The root of all evil

--Originally published at The Hitchhiker's Guide to information security… according to me!

Malwares, the ones who should not be named, the adversaries, the lords of darkness, the communism to my capitalism, the things that should not be, the roots of all evil… Today, in another post of my nonsense, we will be taking a trip to the scary part of information security. Please come along while I show you the truth about this creepy creatures.

Evil-foto

As definitions are always handy, malware is a short form of saying, malicious software, (I can see your face feeling with amusement), and it refers to all kinds of software that could potentially harm you or your computer by stealing or hijacking your data, spying on your activities or compromising computer activities.

They come in many colors and presentations and their names and stats are the following:

Virus

As you can also relate to them in real life, viruses are a computer program that can copy itself and spread to other computers if the user executes a corrupted file.

  • Attack points: they can execute malicious code that can give the attacker access to your files and computer functions, enabling them to steal information, corrupt your data or harm your computer.
  • Habitat: they can reside in e-mail files, infected files from other computers or within another software.

Worm

It’s a computer program that replicates itself and spreads to other computer. But wait, what’s the difference between a worm and a virus? Well, a virus needs to be attached to another program and be executed in order to replicate, the worm replicates itself without any user interaction.

  • Attack points: they normally are “payload free” which mean that they don’t harm your computer nor steal your data, but they can overload your network by consuming bandwidth, which might slow your computer’s browser. Nevertheless, there’re still cases in
    worms may include other harmful code within and could steal or corrupt your data.
  • Habitat: computer links on email or in the email itself.

Bot

Putting it simple it refers to a computer program that runs and automated task. Have you ever been followed by some random dude on twitter that post exactly every two hours and just post nonsense? Well yeah… that’s a bot. Sorry. You’re not super popular.

  • Attack Points: At first they look quite innocent, this cute little scripts that do the same thing over and over again, but quicker than anyone, harming no one. Well, surprise! This dude can be used to in great amount to consume bandwidth and slow every computer on the network or to distribute more malware impersonating as human or through email spam.
  • Habitat: usually the World Wide Web.

Ransomware

A computer program that installs itself in your computer, encrypts your data and demands a ransom payment to decrypt it.

  • Attack points: if the malware achieves to encrypt the data there’s no way that you can take your data back. This is a pretty violent attack, while other malware may just slow down your computer, this malware makes your information inaccessible to you.
  • Habitat: email links and software downloads.

Spyware

A program designed to spy the user’s activities.

  • Attack Points: This malware can track all your browser history, all the activity in your computer (which programs you open the most, which programs you install, etc.), also may install a keylogger which captures all your keystrokes within a text file, including your passwords, and sends it to the attacker.
  • Habitat: they exists in other programs, Trojans or emails.

Trojan

The beautiful horse that seemed awesome but screwed a city. Well, as its name implies it is a malware that, at first, seems like an innocent software, but in the end, it’s not innocent at all. Like that shy girl in the classroom. If you know what I mean…

  • Attack Points: The Trojan may contain other malware inside it. You might think that you are downloading a cool free version of a very expensive software, but in reality, you’re downloading a program that contain a spyware of a virus.
  • Habitat: Normally a Trojan comes as a free software within another software (like a toolbar), and in e-mail or web links.

Adware

In the malware context adware refers to programs that, against the user’s will, renders advertisement as a window that makes normal operation impossible or an unclosable window.

  • Attack Points: It is pretty damn annoying.
  • Habitat: normally it’s embedded in other software or in the web pages.

Scareware

Is a software that generates a warning telling the user that it’s computer has been breached by a malicious software and that he need to download another software to countermeasure the breach

  • Attack points: It might scare the #$%& out of you and make you, in panic, download what he is asking you to.
  • Habitat: E-mail and embedded in other software.

Essentially this are the bad guys that run all the black deals around the Internet. Maybe in this moment you’re staring at your computer suspiciously asking if it might have malware inside. You can’t trust anyone now, everyone is and enemy. Lucky for you I have a list of weird behaviors you might want to check if your computer is doing.

  • Your computer runs slower than usual. (You know, like mysteriously slow -_-)
  • Increased CPU usage. (Like if you’re using Notepad and your computer thinks you’re running a NASA program)
  • Fluctuation of file’s sizes. (Either your files are on a diet or else… D:)
  • Files don’t open. (Teenagers… Right?)
  • Your friends receive weird mail coming from you. (One you did not sent :O)
  • Your computer freezes for no reason frequently. (Pretty obvious here)

It’s like a haunted house! You see creepy things happening and you don’t know where they come from. Now as the good hypochondriac you might be, you now feel like you’ve got all the symptoms of a hunted computer. Who you gonna call? Well, that’s a story for another post.

Malwares are a part of our daily lives. The first malwares where invented out of curiosity and unfortunately they evolved in order to compromise our daily security. There exist no perfect security, and that’s why malwares will keep annoying us, antiviruses will keep on taking them down, and they will evolve and return. The meaningful learning about this reading is that IT’S NOT SAFE OUT THERE and because no one can protect you at a hundred 100% you need to watch your clicks instead of your steps. Remember prevention is better than acting.

Stay safe kids.