Malware: Everything you need to know

We’ve all had run-ins with malicious software, which is what malware means – any software designed to cause harm. It can damage files, steal sensitive data, and even take your device hostage. Find out what malware is, how it works, what it can do, and how you can protect yourself against it with reliable antivirus software.

What is Malware?

Malware is a catch-all term for any malicious software designed to harm or exploit any programmable device, service, or network. Cybercriminals typically use it to extract data that they can leverage over victims for financial gain. That data can range from financial data to healthcare records, to personal emails and passwords – the possibilities of what sort of information can be compromised have become endless.

A Brief History of Malware

The first malware dates back to the 1980s. The first documented computer virus was discovered on a Mac in 1982 and was dubbed Elk Cloner. A strain of PC-based it was discovered not long after in 1986 and was titled Brain.

Its evolution seems to directly correspond with the development of technology. Much like superheroes who develop new powers only to be met with an equally-matched enemy, it often develops alongside the technology businesses are adopting. When email became popular, so did email-based malware, for example.

While it would be difficult to chronicle all the malware instances over the past 40 years, we can give you a brief rundown.

• The 80s saw the first viruses and internet-based attacks.
• The 90s saw more sophistication as email viruses began to take hold.
• In the 2000s, malware ramped up with the entrance of phishing and web-based applications.
• From 2010 on, we’ve seen the most sophisticated attacks with worms, spyware, ransomware, and other malware attacking connected devices and businesses in an attempt to compromise information.

Why do cybercriminals use it?

Malware encompasses all types of malicious software, including viruses, and cybercriminals use it for many reasons, such as:

• Tricking a victim into providing personal data for identity theft
• Stealing consumer credit card data or other financial data
• Assuming control of multiple computers to launch denial-of-service attacks against other networks
• Infecting computers and using them to mine bitcoin or other cryptocurrencies

Types of malware

• Virus: Viruses are a subgroup of malware. A virus is a malicious software attached to a document or file that supports macros to execute its code and spread from host to host. Once downloaded, the virus will lay dormant until the file is opened and in use. Viruses are designed to disrupt a system’s ability to operate. As a result, viruses can cause significant operational issues and data loss.
• Worms: Worms can copy themselves from machine to machine, usually by exploiting some security weakness in a software or operating system, and don’t require user interaction to function.
• Trojans: The trojan hails its name from the story of the Trojan Horse. Trojans masquerade as harmless software and can initiate a variety of attacks on systems. Some trojans are aided by human action while others function without user intervention.
• Spyware: Spyware collects information about a device or network, then relays this data back to the attacker. Hackers typically use spyware to monitor a person’s internet activity and harvest personal data, including login credentials, credit card numbers, or financial information, for fraud or identity theft.
• Ransomware: One of the most profitable, and therefore one of the most popular, types of malware amongst cybercriminals is ransomware. This malware installs itself onto a victim’s machine, encrypts their files, and then turns around and demands a ransom (usually in Bitcoin) to return that data to the user.
• Adware: Adware results in tons of ads and features appearing on your screen, often while you are using a web browser. Adware may gain access by appearing to be an innocent ad or by attaching itself to another app, gaining access to your system when you install the benevolent program.
• Fileless malware: Fileless malware is a type of memory-resident malware. As the term suggests, it is malware that operates from a victim’s computer’s memory, not from files on the hard drive. Because there are no files to scan, it is harder to detect than traditional malware. It also makes forensics more difficult because the malware disappears when the victim’s computer is rebooted.

What does it do?

Ransomware is the most confrontational and direct form of malware. While other types operate undetected, ransomware makes its presence known immediately, demanding payment in exchange for returning access to your device or files.

In most cases, malware is much harder to observe, toiling quietly behind the scenes. Some types are malicious for the sake of spite, wiping important data from the infected machines. With no fraud or theft committed, the hacker’s sole reward is the frustration and setbacks experienced by their victims.

Other instances of malware result in more serious consequences. Machines infected with these types of malware capture the user’s personal or financial information, then forward it to the hacker, who uses it for purposes of financial fraud or identity theft. At this stage, simply removing malware is insufficient to remedy these offenses.

Because malware relies on the processing power of the infected device, victims often experience significant performance issues. A sudden slowdown can be a symptom of malware infection.

How to Prevent and Protect Against Malware: A Primer in Safety

Protecting against malware is often easily done with responsible device and password management and a healthy dose of best practices. Here are some tips to help protect your device and prevent malware:

• Use strong passwords and change them frequently, especially if suspicious activity occurs.
• Perform regular system and app updates to eliminate system vulnerabilities.
• Install solid antivirus software to identify and prevent malware from infecting your systems.
• Don’t open emails and messages from unverified sources, and only download from trusted entities.