Malware is everywhere these days. You've probably been a victim at some stage, and you may well not even know it. From all-too-visible ransomware attacks to botnets and adware, it's a complex picture, and new variants are emerging all the time.
Because of this, I thought I'd provide a quick introduction to malware 101. So here are 7 major malware forms - any one of which could be targeting your device right now.
1. Viruses
As with their natural cousins, computer viruses are designed to replicate. However, instead of using animal cells, they generally work by infecting code. By changing code to suit their purposes, viruses can then convert seemingly harmless programs into tools to propagate all kinds of digital nasties.
The effects of viruses vary widely, and there are many different types. For instance, you might come across:
- Resident viruses - Which linger in the RAM of computers, corrupting software as they do so.
- Overwriters - Which attack files by wiping their content and replacing it with malicious code.
- Boot sector viruses - Work by using floppies or other media to attack the boot processes of targeted machines. Much less common in an age where boot floppies are virtually obsolete.
If there was a "golden age" for viruses, it came in the late 90s and 2000s, when agents like ILOVEYOU caused huge damage. In that case, a pair of Filipino programmers propagated an overwriter via fake love letter attachments. In an age where phishing was barely known, the virus spread quickly, inflicting around $10 billion in damage.
2. Worms
Worms are similar to viruses in that they exist to propagate themselves. They also spread between devices without humans being involved, and seek to create maximum havoc as they spread.
However, while viruses need a host program, worms do not. They are free-floating malware agents which work below the radar. As they do so, worms can delete or modify files, or just keep multiplying - clogging up the host system.
In 2010, researchers discovered a series of worm attacks on Iran's nuclear industry. Christened Stuxnet, this agent had managed to take down over 1,000 uranium centrifuges and countless IT systems - causing huge damage to Iran's capabilities.
The Conficker worm has also caused carnage for Windows users. Identified in 2008, it became the number one tool for botnet operators. Millions of systems have been turned to sludge by the worm, most without even knowing they were infected.
3. Trojans
Just like the Trojan Horse of Greek myth, Trojan agents use stealth. They tend to mimic legitimate apps or services, persuading unwitting humans to open files or hand over information. When that's achieved, they waste little time entering file systems and establishing control.
There are many forms. "Backdoors" can hand criminals total control, "Rootkits" can apply concealing techniques to make detection impossible, while specialist "Bankers" can siphon off financial details automatically.
The Zeus Trojan shows just how deadly they can be. In 2007, investigators started noting a pattern in cyber-crimes involving the theft of financial details. Eventually, they tracked down the source: a "Banker"-style Trojan running keyloggers to collect financial data. Millions of people were affected, a figure that grew as the Trojan was commercialized and sold to criminals worldwide.
4. Ransomware
Trojans and worms are hands-off attacks, where there's a large gap between the attacker and the target. That's less true with ransomware attacks, where criminals take devices hostage until victims carry out their demands.
WannaCry is the most famous example. Active for a few days in May 2017, this ransomware agent used a little-known Windows backdoor to take control of devices owned by organizations as diverse as the UK's National Health Service and Taiwanese chip-maker TSMC, who actually had to suspend production for days.
More recently, a ransomware agent called Cerber has been alarming analysts and victims. Propagated via attachments and malicious sites, Cerber encrypted files on targeted devices, billing victims to unlock them. That's the last thing most of us need.
5. Adware
Adware works by displaying ads on host devices, whether users like it or not. This can be innocuous, but not always. For instance, adware can launch in windows that are impossible to close without rebooting. Or they can ruin browsers permanently, requiring a re-install.
Fireball could be the most famous adware of all. Created in China and discovered in 2017, Fireball infected around 250 million systems, adding fake search bars to browsers, and adding new pop-up ads on every site.
Other agents work by removing legitimate ads, and replacing them with ads linked to the creators. Gator used this technique in the early 2000s, diverting millions of dollars of ad revenue via the music search tool Kazaa.
6. Spyware
As the name suggests, spyware is intrusive and malicious. It can be delivered by criminals, used to track corporate competitors, deployed by states to monitor suspicious online activity, or even be used by sex criminals (so-called "stalkerware").
We don't know exactly how many people suffer from spyware attacks worldwide, but the numbers are likely to be in the hundreds of millions. And the consequences can be devastating.
In one example, human rights lawyers have reported their Whatsapp accounts being targeted by spyware linked to the Saudi, Israeli, and Mexican governments. In another recent case, a spyware tool called "KidsGuard" was unmasked as collecting vast amounts of smartphone data.
That's just the tip of the iceberg, though. Spyware is everywhere, and could affect any device, any time.
7. Fleeceware
Final exhibit in the museum of malware is much less known, but could become one of the most costly in 2020.
Fleeceware is a new term coined by researchers at Sophos, describing apps engaging in a new form of online fraud. Fleeceware exploits legal loopholes in app markets. By setting up huge fees when free trials migrate to paid services, hackers can effectively overcharge hundreds of dollars for apps with very simple functionality available on low-cost or free apps.
No worms, spyware, Trojans, or viruses are involved here. These apps exist in a categorical grey area. It's just a glitch in a widely used system, which criminals are happy to exploit. Google has tried to remove fleeceware apps from its Play market, but the low cost of setting them up and the almost guaranteed returns mean that suppressing these apps is harder than it looks.
Take care online to avoid becoming a malware martyr
Almost all of the attacks mentioned can be financially damaging. Some can cause huge emotional stress, or even take down companies. But almost all can be avoided if users surf the web securely.
Using VPNs to encrypt data, regularly changing passwords, using antivirus tools, and avoiding dodgy attachments is all part of the solution in resisting most malware attacks.