4/12/2012

Types of Viruses, Malware, and Spyware: Know the threats to your computer


mouse navigating through threatsYou have Antivirus. It is current and updates daily.  You run Spyware Scans once a week.  But are you really safe?  A little education may help.

Here is a Quick Virus/Spyware 101:
  • Virus
    • Attaches itself to a program or file.
    • Requires human interaction or an action to spread.
    • Replicates itself.
    • Spreads to other computers.
Let's go over the misuse of the word “virus.”  There are programs that get labeled as viruses but don't have Reproductive Ability.  There are also programs that are used to generate profit for the programmer without charging the user.  These Programs might have a banner or advertisement displayed or popped up.  As annoying as this is, you have the option to purchase the full program which would not have the advertisements. Advertising does not necessarily equal a virus.

  • Adware/Malware/Spyware
    • Is it Legal or Illegal?
      • They say nothing good in life is free.  Not really true, but not really false.  Malware/ Adware are ways for Programmers to make money on their programs.  This is called Shareware.  So when you download a free Program, yes you should read the Term & Conditions.
      • That was then this is now.  These programs track your actions or display Banners.  "Spyware" is now the single largest problem facing internet users today.
    • These little programs turn your Computer into a “Live Server Transmitting data to a Home Base.”  The banners or links in the software can misdirect you to advertiser’s sites, or worse, to an attacker’s site.
    • So like most things that may have once had a useful purpose, they can be turned into something bad.  Your computer is also taking a hit.  Performance, unwanted redirections, as well as accessing your personal information affects you and others. 

  • Worm
    • A type of Virus that can spread on its own by using resources available:
      • Network/Internet
      • Memory Stick
      • Email
  • Trojan Horse
    • Looks like a legitimate program but once it is run it can wreak havoc on your system as well as deliver a Package.
  • Backdoor
    • Usually delivered by a Trojan, it can allow malicious users access to your system.
  • Keystroke Logger
    • Captures your keystrokes.  Mainly for personal information, credentials used to access your computer, banking account, credit card Info as well as just to see what you are doing.
  • Zero Day
    • Holes or vulnerabilities in Operating System (OS) or known “good” programs are exploited before they are discovered by the developer or a patch can be deployed.
  • Phishing
    • This is an attempt to get credentials to a legitimate site by create a fake lookalike.
    • Usually delivered by email or instant message link. 
  • Denial of Service
    • The intent is to render a computer or site inaccessible to users trying to access it.  (This is usually not a personal computer issue.)
  • Port Scanners
    • Your computer, network, and internet work by using ports.  Programs use these ports.   A Port Scanner looks for open ports and software vulnerabilities through which it can access your computer and network. 
  • Bottle Necks
    • Floods or slows down the speed of your network.

Application (Apps) and Operating System (OS) Vulnerabilities
Applications are well tested but hackers are well versed.  They find holes and that is where the importance of updates comes in.  You should always run your OS and Application Updates because for the most part this is how the Programmer can fill these vulnerable gaps in their software.

Single Virus
Usually Antivirus programs or Spyware scans will pick up and remove a single virus.  When the user receives an email, inserts a USB Key, or clicks a link on a site, that triggers the active Antivirus or Spyware program into action.
If you don’t have these programs in place, that’s part of your problem.    

Blend Threats
Now the real threat is a Blend attack that combines the worst aspects of viruses, worms, and Trojan horses into one single attack.
As a technician, this is what I see the most.  We are usually called in when a system or network has been rendered useless.

Summary
This article was designed to give you an overview of the possible threats your computer system and network have to contend with.  Below are some resources that can give you a more detailed look into these areas.


Resources:

(Thanks to our in-house virus expert, Riley, for this educational post!)

No comments:

Post a Comment