Malware Under the Microscope

What is a malware?

Malware is simply a program whose aim is to cause damage and compromise systems, networks, and digital devices.

Types of Malware:

1. Viruses: These are programs that replicate themselves by attaching to other legitimate programs and spreading when those programs are executed.
2. Worms: They independently replicate and spread across networks. They mainly cause the depletion of resources in a system.
3. Trojans: Trojans are disguised as legitimate software but contain malicious code that can compromise your system when executed.
4. Ransomware: This type of malware encrypts your files, demanding a ransom for the decryption key.
5. Spyware: spyware secretly gathers your personal information, such as passwords and credit card details, often without your knowledge.
6. Adware: Adware bombards you with unwanted advertisements and can compromise your system's performance.
7. Botnets: These are networks of infected computers controlled remotely to perform malicious activities, like launching Distributed Denial of Service (DDoS) attacks.
8. Keyloggers: Keyloggers record your keystrokes, potentially capturing sensitive information like login credentials.

How your devices get infected:

• Watering Hole Attacks: Malicious actors compromise websites that their target audience frequently visits, thereby infecting visitors' devices unknowingly.
• Phishing Emails: Criminals send convincing emails that appear to be from legitimate sources, tricking users into clicking on malicious links or downloading infected attachments.
• Malvertising: Cybercriminals inject malicious code into online advertisements, which can infect a device when a user clicks on the ad.
• USB Drives and Removable Media: Malware can spread when users insert infected USB drives or other removable media into their computers.
• Drive-By Downloads: Some websites can automatically download malware onto a user's device without any user interaction or consent.
• Email Attachments: Opening malicious email attachments, especially those disguised as legitimate documents, can lead to malware infections.
• Malicious Websites: Visiting compromised or malicious websites can result in drive-by downloads, where malware is automatically downloaded to the user's device.
• Software Vulnerabilities: Exploiting known or zero-day vulnerabilities in software, including operating systems and applications, to gain unauthorized access.
• Social Engineering: Using psychological manipulation to deceive users into taking actions that compromise their own security, like revealing sensitive information or installing malware.

How to prevent falling victim to this intruder

1. Restrict user privileges on devices and networks to reduce the impact of potential malware infections (Use a regular account on your pc).
2. Use Antivirus and Anti-Malware Software and ensure it is updated to the latest version
3. Regularly update your operating system, software, and applications to patch known vulnerabilities.
4. Exercise Caution with Email especially those with attachments or links.
5. Avoid opening attachments or clicking on links from unknown or unverified sources.
6. Enable firewalls on your devices to block incoming and outgoing malicious traffic
7. Use a hardware firewall for your IOT network
8. Download software only from official websites or trusted app stores
9. Avoid suspicious websites and pop-ups.
10. Use browser extensions or tools that block malicious websites
11. Frequently back up your important data to an external drive or a secure cloud service.
12. Perform regular malware scans on your devices, even if you have antivirus software installed.