The 15 most common types of malware to avoid at all costs

Malware is one of the ways most commonly used by cybercriminals to steal information or damage devises connected to the network. In order to deal with this threat, the seriousness of which is evidenced by the worrying figures that analyses throw up, it is imperative to know the main types of malware. In this post we address 15 of the most relevant ones.

Virus

It is one of the most historic types of malware. Viruses are created from malicious code inserted into a seemingly legitimate file. When the latter is executed, the virus is activated, which negatively affects the infected system. They are of various kinds, but the main characteristic they have in common is that they need to be unintentionally launched by a person who, believing they are performing an innocuous action (such as opening a document downloaded from the Internet), is actually initiating a series of fraudulent commands created for illicit purposes.

Today, next-generation computer viruses are proliferating in the mobile application sector.

Worm

Unlike viruses, worms spread without a “victim” having to initiate an action to activate them. They are programmed to exploit vulnerabilities in information technologies, autonomously infecting systems connected to the network. They spread and self-replicate from one device to another, exploiting security weaknesses such as, for example, the use of outdated software.

One of those currently attracting specialized attention is the so-called NoaBot.

Troyano

It is a program that, under the appearance of legitimate and benign software, in reality allows illegal access to, and criminal control of, the system on which it is installed. There are different types of Trojans. Of all of them, those developed to affect the financial sector receive the most media attention. Malware such as Qbot or Grandoreiro have been wreaking havoc for years, which gives us an idea of their persistence and dangerousness. We should be particularly cautious with regard to this category, as Spain ranks tenth in the world in terms of cyberattacks using banking Trojans.

Spyware

This range of malware is intended to spy on a person’s activities, so that it inadvertently gathers information about, for example, their web browsing habits, passwords used, credit cards entered, files, etc. All such data is made available to third parties who can use it for malicious purposes. They are capable of monitoring a device at all levels, including intercepting conversations through microphones or video cameras that are installed as standard on our computers, mobiles or tablets.

One of the most talked-about cases in this regard has been the social alarm raised by Pegasus.

Adware/Malvertising

The purpose of adware is to display unwanted advertising on the infected device. In many cases it is nothing more than an intrusive nuisance, with no major consequences other than distracting attention. However, there is a possibility that this malware may be derived from techniques used by cybercriminals to take advantage of it.

Such is the case with malvertising. This can lead to advertisements redirecting to fraudulent web pages or activating harmful add-ons that take advantage of possible security breaches.

DollarRevenue or OpenSUpdater are examples of adware.

Ransomware

Ransomware is one of the most feared types of malware, and one of the most demanded in the world of cybercrime. It consists of rendering the contents of the affected devices inaccessible and, after demanding a ransom, unlocking them.

Ransomware attacks can severely impact the productivity of a system, even paralyzing it completely. There are cases in which they can lead to the theft of sensitive data and its leakage.

Rootkit

A rootkit is a malicious software developed to gain unauthorized access to a cyberattacked computer. By programming it, a malicious person gains administrator privileges of the system under his criminal control. In this way, someone with illicit intentions can remotely operate changes to processes and services, which will help to introduce any other type of malware that serves fraudulent purposes (port spoofing that gives away the operation of spyware, etc.).

They can be extremely difficult to detect and remove, as evidenced by the technical articles that address them.

Exploit

An exploit is a type of malware that has been programmed to take advantage of a security flaw. They can be used to compromise a system by exploiting its vulnerabilities, both in the

operating system and in other elements such as installed applications. One of the best known is the so-called EternalBlue.

Keylogger

It is a malware designed to monitor and record the keystrokes made by users to enter data using a keyboard. By spying in this way on people’s interactions with their devices, a keylogger can discover the passwords used on the attacked device, which would allow access to sensitive information that could be stolen or manipulated.

Botnet

When a device is infected with malware that allows it to be remotely controlled by an attacker, it is said to become a bot or zombie. A set of devices under the control of a cybercriminal, who can use such a network of terminals under his administration to carry out malicious activities (such as denial-of-service attacks or mass spamming, for example), is called a botnet. The term comes from “robot network”, and the number of elements that can be integrated under the control of a cyberattacker can be thousands.

Fileless malware

This type of malware operates from a device’s RAM (or other volatile areas) and not from its hard disk or file system (malware in general, such as viruses, Trojans, etc., relies on files to attack a system). It usually targets one of the elements that the operating system needs for its functionality (PowerShell, among others).

Since it does not require downloading and executing files, it is a very difficult to detect. It acts by altering command lines, i.e. lines of code that direct what a device is to do. It corrupts security settings to allow a cyber attacker to execute his illicit actions.

Cryptojacking

It is a type of malware that hides in a device and takes over its resources to “mine” cryptocurrencies without the consent of the legitimate user. This leads to the affected terminal having its processes slowed down, resulting in performance problems, and shortening its productive life cycle. Rather than trying to access data stored in an information system (such as banking information, etc.), this malware seeks to hijack sources that allow it to direct computing capabilities towards the production of cryptocurrencies.

Rogue Security Software

It is a form of malware that aims to trick a device into believing that it contains some kind of virus infection, etc. It generates false alerts that simulate those produced by security applications such as legitimate antivirus programs. It lures the victim into downloading a supposed solution that will free them from the threat, when, in reality, what will be installed is malicious software that will cause them some kind of harm.

Backdoor

Backdoor is a malware programmed to bypass a device’s security controls and gain unauthorized remote access. It circumvents authentication mechanisms by encrypting a bypass that allows the attacker to bypass the defensive system and thus operate for illicit purposes.

Cloud malware

In essence, this class of malware consists of turning cloud applications into a transport mechanism for malicious code. Examples include Virlock, the malware that changes shape and spreads via cloud storage applications, or RanSerKD, which spreads via Dropbox and Word documents.

Recommendations to prevent malware

There is a wide variety of malware. In order to protect yourself from malware, it is necessary to keep your computer properly updated, avoid surfing sites of dubious security, avoid downloading files from untrusted sources, make regular backup copies and, above all, be aware and informed about the need to protect yourself at all levels from this type of threat. If, despite adopting all the appropriate preventive measures, you end up being a victim of some type of malware, at JakinCode we have the technology and know-how to provide professional solutions for this and other types of cyber-attacks.