A Snake in the Grass : MALWARE
image

Malware is an umbrella term used to refer to malicious software. It is software that is designed to damage or disable computers, networks, and other systems. Examples of malware include Viruses, Worms, Trojans, Spyware, Ransomware, Logicbombs and Adware. It is often used by criminals to steal personal data, cause disruption, or take control of a system

Malware can be distributed in many ways, such as Phishing email attachments, fake apps, and downloads from untrustworthy websites. Protecting your devices and data from malware is essential, as it can cause data loss and financial damage. Staying up-to-date with the latest security software is the best way to protect your devices and data. Malware is a form of malicious software designed to cause damage to a system. It can be spread through malicious emails, infected websites, and other malicious sources. Malware can cause a range of harm, including data loss, privacy violations, and identity thefts. It is important to take all the necessary precautions to protect your system from any form of malware. By regularly updating your security software, avoiding suspicious links and emails, and using strong passwords, you can help protect yourself from malicious software.

Various types of Malware have been enumerated as follows:

VIRUS

VIRUS is an abbreviated form for

 Vital Information Resources Under Siege.

This associates to the type of malicious software or malware which may cause damage to data, files, and software through the process of replication. They can result in:

1. Data Loss and Data theft

2. Operational issues

3. Damage Systems and programs

4. Deletes files

Classical example of Virus attack is ILOVEYOU virus or Love Bug attack which infected over 50 Million Window users and had the capability to destroy all type of files present over a system such as JPEG,MP3,MP4,JSE,CSS,etc.

RANSOMWARE

Ransomware is a type of malware that averts the users from accessing the systems or personal data and demands ransom payment in order for the regain of access. Ransomware can be spread through Emails (Malspam), Advertisements (Malvertisements), Spear Phishing or Social Engineering. Ransomware files can be Screen locker or Data Encrypting using algorithms and Passwords which can be only unlocked when the ransom is being paid.

Classical example of Ransomware attack is AIIMS ransomware attack in which five servers of the AIIMS were affected and approximately 1.3 terabytes of data were encrypted and ransom of 200 Crore was asked as ransom in terms of Bitcoin.

WORM

Worms target vulnerabilities over the operating systems and install themselves into networks. They might get access in several ways: via backdoors built into software, through unintentional software loopholes and vulnerabilities, or through flash drives & USB Drives. Once in place, worms can be used by malicious actors to launch DDoS (Distributed Denial of Services) attacks, access the sensitive data, disrupt the Hardware components or conduct ransomware attacks.

Classical example of Worm attack is STUXNET worm attack over the Iranian Uranium Concentrators used in the Nuclear Mission by the US Government in which the bug completely disrupted the working rotational speed of concerntrators which led to the failed Iran Nuclear mission plan.

BOTNETS/BOTS

A bot is software which usually performs automated tasks over various commands. They are used for legitimate purposes, example indexing search engines, but when used for malicious purposes, they take up the form of self-propagating malware that can connect back to a stealth central remote server.

Network of many bots create a Botnet which is launched broadly for controlled flood of attacks such as DoS (Denial of Services) and DDoS (Distributed Denial of Services) for consuming the network resources with intent to prevent the legitimate users from access of a specific network.

Classical example of Bot malware is Mantis Botnet which have the capability to generate 26 Million HTTPs requests/second using just a fleet of 5000 bot network with an average of 5200 HTTPs requests/bot per second and this can easily create a havoc of DDoS attack.

Graph showing the Mantis botnet attack service (Source: CLOUDFLARE)

Graph showing the Mantis botnet attack service (Source: CLOUDFLARE)

 

WIPER MALWARES

A wiper is malware type with a sole purpose to erase user data and ensure it can’t be recovered by any methods. Wipers are used to take down computer systems and networks in public or private firms across various sectors. Threat actors also use wipers to cover up traces left after an intrusion, weakening their victim’s ability to respond. These malwares use the binary 0s and 1s to wipe the data completely.

Classical example of Wiper malware is Shamoon which have the capability to attack 32bit version of Microsoft Windows Million infects using network of machines and systems. This malware gave the access of all the files and Master File Table to the attacker which once deleted & overwritten can not be recovered by any forensic methods. This virus attacked 30,000 Saudi Armaco workstations.

TROJANS

A Trojan can camouflage itself as an enviable code or software. Once downloaded by the users, Trojan can take authority of victims’ systems for malicious purposes. Trojans may hide in games, apps, or even software patches, or may be embedded in attachments included in phishing emails.

Classical example of Trojan is the Storm Trojan by Russia attack over the Microsoft Windows backed computer systems in Europe and USA in 2007. Mode of spreading the Trojan horse was Phishing emails related to disaster alerts.

CONCLUSION

Malware or Malicious Software is the umbrella for many for various software and code including Viruses, Worms, Trojan horses, Botnets, Wipers, Ransomwares & many more if installed onto the system can seriously compromise the cybersecurity as well as the privacy of the user. Major issues relating to the malwares is foremost that they are being often integrated & bundled with other legitimate softwares thereby get auto-installed without the notice of user & once installed it is a cumbersome process to get rid of it. Major IoC (Indicator of Compromise) for malware attack are poor system performance, ads popups without user consent, Browser opens automatically to view unexpected pages and advertisements, delayed computer responses. To prevent malware attacks up to a limit a person must not open illegitimate links or use CDs/DVDs bought from local markets & should not download inks from alluring mails.

image
Graph showing the Mantis botnet attack service (Source: CLOUDFLARE)
 
WIPER MALWARES

A wiper is malware type with a sole purpose to erase user data and ensure it can’t be recovered by any methods. Wipers are used to take down computer systems and networks in public or private firms across various sectors. Threat actors also use wipers to cover up traces left after an intrusion, weakening their victim’s ability to respond. These malwares use the binary 0s and 1s to wipe the data completely.

Classical example of Wiper malware is Shamoon which have the capability to attack 32bit version of Microsoft Windows Million infects using network of machines and systems. This malware gave the access of all the files and Master File Table to the attacker which once deleted & overwritten can not be recovered by any forensic methods. This virus attacked 30,000 Saudi Armaco workstations.

TROJANS

A Trojan can camouflage itself as an enviable code or software. Once downloaded by the users, Trojan can take authority of victims’ systems for malicious purposes. Trojans may hide in games, apps, or even software patches, or may be embedded in attachments included in phishing emails.

Classical example of Trojan is the Storm Trojan by Russia attack over the Microsoft Windows backed computer systems in Europe and USA in 2007. Mode of spreading the Trojan horse was Phishing emails related to disaster alerts.

CONCLUSION

Malware or Malicious Software is the umbrella for many for various software and code including Viruses, Worms, Trojan horses, Botnets, Wipers, Ransomwares & many more if installed onto the system can seriously compromise the cybersecurity as well as the privacy of the user. Major issues relating to the malwares is foremost that they are being often integrated & bundled with other legitimate softwares thereby get auto-installed without the notice of user & once installed it is a cumbersome process to get rid of it. Major IoC (Indicator of Compromise) for malware attack are poor system performance, ads popups without user consent, Browser opens automatically to view unexpected pages and advertisements, delayed computer responses. To prevent malware attacks up to a limit a person must not open illegitimate links or use CDs/DVDs bought from local markets & should not download inks from alluring mails.