All malware
is bad, but some types of malware do more damage than others. That
damage can range from loss of files to total loss of security — even
outright identity theft.
Overwriting Viruses.
Some viruses deliver a payload that causes certain types of files to be deleted — sometimes even the entire drive contents. But as bad as that sounds, if you act quickly the odds are good you'll recover the deleted files. Overwriting viruses, however, write over the original file with their own information. Because the file has been modified or replaced, it can't be recovered. Overwriting viruses tend to be rare; their own damage is responsible for their shorter lifespan. Loveletter is one of the better-known examples of malware that included an overwriting payload.
Ransomware trojans encrypt data files on the infected system, then demand money from the victims in exchange for the decryption key. This type of malware adds insult to injury — not only do you lose access to your own important files, but you also become victim to extortion. Pgpcoder is perhaps the best-known example of a ransomware Trojan.
Password Stealers.
Password-stealing Trojans harvest login credentials for systems, networks, FTP accounts, email, games, as well as banking and e-commerce sites. Many password stealers can be repeatedly custom-configured by attackers after they've infected the system. For example, the same password-stealing Trojan infection could first harvest login details for email and FTP, then a new config file sent to the system which causes it to turn attention to harvesting login credentials from online banking sites. Password stealers that target online games are perhaps the most commonly talked about, but by no means are games the most common target.
Keyloggers
In its simplest form, a keylogger Trojan monitors your keystrokes, logging them to a file and sending them off to remote attackers.
Some keyloggers are sold as commercial software — the type parents
might use to record their children's online activities or a suspicious
spouse might install to keep tabs on his or her partner.
Keyloggers may record all keystrokes, or they may be sophisticated
enough to monitor for a specific activity like opening a web browser
pointing to your online banking site. When the desired behavior is
observed, the keylogger goes into record mode, capturing your login
username and password.
Backdoors
Backdoor Trojans provide remote, surreptitious access to infected systems. Put another way, it's the virtual equivalent of having the attacker sitting at your keyboard. A backdoor Trojan can allow the attacker to take any action you, as the logged-in user, would normally be able to take. Using this backdoor, the attacker can also upload and install additional malware, including password stealers and keyloggers.
Rootkits
While thought to be more theory than practice, this form of hardware
targeting malware is perhaps the most concerning. Bootkits infect flash
BIOS, causing the malware to be loaded even prior to the OS. Combined
with rootkit functionality, the hybrid bootkit can be near impossible for the casual observer to detect, much less to remove.
The Best Defense
Routinely scan your computer for malware and take appropriate steps to protect yourself, including:
- Using strong passwords that don't repeat across sites
- Installing anti-malware software and keeping it updated
- Regularly installing security patches for your computer's operating system
- Don't click suspicious links in email or on websites
Comments
Post a Comment