Wednesday, March 14, 2012

Understanding Different Types of Malware

You may have probably heard of the term malware, virus, trojan, keylogger, worm, backdoor, bot, rootkit, ransomware, adware, spyware and dialer but wonder what are the differences as you may probably only know about virus. Basically malware is short for Malicious Software where all of the terms above falls into this category because they are all malicious. The different term being used instead of just plain virus is to categorize what the malicious software is capable of doing. For example, a keylogger steals whatever that is typed on your keyboard and sends it to the hacker, a trojan opens up a backdoor allowing the hacker to gain full access to your computer and etc.
Using “virus” as a catch-all phrase to include all types of malware is no longer accurate. The correct word to use should be malware. However don’t expect the big anti-virus companies to rebrand their products to Kaspersky Anti-Malware or Bitdefender Anti-Malware because doing that may risk losing their brand identity even if they actually a complete anti-malware solution. Here is a complete explanation on every malware terms.

Virus
A computer virus spreads on its own by smuggling its code into application software. The name is in analogy to its biological archetype. Not only does a computer virus spread many times and make the host software unusable, but also runs malicious routines.
Trojan horse/Trojan
A Trojan horse is a type of malware disguised as useful software. The aim is that the user executes the Trojan, which gives it full control of your PC and the possibility to use it for its own purposes. Most of times, more malware will be installed in your system, such as backdoors or key loggers.
Worm
Worms are malicious software that aim at spreading as fast as possible once your PC has been infected. Unlike viruses, it is not other programs that are used to spread the worms, but storage devices such as USB sticks, communication media such as e-mail or vulnerabilities in your OS. Their propagation slows down performance of PCs and networks, or direct malicious routines will be implemented.
Key loggers
Key loggers log any keyboard input without you even noticing, which enables pirates to get their hands on passwords or other important data such as online banking details.
Dialers
Dialers are relics from a time when modems or ISDN were still used to go online. They dialed expensive premium-rates numbers and thus caused your telephone bill to reach astronomic amounts, which meant enormous financial damage to you, the poor victim, who did not even know they were there. Dialers have no effect on ADSL or cable connections, which is why they are mostly considered extinct nowadays.
Backdoor / Bot
A backdoor is usually a piece of software implemented by the authors themselves that enables access to your PC or any kind of protected function of a computer program. Backdoors are often installed once Trojans have been executed, so whoever attacks your PC will gain direct access to your PC. The infected PC, also called “bot”, will become part of a bot net.
Exploit
Exploits are used to systematically exploit vulnerabilities of a computer program. Whoever attackes your PC will gain control of your PC or at least of parts of it.
Spyware
Spyware is software that spies on you, i.e. collects different user data from your PC without you even noticing.
Adware
Adware is derived from “advertisement”. Beside the actual function of the software, the user will see advertisements. Adware itself is not dangerous, but tons of displayed adverts are considered a nuisance and thus are detected by good anti-malware solutions.
Rootkit
A rootkit mostly consists of several parts that will grant unauthorized access to your PC. Plus, processes and program parts will be hidden. They can be installed, for instance, through an exploit or a Trojan.
Rogues / Scareware
Also know as “Rogue Anti-Spyware” or “Rogue Anti-Virus”, rogues pretend to be security software. Often, fake warnings are used to make you purchase the security software, which the pirates profit from.
Ransomware
“Ransom” is just what you think it is. Ransomware will encrypt personal user data or block your entire PC. Once you have paid the “ransom” through an anonymous service, your PC will be unblocked.
Although there are different categories of malware but most of the malware today combines different kinds of malware to achieve a higher rate of infection and giving more control to the hacker. Most malwares are invisible that runs silently without your knowledge to avoid detection except for a ransomware and adware. It doesn’t mean that you’re safe if you don’t see it so it is important to run an anti-virus software from reputable brands such as Kaspersky, ESET, Avast, Avira, AVG, MSE together with a second opinion anti-malware such as HitmanPro, Malwarebytes Anti-Malware and SUPERAntiSpyware. As for Emsisoft Anti-Malware, it comes with its own Anti-Malware engine and Ikarus Anti-Virus Engine.