image from malware-help.com
You can call it virus, trojan or worm. Collectively these are classified as malware. Malware is a program intended to do damage in your computer system. They are designed to prank, hack, destroy or steal your data. Malware creators are becoming more sophisticated in scaping detection and law suits that they also have the gall to boast what they did by leaving a note on your site. With businesses going online, we have to establish a reputation as a trusted site -specially if online payments are to be made. What are the types of malware we have to prepare for? What are they capable of?
Viruses and Worms
Viruses are the only types of malware that can replicate itself through running executable (.exe) files. On the otherhand, worms automatically spread-out to infect other computers over the network. They contain payload for the infected file to do actions, often categorized as malicious. In short, a virus can be contained as long as the infected file is not running or is quarantined immediately. Viruses can only be spread with active user intervention such as copying of files, sending email and network sharing. Worms are formed not within files but in vulnerable parts of the server and can run by itself without any user intervention. For medium to large computer networks, full system scanning and cleaning must be done at least once week. Avoid shared USB’s shared from public places such as internet cafes. If you can’t avoid recieving data from outside source, then have a trusted anti-malware software to protect your computer.
Trojan Horse
I heard about this the first time in high school and it only reminds me of that Greek myth. True enough, a trojan is a program file meant to entice the user to download and run it while containing hidden payload (programmed instructions). The payload may take effect immediately or sometime after the trojan is installed in your system. It can make suspicious actions such as trashing of files, duplicating files and program malfunction. Trojans in general are used as a container of worms. This is the most common practice for distributing spyware in form of a free application downloaded by users online. They also come with a end-user aggreement which explains some spyware behavior which most of us do not read.
Rootkit
This is a more complicated form of concealment. Rootkits modify the infected hosts’ operating system in order to scape detection from any running AV security you have. Your security system has a list of processes categorized as “suspicious”. Rootkits prevents your system from detection by keeping its host files not included the said list. Usually this malware is installed by the attacker in order to gain administrator or root access in your system. They also have the capability of not only to hide but to repel any attempts to remove them. Once you successfully “slain” a rootkit file, they can “reborn” themselves out of the slain file in split seconds. The best for your IT is to kill both slain and ghost malware successively; or deliberately crash the whole system and then reboot.
Backdoor
These are installed prior to an attack. They provide a method to bypass any authentication required by your system. After the system is threated, backdoors provide an easy access for future attackers; even if a more tight security measure is programmed in your computer after the previous attack.
Spyware
Are commercially produced programs with an intention to harvest information from your website or computer. Generally phishing deploys the use of sypware. They can alter OS behavior and even search engine results. They also modify merchant codes such as online sales or affiliate marketing comissions to redirect the payments to the spyware source.The only difference from trojans is that spyware is openly advertised through banner and pop-out ads. Spyware creators usually scape legal impediments through the end-user agreement most of us acknowledge without reading it thoroughly.
Another effect of spywares is having the hacker control the computer or the website accounts of the end-user. The zombie account may act as a proxy IP address to send out spammy messages to email contacts under the victims’ usernames. It is not rare to see emails from any of your email contacts with contents that are suspicously sent. Once you contact the recipient, they will most likely to deny they sent such message.
Data Thieves
This is a web threat of stealing information such as credit card and password numbers and monetize it in the underground distributions. Data-stealing malware is a combination of other types of malware plus made more stealtier to scape search engine and security detection. Millions of dollars worldwide are already lost from legitimate businesses attacked by this type of malware. Also under this type are key loggers, identity thieves and bots (ro-bots).
Like any other risks we face in our lives, malware should not be feared but rather faced objectively. As our business becomes technologically enhanced, we have to know what exactly the threats there are. With proper security measures and online work integrity, we should be be able to prevent and treat such attacks, so that your website will be worthy for users’ trust. Stay tuned for the next part of this post: Prevention and Treatment.
——————-
Maribeth Oliver is a home-based micro-entrepreneur, writer and a mom.
Trackbacks/Pingbacks