Malware 101: The Common Types, And What You Can Do About Them

A 2020 cybersecurity report shows that we are seeing a decline in malware attacks
for the first time since 2016. That sounds like good news until you see the number
behind this.

Dropping from 10.5 million attacks in 2018 to 9.9 million in 2019 shows an OK
decline, but we are not out of the waters yet. We could argue that these threat actors
are going for more complex attacks than relying on volume alone.
No matter how you look at it, a lot of work still needs to be done in protecting against
malware. Today, we discuss the different forms of malware to worry about and how
to nip them in the bud.

Common Malware Types

This is, by no way, an extensive list. It, however, details some of the most severe
malware types out there. Check them out below:

Viruses

Computer viruses are so common, and many people report all kinds of malware to
be viruses. That could not be farther from the truth.

A computer virus is notorious for infecting other files that it comes in contact with.
This makes it very hard to clean up this kind of malware unless you can determine
the exact depth of the damage that it has done to the files.

Viruses are unique in that they need the end-user to kick off the action. This could
mean installing a piece of malicious software, connecting to a public Wi-Fi network
over which a virus packet is deployed, etc.

Fix/ Prevention

● Install antivirus software to keep computer viruses at bay.

● Update your antivirus software regularly so that you are protected against the latest

virus definitions.

● Install a VPN for security over public/ free Wi-Fi networks.

● Don’t install apps from untrusted sources.

● Only download files from trusted sources also.

Worms

Worms are one of the most notorious malware types and have been here even
longer than viruses. Unlike viruses, they don’t need you to do anything before they
swing into action. This makes them very deadly in their own right too.

Worms attack the roots of your computer file systems, targeting other programs that
it can take over as it continues its spread.

Just like a real-life worm, this kind of malware will keep burrowing onto other
programs and systems as long as it has access. That is why a single worm can
infect all the computers on a single network, no matter where they are in the world.

At the same time, worms can also be deployed against specific vulnerabilities in
operating systems.

Fix/ Prevention

● Always download and install device updates as soon as they are out.

● Always upgrade your software, programs, and apps to the latest version.

● Always scan your email attachments before downloading them.

● Beware of downloading files in emails, especially from unsolicited sources.

● Never install apps, programs, or software from untrusted sources.

● Avoid free software from untrusted marketplaces.

● Install an antivirus, and schedule regular computer scans.

Ransomware

Ransomware attacks have seen an uptick in recent times, and the reason for that is
not so far-fetched.

We are at a time and age where data is critical. When threat actors take over that
data, that is never good news for the victim.

For one, they risk the data of their clients and other confidential information being
sold on the open web. They could also not get that data back if they refuse to play to
the ransomware attacker's requests. That is not to mention the reputational damage
from the disclosure of such a hack.

This landed some executives at Uber in hot water after they were found paying
hackers responsible for breaching about 57 million accounts of riders and drivers.

Unfortunately, paying the ransom is not a guarantee of good faith from the attackers.

In about 30% of all ransomware cases, the victims didn't get their files back even
after paying the ransom. In other cases, the hacker would have already made a copy
of the files for themselves. They can sell such on the black market to drive twice a
good payday.

Fix/ Prevention

● Always keep two backups of ALL sensitive and essential files – one online and one

offline backup.

● Never pay a ransomware fee.

● Wipe the entire system to lock the hacker out and restore it from backup.

● As soon as a ransomware attack is discovered, all sensitive files not already

compromised should be secured.

Adware

Adware is a fast-growing kind of malware and is one that most people will come
across. You might even be lucky enough to only suffer from adware.

When infected with adware, the program tries to direct the user to websites and
platforms with compromised ads. Clicking on those ads will lead the user to a
malicious website, download malicious codes onto their computer, or launch the start
of a social engineering hack.

No matter which is it, it is never good.

The aim of most adware attacks is not to fleece the unsuspecting user of their money. The actors behind such attacks are usually more interested in abusing the pay per click/ pay per view advertisement money they get from ad partners.

Thus, they would be robbing the victim of an organic search and internet experience.
After all, they can now manipulate what the user sees when they are surfing the web.

Fix/ Prevention

● Avoid downloading cracked installers, key generation apps, and such other programs

over the internet.

● Only download browser extensions from trusted vendors.

● Ignore rogue ads and popups on websites. Install an ad/ popup blocker to catch most

of these for you.

● Go for trusted internet browsers to access the internet.

Spyware

This is a two-edged sword, and we will discuss why.

Spyware is vital for parents and guardians who want to keep an eye on their loved
ones' online activity. These pieces of software can also be installed by a social circle
to keep tabs on one another.

However, in the hands of threat actors, the narrative changes.

Spyware can be used to snoop in on the victim's private lives without their
knowledge at all. The hacker can now see everything from their location to what they
do on the internet/ in their privacy.

Worse still, spyware can be used to deploy keyloggers that track strokes made on
the computer. Analyzing such strokes yields important passwords, login information,
credit card details, etc.

Fix/ Prevention

● Scan links in emails and texts with a malware scanner before clicking on them.

● Choose to enter links in your browser manually rather than clicking through from

texts and messages.

● Scan all files (mostly when downloaded over the internet) for malicious intent before

opening.

● Vet your apps, programs, and software before downloading/ installing them.

● Be wary of files distributed outside of the official app stores of your computer.

● Create a secure password for your devices. This will prevent physical access and

installation of spyware on your device.

Malvertising

This one bears semblance to adware, but they are not the same at all.

Under malvertising, the threat actors deliver illegitimate ads using legitimate ad
networks. Those ads contain malicious code that infects the user's computer once
they click on such ads.

Speaking of clicks, we have also seen cases of 'drive-by' malvertising, where the
user does not need to take any action before getting infected. They have to load the
ad and see it, and the code activates on their computers.

Malvertising is a serious issue because the ads can be served on websites with a
vast followership and traffic base. For example, the New York Times and the London
Stock Exchange has, at some point, been used as vectors to carry such malicious
ads to their network of broad audiences.

Fix/ Prevention

● Don’t buy into gift card scams on websites. Most of these are only interested in

stealing the personal data that you so willingly provide.

● Don’t enter your financial data on shady websites.

● Remember that no legitimate organization will ask for your credit card details before

you claim any supposed reward.

● Install antivirus software on your device.

● Keep all of your internet browsers and web assets updated.

● Avoid the use of Adobe Flash and Java on your browsers.

Final words

As you saw, there are many types of Malware but by following the tips we have
mentioned, you are ensured to be protected and secured from them. We hope and
recommend you look into them and stay safe out there!