Malware

TYPES OF MALWARE

ADWARE

Short for advertising supported software, is a type of malware that delivers advertisements. Common examples are pop up ads and advertisements that are displayed in software. Software often offers “free” versions that come bundled with adware. Most adware is sponsored by an advertiser and is used to make money. While some is solely designed to deliver advertisements, it is not uncommon for adware to come bundled with spyware that is capable of tracking user activity and stealing information.

BOTS

Software programs created to perform simple and repetitive operations. While some bots are created for harmless purposes (online contest, video gaming, and internet auctions) it is becoming increasingly common to see bots used maliciously. Bots can be used in groups of computers to be controlled by a third party for distributed denial of service (DDoS) attacks, to spam large amounts of advertisement on the internet, as web site scrapers, and for distributing malware disguised as popular search items on download sites. The most common way to guard against bots is with CAPTCHA tests that verify users as humans.

BUGS

Are a flaw that produce an undesired outcome in the context of software. Usually the result of human error, bugs normally exist in source code or compilers of a program. Significant bugs can cause crashing or freezing. Security bugs can allow attackers to bypass privileges or override authentication.

RANSOMWARE

Is a form of malware that holds a computer hostage when it installs covertly on a computer and restricts access to the computer by encrypting files or locking the system down and demanding a ransom to restore it. The only fix, if the files are encrypted, is to restore from “offline” backups not accessible to the infected computer. Ransomware is typically spread by a downloaded file that is disguised as a legitimate file.

ROOTKIT

A type of malicious software designed to remotely control or access a computer without being detected. Since this software has “root” or administrative access, it has full control of any existing software. This means it can modify any software, including any that may be used to detect or circumvent it. As a result, detection relies on manual methods such as monitoring computer behavior for suspicious activity, storage dump analysis, and signature scanning.

SPYWARE

Software that tries to gather information about a person or organization without their knowledge and may send this information to another computer without that consumer’s consent. Spyware is mostly classified into four types: adware, tracking cookies, system monitoring, and trojans. Spyware is mostly used for the purposes of tracking and storing internet user’s movements on the Web and serving up pop-up ads. While the term spyware suggests software that monitors a user’s computer habits, spyware can collect almost any type of data, including personal information such as surfing habits, passwords, and bank or credit card information. Spyware can be included with genuine software, including “free” software and from malicious websites. Spyware installs itself on a system by deceiving the user or by exploiting software vulnerabilities.

TROJAN or TROJAN HORSE

A type of malware that disguises itself as a normal file or program to trick users into downloading and installing malware. A Trojan can give a malicious party remote access to an infected computer. Once infected, the attacker can steal logins, financial information, and research data. They can also install more malware, modify files, and monitor activity like screen watching and keylogging. Most Trojans are spread by some form of social engineering, such as an attachment in an email. If installed with elevated privileges, meaning an Admin account, a Trojan would have unlimited access.

VIRUS

A virus is a form of software that is capable of copying itself and spreading to other computers, hence the name “virus”. Viruses can access personal data such as bank or credit card logins, corrupt data, spam email, log keystrokes, and render computers useless. Viruses exploit vulnerabilities in operating systems, browsers, and other software and social engineering to gain access to their host’s computers.

WORMS

Worms are among the most common malware. They spread by exploiting vulnerabilities in operating systems. Typically worms cause harm to host networks by overloading web servers or consuming bandwidth. Worms can also have “payloads” that can cause damage to computers. Payloads are code, written to perform actions such as deleting files, stealing data, and encrypting files in ransomware attacks. The most common payload is to install a backdoor for creating botnets.

How to minimize the threat of malware:

Keep your computer's operating system automatically updated. Go here for more information on Computer Security.
Use strong passwords. It is the first line of defense.
Use dual factor authentication if available, which requires your password and another form of identification, such as an app on a cell phone.
Don’t use administrative accounts unless absolutely necessary. Since administrative accounts allow full access to your computer, malware with administrative access can defeat your computer's defenses. Unless absolutely necessary, use standard accounts.
Avoid opening unrecognized or unexpected email. Phishing is the most common method of getting infected.
Use anti-virus software and keep it updated.
Any computer that is connected to Lamar’s local area network (LAN) or VPN via a LEA account, is protected by Lamar University IT security systems and software. This includes anti-virus/anti-malware and network protection. Lamar University systems are licensed for firewall and anti-virus/malware software. This software is updated and managed by Lamar University IT.