We often hear about malware and the havoc it can cause, but what exactly is it and why should you care?
In this, the first of two blog posts on malware, we look at trojans, ransomware, keyloggers and spyware and how cyber criminals use it to extort money. Next time, we will take a closer look at worms, adware and mobile malware, along with offering advice on avoiding them.
Malware is malicious software which has been developed by someone (or some organisation) to cause disruption or, more commonly now, to earn them money. Your money.
It wasn’t always this way. Originally, computer viruses were created by computer enthusiasts almost as a game to see how many PCs they could infect. In the time before the Internet, these viruses were spread by infecting a floppy disk (remember them?) and passing it onto an unsuspecting user. Every machine that the floppy disk was inserted into would become infected and every floppy disk inserted afterwards would become infected.
These infections were harmless though. Sometimes they would create a simple graphic moving across the screen, at other times they would show a message that you had been infected, but that was about it. There was no malicious intent. It was more of a game for the creator to see how far it could spread. The first ever virus created was by two Pakistani brothers who even included their names, phone number and address in the code, so they could be traced. If only it was so easy nowadays.
The invention and rapid adoption of the Internet opened up plenty of avenues for virus creators and it didn’t take them long to see that there was money to be made. This is where we are today.
Nowadays, virus writers are often hired by criminal gangs to create malware for them. There are a number of different tricks they use to steal information and money. Malware is a complex thing to create, but it all follows similar patterns of intent. Here are a few to be aware of:
A trojan is the means by which a hacker gets his malware onto your computer. Often, it will appear to be a useful function such as a game, a screensaver or even an important security update, but it then drops the malicious payload. The malware it downloads onto the computer could be one of many types, such as a keylogger or ransomware, and it is this payload which causes the problems.
The FBI estimated that criminals’ profits from ransomware are roughly $150 million annually. Just as the name suggests, this type of malware locks the user’s computer and holds it to ransom. However, once the money is paid to the cyber criminals, the computer will not be unlocked again. Why would they do you a favour?
In order to avoid the user going to the police, the message that appears often suggests that it is from a local enforcement agency which has found illegal material on the computer’s hard drive. This could be anything from pirated music to child pornography. The fear it instils prevents the user seeking help and they often pay.
If you experience a ransomware attack, the only way to get your computer unlocked is to seek the help of a data recovery specialist. Even then, not all data will be recovered, so it is prudent to backup everything on your computer automatically, so the loss of data on your computer will not affect you.
A keylogger is a piece of malware which is downloaded onto your computer through visiting malicious websites or opening an infected attachment. Once it has installed itself, the user is none the wiser. However, the keylogger takes note of every key being pressed on the computer and transmits this back to the hacker. This gives the cybercriminal your login details and passwords to multiple websites – a particular risk if your bank does not have a two-factor authentication system.
It is frightening to know that spyware can be easily purchased over the Internet. It is used to monitor an individual’s digital life – everything from reading their emails and text messages to intercepting their phone calls. Some kinds even allow the instigator to call the victim’s mobile phone, which will not ring, but answers the call and turns their phone into a microphone for listening to their offline conversations. Often used by people who fear their partner is cheating or by companies for corporate espionage, this is a very worrying and intrusive form of malware which needs to be avoided.
So, what do you do?
Avoiding malware is entirely possible. People should just remember that they need to replicate the safe life they lead in the real world into the digital world. If you wouldn’t give a stranger your bank card, why would you with someone online? Using a computer with no security protection is the online equivalent of opening the door of your house, welcoming in a crowd of criminals and telling them you have your life savings hidden under your mattress.
Be safe, protect yourself with the available resources and don’t take risks.
In less than two months, the world has seen the two biggest ransomware outbreaks ever…
July 7, 2017
UPDATE: For the latest on Petya, check this F-Secure Labs post. Are we still calling…
June 28, 2017