Wednesday, December 11, 2013

Difference Between Viruses, Trojans, Worms, and Malware

What is Malware?

The word Malware is short for malicious software, and is a general
term used to describe all of the viruses, worms, spyware, and pretty
much anything that is specifically designed to cause harm to your PC
or steal your information.

Viruses Wreak Havoc On Your Files

The term computer virus is often used interchangeably with malware,
though the two don't actually have the same meaning. In the strictest
sense, a virus is a program that copies itself and infects a PC,
spreading from one file to another, and then from one PC to another
when the files are copied or shared.

Most viruses attach themselves to executable files, but some can
target a master boot record, autorun scripts, MS Office macros, or
even in some cases, arbitrary files. Many of these viruses, like CIH,
are designed to render your PC completely inoperable, while others
simply delete or corrupt your files—the general point is that a virus
is designed to cause havoc and break stuff.

You can protect yourself from viruses by making certain your antivirus
application is always updated with the latest definitions and avoiding
suspicious looking files coming through email or otherwise. Pay
special attention to the filename—if the file is supposed to be an
mp3, and the name ends in .mp3.exe, you're dealing with a virus.

Spyware Steals Your Information

Spyware is any software installed on your PC that collects your
information without your knowledge, and sends that information back to
the creator so they can use your personal information in some
nefarious way. This could include keylogging to learn your passwords,
watching your searching habits, changing out your browser home and
search pages, adding obnoxious browser toolbars, or just stealing your
passwords and credit card numbers.

Since spyware is primarily meant to make money at your expense, it
doesn't usually kill your PC—in fact, many people have spyware running
without even realizing it, but generally those that have one spyware
application installed also have a dozen more. Once you've got that
many pieces of software spying on you, your PC is going to become
slow.

What many people don't realize about spyware is that not every
antivirus software is designed to catch spyware. You should check with
the vendor to make sure the application you are using to protect you
from malware is actually checking for spyware as well. If you come
across a PC that is already heavily infected, run a combination of
MalwareBytes and SuperAntiSpyware to clean it thoroughly.

Scareware Holds Your PC for Ransom

Scareware is a relatively new type of attack, where a user is tricked
into downloading what appears to be an antivirus application, which
then proceeds to tell you that your PC is infected with hundreds of
viruses, and can only be cleaned if you pay for a full license. Of
course, these scareware applications are nothing more than malware
that hold your PC hostage until you pay the ransom—in most cases, you
can't uninstall them or even use the PC.

If you manage to come across a PC infected with one of these, your
best bet is to Google the name of the virus and find specific
instructions on how to remove it, but the steps are usually the
same—run a combination of MalwareBytes, SuperAntiSpyware, and maybe
ComboFix if you need to.

Trojan Horses Install a Backdoor

Trojan horses are applications that look like they are doing something
innocuous, but secretly have malicious code that does something else.
In many cases, trojans will create a backdoor that allows your PC to
be remotely controlled, either directly or as part of a botnet—a
network of computers also infected with a trojan or other malicious
software. The major difference between a virus and a trojan is that
trojans don't replicate themselves—they must be installed by an
unwitting user.

Once your PC has been infected with the trojan, it can be used for any
number of nefarious purposes, like a denial of service (DoS) attack
against a web site, a proxy server for concealing attacks, or even
worse—for sending out buckets of spam. Protection against trojans
works the same way as viruses—make sure that your antivirus
application is up to date, don't open suspicious attachments, and
think long and hard before you try and use a downloaded crack for
Photoshop—that's one of malware authors' favorite spots to hide a
trojan.

Worms Infect Through the Network

Computer worms use the network to send copies of themselves to other
PCs, usually utilizing a security hole to travel from one host to the
next, often automatically without user intervention. Because they can
spread so rapidly across a network, infecting every PC in their path,
they tend to be the most well-known type of malware, although many
users still mistakenly refer to them as viruses. Image by me and the
sysop.

Some of the most famous worms include the I LOVE YOU worm, transmitted
as an email attachment, which cost businesses upwards of 5.5 billion
dollars in damage. The Code Red worm defaced 359,000 web sites, SQL
Slammer slowed down the entire internet for a brief period of time,
and the Blaster worm would force your PC to reboot repeatedly.

Because worms often exploit a network vulnerability, they are the one
type of malware that can be partially prevented by making sure your
firewall is enabled and locked down.

No comments:

Post a Comment