Types of malicious attacks

Any malicious software intended to harm or exploit any programmable device,

service, or network is referred to as malware. Cybercriminals typically use it to
extract data they can use against victims to their advantage in order to profit
financially. Financial information, medical records, personal emails, and
passwords are just a few examples of the types of information that could be
compromised.

In simple words, malware is short for malicious software and refers to any
software that is designed to cause harm to computer systems, networks, or users.
Malware can take many forms.

It’s important for individuals and organizations to be aware of the different types
of malware and take steps to protect their systems, such as using antivirus
software, keeping software and systems up-to-date, and being cautious when
opening email attachments or downloading software from the internet.

Malware is a program designed to gain access to computer systems, generally for

the benefit of some third party, without the user’s permission. Malware includes
computer viruses, worms, Trojan horses, ransomware, spyware, and other
malicious programs.
Types of Malware

1. Viruses – A Virus is a malicious executable code attached to another

executable file. The virus spreads when an infected file is passed from system to
system. Viruses can be harmless or they can modify or delete data. Opening a file
can trigger a virus. Once a program virus is active, it will infect other programs
on the computer.

2. Worms – Worms replicate themselves on the system, attaching themselves to

different files and looking for pathways between computers, such as computer
network that shares common file storage areas. Worms usually slow down
networks. A virus needs a host program to run but worms can run by themselves.
After a worm affects a host, it is able to spread very quickly over the network.

3. Trojan horse – A Trojan horse is malware that carries out malicious operations
under the appearance of a desired operation such as playing an online game. A
Trojan horse varies from a virus because the Trojan binds itself to non-executable
files, such as image files, and audio files.
4. Ransomware – Ransomware grasps a computer system or the data it contains
until the victim makes a payment. Ransomware encrypts data in the computer
with a key that is unknown to the user. The user has to pay a ransom (price) to
the criminals to retrieve data. Once the amount is paid the victim can resume
using his/her system

5. Adware – It displays unwanted ads and pop-ups on the computer. It comes

along with software downloads and packages. It generates revenue for the
software distributer by displaying ads.

6. Spyware – Its purpose is to steal private information from a computer system

for a third party. Spyware collects information and sends it to the hacker.

7. Logic Bombs – A logic bomb is a malicious program that uses a trigger to

activate the malicious code. The logic bomb remains non-functioning until that
trigger event happens. Once triggered, a logic bomb implements a malicious code
that causes harm to a computer.

Cybersecurity specialists recently discovered logic bombs that attack and destroy
the hardware components in a workstation or server including the cooling fans,
hard drives, and power supplies. The logic bomb overdrives these devices until
they overheat or fail.

8. Rootkits – A rootkit modifies the OS to make a backdoor. Attackers then use

the backdoor to access the computer distantly. Most rootkits take advantage of
software vulnerabilities to modify system files.

9. Backdoors – A backdoor bypasses the usual authentication used to access a

system. The purpose of the backdoor is to grant cyber criminals future access to
the system even if the organization fixes the original vulnerability used to attack
the system.

10. Keyloggers – Keylogger records everything the user types on his/her

computer system to obtain passwords and other sensitive information and send
them to the source of the keylogging program.

Malwares – Malicious Software

Malware is a software that gets into the system without user consent with an
intention to steal private and confidential data of the user that includes bank
details and password. They also generates annoying pop up ads and makes
changes in system settings
They get into the system through various means:
1. Along with free downloads.
2. Clicking on suspicious link.
3. Opening mails from malicious source.
4. Visiting malicious websites.
5. Not installing an updated version of antivirus in the system.

Types:
1. Virus
2. Worm
3. Logic Bomb
4. Trojan/Backdoor
5. Rootkit
6. Advanced Persistent Threat
7. Spyware and Adware

What is computer virus:

Computer virus refers to a program which damages computer systems and/or
destroys or erases data files. A computer virus is a malicious program that self-
replicates by copying itself to another program.

In other words, the computer virus spreads by itself into other executable code or
documents. The purpose of creating a computer virus is to infect vulnerable
systems, gain admin control and steal user sensitive data. Hackers design
computer viruses with malicious intent and prey on online users by tricking them.

Symptoms:
Letter looks like they are falling to the bottom of the screen.
The computer system becomes slow.
The size of available free memory reduces.
The hard disk runs out of space.
The computer does not boot.
Types of Computer Virus:
These are explained as following below.
1. Parasitic –
These are the executable (.COM or .EXE execution starts at first instruction).
Propagated by attaching itself to particular file or program. Generally resides at
the start (prepending) or at the end (appending) of a file, e.g. Jerusalem.
2. Boot Sector –
Spread with infected floppy or pen drives used to boot the computers. During
system boot, boot sector virus is loaded into main memory and destroys data
stored in hard disk, e.g. Polyboot, Disk killer, Stone, AntiEXE.
3. Polymorphic –
Changes itself with each infection and creates multiple copies. Multipartite: use
more than one propagation method. >Difficult for antivirus to detect, e.g.
Involutionary, Cascade, Evil, Virus 101., Stimulate.

Three major parts: Encrypted virus body, Decryption routine varies from
infection to infection, and Mutation engine.

4. Memory Resident –
Installs code in the computer memory. Gets activated for OS run and damages all
files opened at that time, e.g. Randex, CMJ, Meve.

5. Stealth –
Hides its path after infection. It modifies itself hence difficult to detect and masks
the size of infected file, e.g. Frodo, Joshi, Whale.

6. Macro –
Associated with application software like word and excel. When opening the
infected document, macro virus is loaded into main memory and destroys the data
stored in hard disk. As attached with documents; spreads with those infected
documents only, e.g. DMV, Melissa, A, Relax, Nuclear, Word Concept.

7. Hybrids –
Features of various viruses are combined, e.g. Happy99 (Email virus).

Worm:
A worm is a destructive program that fills a computer system with self-replicating
information, clogging the system so that its operations are slowed down or
stopped.

Types of Worm:
1. Email worm – Attaching to fake email messages.
2. Instant messaging worm – Via instant messaging applications using
loopholes in network.
3. Internet worm – Scans systems using OS services.
4. Internet Relay Chat (IRC) worm – Transfers infected files to web sites.
5. Payloads – Delete or encrypt file, install backdoor, creating zombie etc.
6. Worms with good intent – Downloads application patches.
Logical Bomb:
A logical bomb is a destructive program that performs an activity when a certain
action has occurred. These are hidden in programming code. Executes only when
a specific condition is met, e.g. Jerusalem.
Script Virus:
Commonly found script viruses are written using the Visual Basic Scripting
Edition (VBS) and the JavaScript programming language.

Trojan / Backdoor:
Trojan Horse is a destructive program. It usually pretends as computer games or
application software. If executed, the computer system will be damaged. Trojan
Horse usually comes with monitoring tools and key loggers.

These are active only when specific events are alive. These are hidden with
packers, crypters and wrappers.< Hence, difficult to detect through antivirus.
These can use manual removal or firewall precaution.

RootKits:
Collection of tools that allow an attacker to take control of a system.
Can be used to hide evidence of an attacker’s presence and give them backdoor
access.
Can contain log cleaners to remove traces of attacker.
Can be divided as:
– Application or file rootkits: replaces binaries in Linux system
– Kernel: targets kernel of OS and is known as a loadable kernel module (LKM)
Gains control of infected m/c by:
– DLL injection: by injecting malicious DLL (dynamic link library)
– Direct kernel object manipulation: modify kernel structures and directly target
trusted part
of OS
– Hooking: changing applicant’s execution flow