The malware landscape has shifted – These online threats are waiting for you in 2016

  • July 7, 2016
  • 7 min read


Have you ever wondered what you’d do if all of a sudden the data from your your laptop was held hostage? What if you went to make an online payment and your bank account was empty without reason? This is the sort of nightmare one always imagines happens to someone else. Unfortunately, these are just two of far too many threats that we all face in a climate of heightened cyber crime.

Today’s attackers don’t seem to be deterred at all by modern security measures and the use of malicious software is still a rampant issue for banks, businesses and at home users.

blog_main_protectionWhat is Malware?

The term ‘Malware’ covers a plethora of exploitative programs. Defined most simply, Malware is software that is specifically designed to damage or disrupt your computer system.

So what kinds are there?

Generally speaking, Malware can be broken down into different categories which we will explore here in order of danger.

Viruses – no longer a big deal

A virus spreads itself by smuggling its code into another program. Uses for a computer virus vary from stealing sensitive information, taking control of a computer to complete illegal tasks or simply wanting to prove that it can be done, such as hacking a government website and taking it offline. Similar to its biological namesake, a virus requires a host.

Worms – less common

These nasties are similar to viruses in their shared aim to spread as fast as possible. But, unlike viruses, they don’t require a host program. Computer worms spread themselves via storage devices such as USB sticks and email. Remember that time your sister gave you the USB with all of the family photos on it and suddenly your computer started freaking out? Yep. Your PC likely had worms.

Antivirus software with a dual-engine fileguard is your best defense against any kind of malware threat that spreads through e-mails, USB sticks or downloads.

Spyware – more scary than disruptive

These, well, they spy on you, and collect various types of data from your PC without your knowledge. Within moments of installation, cyber criminals have their hands on huge amounts of your personal information such as your email correspondence, private photos and again, your credit card details. Spyware is also used for surveillance through Keyloggers: a variety of malware that monitor keystrokes and secretly record everything entered into your keyboard. Personal demand for this technology has expanded rapidly in recent years. As parents become more and more concerned about their child’s online behavior, keylogger software developed as a new form of parental control, much like that setting on your smart TV. With a simple program, parents are able to monitor their children’s keystrokes to see what kinds of conversations they are having online and what they are searching for in google when they think no one is watching.

Ransomware – a costly problem

An exploitative crime, ransomware is a type of malware that encrypts your personal data or locks your entire PC. You are asked to pay a “ransom” via an anonymous service in order to unlock your computer and free your data. Ransomware makes up a huge part of todays active threats as it turned out to be one of the easiest income earners for attackers. All other malware makes its developers money indirectly (by using or selling your computer power), but ransomware directly asks you (the victim) for cash to return your data or access to your PC. This is usually achieved through a lockout screen with a countdown timer and a link to a payment page where you are required to pay your ransom.

Example of a ransomware lockout

Earlier this year, Hollywood Presbyterian Medical Center paid $17,000 in cyber-ransom money to recover patient data that was taken hostage through an online malware attack. This kind of malware is usually installed by a Trojan: the big kahuna of malware.

Trojans – the ultimate exploit

The main objective of a Trojan is to install other applications on your infected computer so it can be controlled remotely. Trojans do not spread by themselves like viruses do. But, much the same as the Greeks’ silent attack on the city of Troy, these malicious codes, when executed, release a second program: this is the Trojan itself. Trojans remain an ongoing issue for financial institutions. They are known for taking screenshots and uploading them to remote servers, gathering IP addresses which can be used to identify you, performing malicious web injections and allowing access to your infected PC to anyone who holds the keys.

Trojans are especially dangerous because they combine two pieces of software: the first infects your computer, the second waits silently until you visit your bank’s website, captures your login details and hijacks your online identity. That same generic password (we know you do it) that you use for every single website, email account, Facebook and internet banking site is now recorded directly after your usernames. A lot of credit card fraud occurs this way, where your credit card details are stolen, and as neither a PIN nor a signature is required when shopping online, simply stealing card numbers, expiry dates and the CVV number (on the back) that you entered into what you thought was ebay is sufficient and lucrative for this kind of fraud.

Trojans can also destroy files or information on hard disks or capture and resend confidential data to an external address. By opening communication ports, your computer can become a bot; a member of a botnet army that is remotely controlled by a cybercrime organization.

Bots- just plain scary

These specifically consist of two parts.

A dropper: the exploit or trojan that then opens the machine to download the actual malware, and

The bot itself: which is a remote control software that connects to a master server to wait for instructions. Imagine you have a remote control feature that allows you to let 100k machines do one thing, what you could do with that! For example, you could let all of those computers send only one spam email per hour. Nobody would notice, yet you could send millions in a short time to sell viagra or to simultaneously access amazon.com with 1000 requests per minute and overload their servers so they can’t earn money anymore. You could request ransom in exchange for not launching the attack.

Sadly, even if the ransom demanded goes into the millions, these bots can continue to be used to hack more computers, wait for a new security leak to be discovered and instruct all bots to scan the entire internet for more vulnerable machines and so on.

Suddenly a 100k network of computers has become a virtual monster computer that can crack passwords, mine new bitcoins or do any other calculation intensive job for free and your computer is now part of that botnet.

We know you didn’t mean to send $10,000 of your savings to help fund a terrorism organization. You didn’t intentionally install keyloggers on hundreds of computers to mine data to be held for ransom. But, too bad. Your computer did and you are 100% responsible for what happens on your PC.

blog_content_breaker_protection

When you access a website, good anti-malware software checks if the address is already known for spreading malware, and if so, gives you a warning instead of loading the site. So, look for an antivirus solution that doesn’t rely on signature-based detection alone, but also monitors your programs for unusual behaviour.

A final note on malware

Malware is designed to disrupt and damage your system. But, be aware that it is getting harder to define threats as just one category now. Bots act viral by spreading themselves around, ransomware acts like a virus in the way it manipulates files. Bots are installed via exploits and Trojans. Malware is dangerous regardless of the type or the delivery.

A note on PUPs (Potentially Unwanted Programs)

PUPs or ‘crapware’, on the other hand, are not usually dangerous, but are incredibly annoying. Want to know the temperature in Aruba every minute of every day? No. Us neither. Yet, this and other highly annoying information is suddenly popping up every time you open a program. PUPs, find their way onto your computer much the same way as malware, through a bug in a reputable site or wrapped up in that useful program you actually wanted. A good security system will detect and remove these while providing sound web protection; a database that contains the addresses of dangerous websites and prevents you from entering that website in the first place.

Protect yourself against malware and PUPS

It’s not all bad news. There are steps you can take to keep your data and search activity secure.

  1. Make sure all your software is up to date – especially your operating system, your web browser and all browser plugins like Adobe Flash Player or Oracle’s Java Platform.
  2. Be cautious. Ask questions before you click. Read about how threats (and scams) work to avoid becoming a victim.
  3. Make sure you run a strong anti-malware software with real-time protection and web protection such as Emsisoft Anti-Malware
  4. Run an occasional scan with a second opinion scanner, such as Emsisoft Emergency Kit , Malwarebytes Anti-Malware or Hitman Pro to check whether your PC is Trojan-free.

No matter how computer savvy you are, regularly updated security software with real-time protection should be an essential part of your PC. Protecting your data and your personal details is of primary importance. So what additional features should you be looking for in a well-rounded security program?

Emsisoft Anti-Malware protects your PC in three ways. Web protection prevents you from visiting dangerous websites. The powerful dual-engine scanner detects any malware if it manages to enter your PC, and even currently unknown parasites will be reliably detected by its advanced behavioural analysis.

Your computer’s health is of utmost importance to us, which is why we work so hard to stay on top of all modern and previous security threats. Threats exist, but so do solutions.

Have a nice (malware-free) day!

Emsisoft Enterprise Security + EDR

Robust and proven endpoint security solution for organizations of all sizes. Start free trial

Your Emsisoft Team

Emsi

Emsi

Emsisoft founder and managing director. In 1998 when I was 16, a so called 'friend' sent me a file via ICQ that unexpectedly opened my CD-ROM drive, which gave me a big scare. It marked the start of my journey to fight trojans and other malware. My story

What to read next