About the author Alexander Vukcevic is Director of Protection Labs & QA at Avira. Malware, the combination of two words malicious and software, is the term often used to describe a wide range of potentially dangerous and invasive code. The main categories of malware include Trojans, viruses, worms, and ransomware. There are examples of malware targeting all major operating systems, including Apple, Android, and Windows, even Linux.
The problem with viruses.
Malware is more than just viruses. Computer viruses are a specific type of malware that has two specific characteristics. First of all, a computer virus can run or run on its own. To do this, it associates itself with other programs or hides computer code that runs automatically when you open certain types of files or programs. Second, a virus can reproduce. This is often done in a specific program or application on the device, followed by spreading the virus to other devices via email, USB memory sticks, or a vulnerable network. While these technical distinctions are important to analysts, they are not important to the consumer. The important thing for consumers to realize is that a computer virus in the strict sense is only the tip of the iceberg; there are many more risks and vulnerabilities than that.
Trends in malware
Malware exists almost as long as the computer age. Although there is no universal agreement on which was the first malware, two early examples are the brain and the Morris worm. The Brain was launched in 1986 by two Pakistani brothers. It was a self-replicating virus on a large floppy disk promoting his computer repair shop. The Morris worm, released in 1988, was one of the first computer worms. This also resulted in the first conviction for a crime under the Computer Fraud and Misuse Act.
The four basic steps of malware.
Impress/Annoy: The first malware was designed to impress or annoy, or both. It was largely a platform for hackers to show off their technical prowess and confuse the rest of the world. Damage: Malware has quickly entered destructive mode, with some types of malware infecting infected devices or deleting files. Although impressive, and very irritating, it was limited. Theft: The benefits came quickly when hackers realized that they could gain a lot by extracting data from infected devices and misusing it. This discovery has allowed the malware to become only information technology geeks who stand out as a lucrative business. The types of monetization run the gamut from credit card fraud, bank fraud, identity theft to ransomware. Tracking: The age of smartphones, with people always online, has attracted trackers. Tracking can be legal, in a gray area, or outright illegal, depending on how the tracks are added to the device and the person's consent. Intrusive trackers that detect user activity have been associated with malvertising campaigns and delivery of questionable ads on infected devices.
Trends in the creation and distribution of malware.
Malware began by bragging about cybercrime, often due to the fact that a single individual wolf was displaying its particular abilities. It then became a gang of thieves, focused on a particular technical angle, such as hacking into SQL databases and POS devices. Malware as a Service – As malware has grown in size, it has split into multiple roles and specializations. In particular, there were developers of malicious code, marketing lists of stolen identifiers, and people trying various marketing strategies and delivery mechanisms. From a security analysts point of view, we often see the same distribution development, marketing campaigns, even A/B testing for malware like Dridex and Locky, as we would for fully online products. legal. Malware as a Government Service: State actors occupy a disproportionate position in the development and deployment of malware. It appears that the United States and Israel developed and deployed Stuxnet malware to prevent Iranian plutonium production equipment from working. Elements of this code have subsequently been incorporated into other malicious software packages. North Korea is believed to have had a major influence on the damage to Sony studio files and the implementation of ransomware. Russian-related entities were behind the Petya and NotPetya ransomware. Some of the major industry groups, like Marriott, come from China-related organizations. The flight of the NSA's zero-day exploits into the wild has led to several waves of malware and ransomware attacks.
Trends in malware detection
Malware has been around for almost as long as modern computers, but its destructive power has increased exponentially since the time of the I LOVE YOU virus in the dark days of the year 2000. This Malicious software always travels the Internet. As the ability of malware to disrupt our lives online has increased, the different techniques used to detect malware and protect it from your device have also evolved. Signature-based detection – One of the first antivirus programs was signature detection, in which a single code pattern or hash of a known malicious file is known and saved. Once this signature is rediscovered, the antivirus can mark the file that contains it. With malware becoming more sophisticated, its authors began using new techniques, such as polymorphism, to modify its structure each time its creation spread from one system to another. As such, it downplayed the effectiveness of a simple signature detection. The researchers then supplemented this information with a detection heuristic that judges the code based on its behavior. When something starts to go out of the ordinary, the alarm sounds. Cloud Discovery – Cloud discoveries transfer the work of identifying an individual device to the cloud. This frees up IT space for more productive tasks and allows security companies to hide their detection methods from cybercriminals. Adding to the AI-enhanced mix of AI, security companies can classify and filter potential malware much faster and more thoroughly than ever before; allowing them to save their manual work of identifying new and emerging threats.
Protection against malware
There are three main elements to protect your device against malware. to. Antivirus: Use a trusted security app that has had a battery of independent tests on your device. This is a critical starting point for malware security. Furthermore, a good security application will also have a history of test results. Take a look at some results if you can. b. Updates: Malware likes to find a device that has run out of software. Stay on top of these threats by installing an update program. You take responsibility for finding and installing the latest updates for the many apps on your devices. c. You: As the user and owner of the device, you are the most important security layer. Look before you click on suspicious attachments. Is the return address correct? Are the links in the HTTPS encrypted? Does this sound correct? Be careful, this could save your device from malware. Alexander Vukcevic is Director of Protection Labs & QA at Avira.