Tuesday, October 27, 2020

What is Computer Virus and Malware? What Are Their Types?

Computer viruses are small programs capable of causing great inconvenience to individuals, companies, and other institutions, after all, they can erase data, capture information, alter or impede the operation of the operating system, and so on. As if that were not enough, there are other similar software, such as  Trojan horses,  worms, hijackers,  spyware, and ransomware. In this text, you will learn a little about how these true "digital plagues" act and learn the basic differences between them.

Computer Virus and Malware

Before, What is Malware?

It is common for people to call viruses any program for malicious purposes. But, as the first paragraph of the text indicates, there are several types of "digital plagues", viruses being just one category of them.

Currently, a more heated term is used to generalize these programs: the name malware, a combination of the words malicious and software which means "malicious program". Therefore, malware is nothing more than a name created for when we need to refer to malicious software, be it a virus, worm, spyware, etc.

It is important to note that the word "computer" is used in this text in the broadest way, considering the various types of computing devices that exist: desktops, servers, smartphones, tablets, and so on.

It is also worth noting that malware is not limited to a single platform. There are those who think, for example, that there are only digital plagues for Windows, but that is not true. What happens is that the Microsoft family of operating systems is more popular and therefore more targeted. As there is no 100% secure software, malware can also be developed to attack any other platform, after all, there is always someone willing to discover and exploit its deficiencies.

What is a Computer Virus?

Illustrative image of virusesAs you already know, a  virus is a program with malicious purposes, capable of causing inconvenience with the most diverse types of actions: there are viruses that erase or alter users' files, which impair the functioning of the operating system by damaging or altering its functionality, which cause excess traffic on networks, among others.

Viruses, like any other type of malware, can be created in several ways. The first ones were developed in programming languages ​​like C and Assembly. Today, it is possible to even find tools that help in its creation.

How Do Viruses Act?

Viruses receive this name because they have propagation characteristics that resemble real viruses, that is, biological ones: when a virus contaminates a computer, in addition to carrying out the action for which it was programmed, it also tries to spread itself to other machines, just as they do biological viruses in the invading organisms.

In the past, viruses had a very limited range of action: they spread, for example, whenever a contaminated floppy disk was read on the computer. With the emergence of the internet, however, this situation has changed dramatically, for the worse.

This is because, with the internet, viruses can spread much faster and infect a much more significant number of computers. For this, they can explore several means, among them:

  • Security flaws ( bugs ): operating systems and other programs are not perfect software and can contain flaws. These, when discovered by people with malicious purposes, can be exploited by viruses, allowing contamination of the system, often without the user noticing;
  • E-mails: this is one of the most explored practices. The user receives messages that try to convince him to execute a file attached or present on a link. If the user does it without realizing that he is being deceived, his computer will surely be contaminated;
  • Downloads: the user can download a file from a specific website without realizing that it may be infected.

Viruses can also spread through a combination of means. For example, a person in an office can execute an e-mail attachment and thereby contaminate your computer. Then this same virus can try to exploit security holes in other computers on the network to infect them.

Other Types of Malware

As you already know, viruses are not the only malware that exists. The definition of what the pest is or does not depend essentially on its actions and ways of propagation. Here are the most common types:

Trojan Horse (Trojan)

Trojan horses  (or  Trojans ) are a type of malware that allow some way of remote access to the computer after infection. This type of pest can have other features, such as capturing user data to transmit it to another machine.

In order to be able to enter the computer, the Trojan horse usually passes for another program or file. The user can, for example, download it thinking that it is a tool for a specific purpose when, in fact, it is a trojan.

This type of malware is not designed to replicate itself. When this happens, it is usually a joint action with a virus.

Worm

The worms  (or maggots) can be interpreted as a more intelligent type of virus than others. The main difference is in the form of propagation: worms can spread to other computers quickly - either over the internet or via a local network - automatically.

It is explained: in order to act, the virus needs to have the "support" of the user. This occurs, for example, when a person downloads an infected attachment from an email and executes it. Worms, in turn, can infect the computer in a totally discrete way, exploiting flaws in applications or the operating system itself. Of course, a worm can also rely on a user's action to spread, as generally this type of malware is created to infect as many computers as possible, making any means that allow it to be acceptable.

Spyware

Spywares are programs that "spy" on users' activities or capture information about them. To infect a computer, spyware is often "embedded" in the software of questionable origin, often offered as freeware or shareware.

The captured data is later transmitted over the internet. This information can range from user browsing habits to passwords.

Keylogger

Keyloggers are small applications that can be embedded in viruses, spyware, or software of doubtful origin. Its function is to capture everything that is typed by the user. It is one of the ways used to capture passwords.

Hijacker

Hijackers are programs or scripts that "hijack" internet browsers. The main victims were the older versions of Internet Explorer. A hijacker can, for example, change the browser's home page and prevent the user from changing it, display advertisements in new windows, install toolbars, and prevent access to certain websites (pages of antivirus companies, for example). Fortunately, today's browsers have more security features, considerably limiting the action of this type of digital pest.

Rootkit

This is one of the most dangerous types of malware. They can be used for various purposes, such as capturing user data. So far, nothing new. What makes rootkits so threatening is their ability to hinder their detection by antivirus or other security software. In other words, rootkits are able to "camouflage" themselves in the system. For this, rootkit developers can make use of several advanced techniques, such as infiltrating malware into active processes in memory, for example.

In addition to being difficult to detect, rootkits are also difficult to remove. Fortunately, their complexity of development means that they are not very numerous.

Ransomware

Ransomware is a type of malware with a bolder "purpose": once active, the pest can block or limit (or allow its creator to do it remotely) access to files, folders, applications, entire storage units or even prevent the use of the operating system. To release these resources, the ransomware usually shows messages demanding payments. It is as if the computer has been hijacked.

To convince the user to pay the required amount, the message may contain threats or blackmail, saying, for example, that important data will be deleted or that private images of the person will be published on the internet if payment is not made.

Users who have their computer infected with ransomware should not give in to pressure and pay, not least because, not infrequently, nothing happens when this is done. Ideally, the person should use security software (endpoint security software) to try to remove the pest or, if unsuccessful, look for someone they can trust to do so.

No comments:

Post a Comment

November 27 is Black Friday and November 30 is Cyber ​​Monday

One of the strongest sales campaigns in shops and online sales recently established in Spain is Black Friday and Cyber ​​Monday. A tradition...