Computer slowdown, crashes, and pop-ups, these and more are signs that a computer might be infected with malware. Malware is a blanket term used to describe software that can cause an annoyance or harm to a computer. In the first part of this malware series, I will cover what malware is, how malware is classified, lastly, start to give examples of types of malware.
Malware has a few goals either, concealment, collect data, destroy data, modify the system, launch an attack or a mixture of the previous. Malware tricks its way through the computer by using mutation to mask itself. There are three types of malware mutation…
- Oligomorphic– The code starts by looking normal but when executed the internal code mutates into its harmful form.
- Polymorphic– Like oligomorphic the code starts out looking harmless, but in contrast, when executed the program completely changes itself from its original form when executed.
- Metamorphic– Can rewrite itself every time the program is executed. This means the program looks different every time it is executed.
There are other ways distinct types of malware avoid detection, like scrambling its code or splitting up its code and rebuilding later in execution.
Malware is classified by which of the four primary traits it possesses…
- Infection– How the malware implants itself into the computer system.
- Circulation– How the malware spreads from system to system to target as many victims as possible.
- Concealment– How the malware hides from scanners
- Capabilities– What goals the malware possesses.
Infection and circulation
Malware that specializes in spreading and implanting itself in computer systems are viruses, trojans, and worms.
Viruses– Have two goals, execute its harmful payload and reproduce itself into other files on the computer. Viruses can cause computer crashes, destruction of files and hard drive and turn off computer security.
Trojans– Like how the Greek soldiers were able to sneak into Troy by hiding in a giant horse disguised as a gift. The trojan horse malware hides its harmful intentions by disguising itself as something useful like a downloadable calculator but parses the computer for sensitive information.
Worms– These malware types use the computer network to tunnel its way to other devices. It leverages network devices to send itself around. Worms then leave behind the malicious code that can allow for remote control or corruption of files.
Malware that specializes in concealment
Rootkits– Are programs that are used to hide an attacker’s presence in the computer system or to hide other harmful software. They achieve this by removing system log files or replacing operating system files with infected files that ignore its existence. This makes a rootkit infected computer system untrusted to use.
Malware is a blanket term to classify harmful programs on a computer system. Malware uses mutation of code and/or modification of the system to conceal its malicious goals. Malware is then classified by its goals and specialties. In this first part, we covered malware that spreads and embeds into computers and networks. Lastly, malware that specializes in concealment of attacker’s activities. In part 2, I will cover malware that specializes in data collection, deletion, system modification, and automated attack launch.
After reading this, if you are now worried about if your computer being infected. Check out some links below to select some great scanners and protection.
Links: Ninite - A great program installer check out the "security" section for some great malware protection. (I suggest Malwarebytes and SUPERAnti spyware) TDSSKiller - An easy to use rootkit detection tool GMER - An advanced Rootkit detection software (Be caeful can cause problems if used incorrectly)