Malware is a short form of Malicious software. As the name implies that it’s a legitimate code doing illegitimate things. They are intentionally created to cause severe damage to a targeted system and perform a variety of functions such as stealing, encrypting, deleting, altering any sensitive data’s or hijacking and monitoring user’s computer activities without their knowledge or permission.
There are different kinds of Malware. They are Computer Viruses, Worms, Trojan Horse, Ransomware, Spyware, Adware, Rogue Software, Scareware, Spam (or) Junk, Bots, Fileless Malware.
Earthweb’s statistics indicate that in 2023, there has been significant growth in malware incidents both in the United States and worldwide. These statistics provide valuable insights into the evolving landscape of cybersecurity threats.
Classifications of Malware :
A Virus is a small piece of malicious software code that can repeat itself and spreads from one host to another host by attaching itself. Initially, the Virus will in the Dormant phase until the file is opened and use. Viruses are designed to disrupt a system’s ability to operate. As the impact of these viruses can cause the risk of losing confidential data and system failures.
Ex: Blaster, Slammer, Nimda, Code-Red, Creeper.
Worms are self-replicating malware and spread to any device within the network. Worms cause at least some harm to the network, Whereas viruses always corrupt or altering any sensitive files on a targeted computer.
Ex: Morris worm, Daprosy worm, Kak worm.
Trojan Horse Virus:
A Trojan horse is a kind of malware that is designed to perform one function like virus removal but actually performs a malicious activity while executing. Once the user downloads it, the Trojan virus can gain access to the particular targeted system and performs its function Like accessing the file, altering or deleting the data. Unlike normal viruses and worms, Trojan viruses are not designed to self-replicate.
Ex: Gov-ware Trojan, Trojan-banker, Trojan DDOS, Trojan-Downloader, Trojan-Dropper.
Ransomware is a kind of cyber-attack that demands payments after launching a cyber-attack on a computer system for exchanging the decryption keys. Generally, it’s a part of a phishing practice and it becomes increasingly popular among cybercriminals and costs the organization millions each year. When the attacker receives payment, the data is unlocked.
Ex: Wanna cry, Crypto-Locker, LOVE Ransomware.
Adware is software that displays unwanted and multiple ads. The main objective of the adware is to collect information from the users without showing its presence in the system. Also, it’s used for marketing purposes and can slow down your computer. Mostly it can be done by using a cracked version or free version software.
Ex: Un-closable windows.
Spyware is unwanted software that infiltrates your computing device, stealing your browsing history, and sensitive information.
In general, it’s the act of gathering the user’s information or computer activity without their knowledge and handover it to advertisers or external users.
Ex: Tracking cookies, Boot-kit, Root-kit, Keyloggers, Sys monitors.
Rogue software is also a kind of malware that is designed specifically to damage or disrupt a computer system, in the form of Internet fraud using computer malware to trick users into revealing financial and social account details. As their name suggests, these fraudulent programs go “rogue” on the internet, appearing in simple internet searches and on social networks.
Ex: PCSecure-System, Antivirus-Master, Spy-Marshal.
Scareware uses social engineering platforms to take advantage of a user’s fear, coaxing them into installing fake anti-virus software. It’s a tactic that manipulates users into believing they need to download or buy malicious, useless software. Generally, it’s initiated by showing some unwanted pop-up ad, etc.,
Ex: AdwarePunisher, SpySheriff.
Spam or Junk:
Spamming is the use of messaging systems for delivering unwanted emails to a large number of internet users. The main purpose of spamming is to phishing, creating a nuisance, and commercial advertising.
Ex: Instant Messaging, Email Messaging.
A bot is a self-propagating malware that attacks the central server and it uses a large number of networks to infect, generally they are called a botnet. The botnet is a combination of Robot + Network. They are automated programs like a crawler, spider. Often, a botnet is used to overwhelm systems in a distributed-denial-of-service attack (DDoS) attack.
Ex: Credential stuffing, Open back doors on the infected host, Email harvesting.
Fileless malware isn’t really a different category of malware, but more of a description of how they exploit and persevere. Simply it’s an attack that occurs by methods such as embedding malicious code in scripts or loading malware into memory without writing to disk.
Ex: Windows registry manipulation, Memory code injection, Script-based techniques.
Also Read: Osquery for Cyber Incident Response