Common Malware Attack Types
Malware
is one of the most insidious types of attacks, and this type has sections where
each section has a specific action or targets the victim with a specific type
to inflict it. In this article, we will talk about several types of malwares, and
we will define them and how to avoid them.
Types of Malwares:
1) adware:
It
is software that aims to make financial profit by displaying annoying ads
without your consent or by deceiving you into agreeing. The danger of adware is
that it often directs users to download malicious files such as dropper. This
type of malware has a major role in threatening operating systems, especially
Windows and Android. Previously, adware was responsible for spreading adware
targeting Android devices called Ghost Push. When the device was infected, it
was exploiting the number of security holes to reach root and then it would be
impossible to get rid of it for the average user. Now, after the arrival of
Android 11 updates and a lot of security updates, you are safe from this Ghost
Push threat, but we are still exposed to a lot of adware.
To
avoid getting infected with adware:
• Do not install browser extensions from unreliable sources.
• Do not agree to display any unreliable site for notifications on your device.
2) Botnet:
What
is a botnet?
A botnet is a type of malware that can target any type of operating system and
devices, even simple devices such as routers and IOT devices. The function of
the botnet is that when a large number of devices are infected, the attacker
can control a large number of devices through a server C&C server command
and control. The attacker can control all the devices and direct the devices To
carry out a specific command. such as directing devices to a DDos attack on any
target of its choice, and here lies one of the risks of this type of malware,
which is the possibility of targeting any target with a large number of zombie
devices, applying pressure on it and on the network and removing the target
from the service. Another risk is the risk of the rapid spread of botnets, and
an example of these attacks is the botnet mirai attack
Where this attack caused the suspension of some servers of large companies such
as Amazon, Google and Microsoft.
To
avoid botnet infection:
• Avoid downloading crack files from unreliable sources.
• Avoid opening mail files from unknown source.
• Commit to periodic updates of your devices from the side of software and
hardware.
3) Ransomware:
Ransomware got worldwide fame after Wannacry hit a large number of devices around the world. The virus's job is to encrypt or destroy your data temporarily until you pay the attacker in exchange for your data back to normal. In some cases, the ransom is in exchange for not leaking your data, and in both cases there are no guarantees that the attacker will fulfill his promise after the payment is made. In the event that your data is encrypted, the file will archive the names and paths of files and folders at first after installing itself in the startup, then it will start deleting any system restore points. It deletes any shadow copies, then starts encrypting your files using any asymmetric algorithm, meaning in short, the file decryption key is different from the encryption key itself. It replaces the original files with the encrypted and during the process it starts communicating with the C&C server and provides it with your device information. At this point, your device has become the property of the attacker. In these cases, it is best to isolate the device from the network and not connect any external storage devices containing important data. Then download an antivirus program to scan the device before disconnecting it from the Internet and start searching to find out the type of ransomware that infected the device and whether there are tools to decrypt your files or not. If you have another copy of your data or the device does not contain any important files, simply format the device.To avoid getting ransomware:
• Avoid downloading cracks and programs from unreliable sources.
• Avoid emails from unknown sources.
• Commit to constantly updating software, hardware and operating systems.
• Be careful with unreliable mobile devices and do not connect them to your devices.
4) Trojan:
RAT programs An acronym for remote administration tools. These are programs that hackers use to infiltrate devices. The program consists of a client and a server. The attacker creates a server file, or what is called a trojan, and sends it to any device. Let the trojan file create a reverse channel. To wait for orders from the attacker and execute them on the infected device, the Trojan files are spread by merging them with crack files, pirated games and programs, or using worms.Among
the most popular rat programs:
Njrat - darkcommet - thefatrat - blackshades.
To
protect your devices, avoid downloading files from untrusted sources.
5) Worm:
The main goal of the worm is to spread and often be loaded with other malicious
files. Like a botnet, a stealer, or others, when the device is infected with a
worm, it tries to install itself in your device By adding itself in the
startup, it can inject itself into another process. One of the most popular
ways to spread worms is Spreading through USB flash drives. And spread through
the network, especially if there are misconfigurations, loopholes, or weak
passwords. Some types of worms inject themselves into executable files, such as
the win32. If at any time you feel that your device is infected with a worm,
disconnect it from the network and avoid its connection to any other device.
The
most famous worms :
Stuxnet
- i love you - nimda - cryptolocker - sql slammer
6) stealer:
It steals cookies, credit cards and passwords saved in browsers And your own programs, such as electronic wallets, server management programs and services.Such as: filezilla and others
Sometimes it infects the device alone and other times it is loaded by a worm, dropper or botnet.
To avoid being threatened by this type of malicious file.
• Avoid saving your passwords on your personal computer or any device to avoid these risks.
Comments
Post a Comment