit
4. Bootkit
5. Backdoors
6. Adware
7. Spyware
8. Greyware
9. Dialer
10. Key-Logger
11. Botnet
12. Ransomware
13. Data-Stealing Malware
14. Worm

1. Virus

A computer virus is a small piece of code that spreads from computer to computer, without any direct action or authorization by owners of infected machines.

• Virus usually copy themselves to special sections of Hard Disk
• They run automatically each time when program or file is opened.

2. Backdoor

Backdoors are software made by 2 components: a server and a backdoor client. The backdoor server runs on victim machine listening on the network and accepting connections. The client usually runs on attacker machine, and it’s used to connect to backdoor to control it.

3. Rootkit

A rootkit is a malware which can hide itself from users and antivirus program in order to subvert OS functioning. It can conceal files, malware processes, injected modules, registry keys, user accounts or even system registries running on system boot.

4. Bootkit

Bootkits are rootkits which circumvent OS protection mechanisms by executing during the Booting phase. It load as early as possible in the boot process, in order to control all stages of the operating system start up, modifying system code and drivers before anti-virus and other security components are loaded.

5. Adware

An adware is annoying software that shows advertisements to computer users. Adware programs will tend to serve you pop-up ads, can change user’s browser’s homepage, add spyware and just bombard user’s device with advertisements.

6. Spyware

Spyware is any software that installs itself on your computer and starts covertly monitoring your online behavior without your knowledge or permission. The information is sent back to a log collection server controlled by an attacker. It collects information such as:

• OS installed on machine
• Visited websites
• Passwords

7. Greyware

Greyware is a classification of software that generally does annoying, disruptive, or undesirable tasks but not to the point of being malicious.

For example, it can be either spyware, adware or both.

8. Dialer

A dialer is a software that tries to dial numbers on dial-up connections in order to collect money from victim’s phone bill. Nowadays, Dialers target smartphones.

9. Keylogger

Keyloggers are a type of monitoring software designed to record keystrokes made by a user. One of the oldest forms of cyber threat, these keystroke loggers record the information you type into a website or application and send to back to a third party.

• Recording keystrokes
• Recording the window name where victim user was typing
• Saving keystrokes in a log file on victim machine
• Sending logs to server controlled by an attacker

10. BotNet

Bots are small pieces of software that get installed on millions of Internet-connected machines to perform DDoS (Distributed Denial of Service) attacker serving as spamming sources.

These bots are commanded remotely by a so-called Command and Control server. The C&C server can instructs thousands or even millions of bots to perform a given operation simultaneously.

11. Ransomware

Ransomware is a form of malware that encrypts a victim’s files. The attacker then demands a ransom from the victim to restore access to the data upon payment.

Users are shown instructions for how to pay a fee to get the decryption key. The costs can range from a few hundred dollars to thousands, payable to cyber criminals in Bitcoin.

12. Data Stealing Malware

Data Stealing malware steals the most important data on victim’s hard disk and sending it back to the attacker. As an alternative, an attacker could use backdoor to perform data stealing.

13. Worms

A computer worm is a type of malware whose primary function is to infect other computers while remaining active on infected systems. It spreads over the network by exploiting OS’s and software vulnerabilities. Worms offer an entry point into the target system.

I hope you enjoyed reading this just as I do while writing this. There are many resources out there on the internet which have immense information about Malwares and it’s family. All you can do is to open browser and do a good RESEARCH!!

Any type comments are welcome. Thankyou for your time :)).

Resources & References

What is a computer worm and how does it work?

Ransomware explained: How it works and how to remove it

What are bots? - Definition and Explanation

What is a keylogger? How attackers can monitor everything you type

What is spyware? How it works and how to prevent it

What is adware? How it works and how to protect against it

Bootkit - Malwarebytes Labs

What is a Rootkit | Anti-Rootkit Measures | Imperva

Backdoor computing attacks - Definition & examples | Malwarebytes