Skip to main content

Malware

Software that serves a malicious purpose, typically installed without the user's consent (or knowledge).

There are multiple types of malware:

  • Computer Viruses
  • Spyware & Keyloggers
  • Backdoors & Remote Access Trojans (RATs)
  • Rootkits
  • Ransomware
  • Logic Bombs

Viruses

A type of malware designed to be self-replicating and spreads from computer-to-computer automatically. There are four main types of viruses:

  • Non-resident/file infector
  • Memory resident
  • Boot
  • Scripts and macro viruses

The terms multipartite and polymorphic are used to describe viruses that use multiple attack vectors and that dynamically change and/or obfuscate their code to avoid detection, respectively.

All viruses work by infecting a host file or media, and rely on being distributed, either intentionally by the virus itself or by the unsuspecting host user.

Filelessness

A modern term used to describle malware that doesn't write it's code onto the victim system's disk. Instead, it lives in the memory, whether on a host process or using a custom dynamic link library (DLL) file. Fileless malware uses lightweight shell code (like .bat, .cmd, .sh, or .ps1) to implement it's backdoor on the victim host. Fileless malware also often uses techniques described as "live off the land," where it uses legitimate system scripting tools to execute payload actions, such as scanning, reconfiguration, and data exfiltration.

Worms

Worms are memory-resident malware. They're able to run without any user interaction or intervention, and can replicate themselves across internal networks. It's only executed when the user performs some action with an infected file, like running an executable, attaching an infected USB stick, or opening and infected document that has scripting or macroes enabled. Worms, upon execution, usually consume abysmal amounts of network bandwidth for their replication.

Spyware & Keyloggers

Spyware and keyloggers center around data exfiltration. Their entire purpose is to discover who you are by watching what you do on your devices. They look for:

  • Cookies (plaintext files that track things about your web activity)
  • Supercookies and beacons (tiny files that users are forced
  • Adware
  • Spyware
  • Keyloggers

No comments to display

Back to top