• CSNP

Malware 101: Malware Explained

Author Jose-Miguel Maldonado

Malware is a term that is often thrown around in the cybersecurity space and also by the media. To help clear up confusion about what malware is and isn’t, here is a quick primer on what you need to know about malware and how to protect your devices from becoming infected.

Spyware

This type of malware is the easiest to explain because what it does is right in the name – it is a type of malware that spies on you and your devices. For example, if you have spyware on your computer, it can track your browser activity or even worse, log your keystrokes. On a mobile device, spyware can take screenshots, access your photos or contacts, and in extreme cases exfiltrate data (e.g. send data from your phone to a specific server or location).

Trojan

A Trojan/Trojan Horse is a type of malware where the sole intent is to gain control over a device. A few popular Trojans include: Remote Access, Exploit, Backdoor, and Banker. Typically, Trojans cannot replicate like some viruses can. Common methods of disseminating Trojans are via e-mail and/or malicious links.

Ransomware

Ransomware is one of the most common types of malware and definitely gets a lot of press in the news because it is destructive. Once installed, ransomware locks files and holds the files hostage with the end game being the creator receives a ransom (money) in exchange for decrypting the files. Ransomware is transmitted via phishing links, malicious programs/apps, and attachments in e-mails.

Variations

There are instances where these different types of malware are combined. For instance, a seemingly harmless app, such as a tipping calculator app, may be available on a 3rd party app store and installed on your mobile Droid device. The app could be laced with spyware components (monitors GPS location and browsing habits), Trojan components (creates a backdoor that could allow an attacker to gain remote access over your mobile device), and Ransomware components (locks your phone and requires a ransom for the decryption key). When combined, these create a devastating payload that could wreak havoc on a user’s device.

What Do I Do?

The best defense against malware infection includes the following items:

  • Install and use up-to-date antivirus/malware software on your Windows/macOS computers

  • A careful eye that scrutinizes e-mails that contain links or attachments (Were you expecting the e-mail? Is there a sense of urgency requiring you to take action? Does the e-mail contain content that is too good to be true?)

  • Ensure your devices (computers, tablets, phones) are up to date with the latest OS (Operating System) software

  • Ensure all apps/software are up to date with the latest patches

  • Consider running as a Standard User on your computer. While not foolproof, it can help limit the installation of malware

About the author: Jose-Miguel Maldonado is the VP of Business Ops & Security at Rubica, a cybersecurity startup, and has acquired a reputation for creating cybersecurity champions out of non-technical people.

85 views
  • Instagram
  • Twitter
  • LinkedIn
  • Youtube
  • Github
  • Slack
  • Facebook

Copyright CSNP - CyberSecurity NonProfit