What is Malware (Malicious Software)?
2022-1-29 06:4:5 Author: www.sentinelone.com(查看原文) 阅读量:17 收藏

Any individual or enterprise can fall victim to cybercriminal attacks. It has never been more crucial to keep your data safe.

While some new technology has made life easier, it has also created new challenges. In the case of the internet, perhaps chief of all those challenges is the threat of malware whether you’re a user of Mac, Windows, Linux, or mobile devices.

Malware Definition

Malware, or malicious software, is a broad term that describes any code or software used with malicious intent against an individual computer, network, or server. “Malicious intent” is a general term, but in the context of cybersecurity, it can include stealing personal information, damaging or disabling computers and other devices, hijacking someone’s computer to mine bitcoin and other cryptocurrencies, and even stealing financial assets.

How Does Malware Spread?

There are many types of malware. Cybercriminals have created countless creative ways to infect devices with malware.

The most common ways malware tends to infect your computer are through phishing emails, malicious advertisements, fake software installations downloaded from the web, SMS text messages, malicious apps, and infected USB drives.. Whenever you’re online, you’re at risk of malware infection, though the extent of that risk varies depending on the situation.

A Brief History of Malware

The modern concept of a “computer virus” didn’t originate from something with malicious intent. Over the past six decades, scientists and engineers have contributed – whether knowingly or not – to creating malicious software as we know it, evolving from harmless experiments to malicious digital plagues requiring increasingly sophisticated antivirus programs and other cybersecurity systems to defend against them.

John von Neumann

The scientist, John von Neumann, is credited with introducing the theoretical concepts that would later lead to the development of malware. In his paper, “Theory and Organization of Complicated Automata,” published in 1966, von Neumann discusses the concept of self-replicating computer programs. The paper was a kind of experiment, and von Neumann’s designs for a self-replicating computer program were not created with malicious intent.

The Creeper Program

In 1971, Bob Thomas created a program called the “Creeper.” He designed it to test computer security systems and see if a self-replicating computer program was possible. The Creeper worked by moving from computer to computer, attaching itself to new drives while detaching itself from its previous host. When it was successful, it displayed a message on the screen of the infected computer that said, “I’M THE CREEPER. CATCH ME IF YOU CAN!”

The Rabbit Virus

In 1974, the first computer virus, called The Rabbit Virus, was created. Once it infected a computer, it would replicate itself until it caused the computer to crash. It was named the “Rabbit Virus” for the speed of its replication process.

The First Trojan

Computer programmer John Walker created the first Trojan, a virus that sneaks onto a computer by either posing as or piggybacking onto useful software. Once installed on a computer, it reveals itself as malicious. Walker created the first Trojan, called ANIMAL, in 1975.

Floppy Disks

Although floppy disks were not originally developed with this function in mind,  in the 1980s, viruses commonly spread via infected floppy disks.. Programs like Brain and Elk Cloner could spread by installing themselves on computers once a floppy disk was inserted into them (usually the A or B drive). Brain and Elk Cloner were relatively harmless, but the methods by which they spread and propagated laid the groundwork for the design of modern malicious software. Programs like these first inspired Frederick Cohen and Len Adlemanthe to coin the phrase “computer virus” in 1983.

The 1990s and beyond

As personal computers became more popular, programmers began experimenting with new ways to use computer programs. Early malware could be as simple as malicious code hiding in a Microsoft Word document to more sophisticated, socially-engineered programs that would pose instant messaging (IM) users or web ads that trick users into downloading malware. Cybercriminals used similar tactics with email, and later social media. When smartphones became popular, hackers and scammers developed viruses for them as well.

How to Tell If You’ve Been Infected with Malware

There are many different ways to tell if your device is infected with malware, depending on the type of malware and which device is infected.

Some signs to look out for:

  • Your device slows down. Slower performance can mean that your hard drive is running out of memory, that you have too many programs running, that you need more RAM, or that your computer or device is infected with malicious software. Poorer than usual performance is a dead giveaway that something is wrong.
  • You are being plagued with annoying pop-up ads. Nobody likes annoying ads. It’s generally a good idea to avoid clicking any pop-ups you see on any website; they’re often a front for malicious software like adware or worse. If you see a lot of pop-up ads at unexpected times – especially if you don’t have a web browser open or are disconnected from the internet, you have likely been infected with malware.
  • Your internet browser redirects you to a web page you didn’t choose. If this happens, clear your browser’s cache and run a virus scan, and don’t log in to any web pages that contain sensitive information you wouldn’t want in the hands of a hacker.
  • Anything else that seems strange. If your computer behaves in irregular or unpredictable ways, play it safe. Assume that it’s been infected with malware and take the necessary steps.

Common Types of Malware

Spyware

Spyware is a type of malware that infects computer systems or other devices with a goal of stealing private information. While it usually targets users of desktop computers, mobile devices can be infected as well. Spyware can infect machines by exploiting security vulnerabilities, but it can also infect devices by tricking users into downloading harmful files via phishing, clickbait, downloading free software bundles or through Trojans, and many other ways.

Password stealers

Spyware can also be used to steal passwords from infected computers via malicious software. These may include login credentials for various websites, login passwords for offline software, and even critical system credentials.

Keyloggers

Sometimes called system monitors, spyware can take the form of malicious software that tracks keystrokes to steal passwords, spy on which websites you visit, steal your search history, and many other things that can be harmful to your computer or to your personal information.

Mobile spyware

Malicious software can target Android, iPhone, and other mobile devices to steal or spy on SMS text messages, emails, call logs, audio phone conversations, voicemails, and even your physical location. With work from anywhere, BYOD, and accelerating mobile malware attacks, mobile threat defense has quickly become a key part of a cohesive security strategy for all organizations.

Ransomware

Ransomware is a type of malware that locks you out of your device through encryption,, then demands payment (ransom) in exchange for returning access to you.

Ryuk

A recent example of ransomware was Ryuk, a virus that targeted large businesses, demanding high ransoms in the form of cryptocurrency to release the hijacked systems. The virus is attributed to the cybercriminal group CryptoTech.

Trojans

Trojans, or Trojan Horses, are a type of malicious software that disguises itself as legitimate software to gain entry to your computer, similar to how Greek soldiers snuck into the city of Troy in Homer’s The Iliad.

Mobile Trojans

Mobile Trojans can look like legitimate apps and programs. They’re often encountered in unofficial or pirated app marketplaces. Once they gain access to a mobile device, they can steal files, infect a computer network, extort users via ransomware, or spread to other devices.

Trojan Spyware

Trojans can be used to install spyware on your computer or device.

Adware

Adware is a type of malware that, once installed, causescountless ads to pop up on your screen unprompted. These ads may or may not seem legitimate and may contain additional malware.

Worms

Like the “Creeper” program, worms are malicious software that copy themselves as they move from one device to another. They typically spread by exploiting security vulnerabilities and don’t necessarily involve interaction with a user.

Rootkit

Some malicious software, called rootkit malware, can gain access to a computer or similar device in order to give the attacker administrative access. This allows them to make critical changes to a computer system, network,  or gain access to files the user wants to keep hidden or secure.

Fileless

Fileless Malware is a type of cyber attack that uses legitimate programs within a computer to execute malicious code or steal information. It’s challenging to track because it doesn’t install malicious software. Instead, it executes commands used by programs that come installed on a computer, so most antivirus programs mistake it for harmless activity by the device’s operating system or other benign software.

Cryptojacking

Cryptojacking is the process of installing malware that hijacks your computer’s processing power to mine bitcoin or other cryptocurrencies for the benefit of the hacker. This can lead to severe system slowdowns and even crashes.

How to Remove and Protect Yourself From Malware

If you find yourself with a malware problem, it may be time to re-evaluate your cybersecurity needs. Some best practices to consider:

  1. Streamline your defenses using an advanced endpoint detection and response (EDR) security solution like SentinelOne’s Singularity Complete platform.
  2. Use an enterprise protection solution that works in both cloud and hybrid environments.
  3. Rely on proven cybersecurity solutions that provide measurable results.

SentinelOne can help defend against advanced cybersecurity threats. You can request a demo of SentinelOne to see us in action and learn more about the Singularity Platform. SentinelOne’s cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous platform.


文章来源: https://www.sentinelone.com/blog/cybersecurity-101-malware/
如有侵权请联系:admin#unsafe.sh