Malware is short for malicious software, meaning several types of malicious codes created by cybercriminals that can be used to gain illegal access to computing devices, steal personal information, spy without the user intent and much more. This post will define several of the most common types of malware and provide a brief description of each.
Adware is short for advertising-supported software. This type of malware delivers advertisements automatically. Commonly adware includes pop-up ads on websites and advertisements that are displayed by the software. This kind of software and applications usually offer “free” versions that come bundled with adware. Adware slows down web pages loading, degrades system performance, modifies programs by inserting special scripts.
Bots are software programs created to automatically perform specific operations. While some bots are created for relatively harmless purposes (video gaming, internet auctions, online contests, etc), it is becoming increasingly common to see bots being used maliciously. Bots can be used in botnets (collections of computers to be controlled by third parties) for DDoS attacks, as spambots that render advertisements on websites, as web spiders that scrape server data, and for distributing malware disguised as popular search items on download sites.
In the context of software, a bug is a flaw produces an undesired outcome. These flaws are usually the result of human error and typically exist in the source code or compilers of a program. Minor bugs only slightly affect a program’s behavior and as a result, can go for long periods of time before being discovered. More significant bugs can cause crashing or freezing. Security bugs are the most severe type of bugs and can allow attackers to bypass user authentication, override access privileges, or steal data.
Ransomware is a form of malware that essentially holds a computer system captive while demanding a ransom. The malware restricts user access to the computer either by encrypting files on the hard drive or locking down the system and displaying messages that are intended to force the user to pay the malware creator to remove the restrictions and regain access to their computer. Ransomware typically spreads like a normal computer worm (see below) ending up on a computer via a downloaded file or through some other vulnerability in a network service.
A rootkit is a type of malicious software designed to remotely access or control a computer without being detected by users or security programs. Once a rootkit has been installed it is possible for the malicious party behind the rootkit to remotely execute files, access/steal information, modify system configurations, alter software (especially any security software that could detect the rootkit), install concealed malware, or control the computer as part of a botnet. Rootkit prevention, detection, and removal can be difficult due to their stealthy operation. Because a rootkit continually hides its presence, typical security products are not effective in detecting and removing rootkits. As a result, rootkit detection relies on manual methods such as monitoring computer behavior for irregular activity, signature scanning, and storage dump analysis.
Spyware is a type of malware that functions by spying on user activity without their knowledge. These spying capabilities can include activity monitoring, collecting keystrokes, data harvesting (account information, logins, financial data), and more. Spyware often has additional capabilities as well, ranging from modifying security settings of software or browsers to interfering with network connections. Spyware spreads by exploiting software vulnerabilities, bundling itself with legitimate software, or in Trojans.
A Trojan horse, commonly known as a “Trojan,” is a type of malware that disguises itself as a normal file or program to trick users into downloading and installing malware. A Trojan can give a malicious party remote access to an infected computer. Once an attacker has access to an infected computer, it is possible for the attacker to steal data (logins, financial data, even electronic money), install more malware, modify files, monitor user activity (screen watching, keylogging, etc), use the computer in botnets, and anonymize internet activity by the attacker.
A virus is a form of malware that is capable of copying itself and spreading to other computers. Viruses often spread to other computers by attaching themselves to various programs and executing code when a user launches one of those infected programs. Viruses can also spread through script files, documents, and cross-site scripting vulnerabilities in web apps. Viruses can be used to steal information, harm host computers and networks, create botnets, steal money, render advertisements, and more.
Computer worms are among the most common types of malware. They spread over computer networks by exploiting operating system vulnerabilities. Worms typically cause harm to their host networks by consuming bandwidth and overloading web servers. Computer worms can be classified as a type of computer virus, but there are several characteristics that distinguish computer worms from regular viruses. A major difference is that computer worms have the ability to self-replicate and spread independently while viruses rely on human activity to spread (running a program, opening a file, etc). Worms often spread by sending mass emails with infected attachments to users’ contacts.
Daily virus scan is provided with all our shared hosting plans. We can review and identify threatening viruses and programs at your website, through the use of powerful anti-virus software.
Hostimul uses the latest hardware appliances and security technologies to protect also your web applications, websites, servers, and IT infrastructure from DDoS attacks. Our automated system recognizes almost all attack patterns in advance, allowing it to block them effectively.
Computers that are infected with malware can exhibit any of the following symptoms:
- Increased CPU usage
- The slow speed of computer or web browser
- Problems connecting to networks
- Freezing or crashing
- Modified or deleted files
- The appearance of strange files, programs, or desktop icons
- Programs running, turning off, or reconfiguring themselves
- Strange computer behavior
- Your friends receive email messages from you that you did not send.
Malware Prevention and Removal
Don’t panic if you experience any of the above. You may have not a malware, but hardware or software problem.
First, scan the whole computer. In case a malicious program is found, follow the guidelines provided by your Internet security vendor. Good security programs provide the option to disinfect infected objects, quarantine objects that may be infected, and delete malicious software. They also create a report file that lists the names of infected files and the malicious programs found on the computer.
If your Internet security software doesn't find anything, your machine is probably not infected. Check the hardware and software installed on your computer (remove any unlicensed software and any junk files) and make sure you have the latest operating system and application patches installed.