Avoid Downloading and Installing Malware
Most malware (viruses, trojans, worms, rootkits, spyware, adware, etc.) end up on a user’s computers because the user downloaded and installed it somehow, and in most cases unknowingly.
What can help a user prevent downloading and installing malware and what are some the red flag and common case scenarios where this could happen? This article is intended to answer those questions
Before we talk about how to prevent malware download and installation, let’s first talk about what malware is in the first place.
Malware, the definition
Malware is defined as malicious software. Any software program that’s designed, modified, or manipulated to perform “ill intended” functions against a victim’s device(s) and/or data is malware.
These “ill intended” functions include, but are not limited to: unauthorized remote access control, data lockout (ex: ransomware encryption), data hijacking, recorded/monitored keystroke entry, file corruption, operating system manipulation, total loss of device control, etc.
Let’s take a further look at what some of the various different types of malware that can perform some of the functions mentioned above.
Malware, the different types
Viruses & Worms
Virus- it’s in the name. Just like a human virus (cough, COVID-19) can spread from person to person, a computer virus can spread from device to device. A virus needs to run or execute code on the host computer in order to replicate itself through the file system of a host or to other computers on the network.
Worm- a type of virus that moves very quickly across a local or wide area network often times without any human intervention at all, infecting every device in it’s path that’s vulnerable to it.
Ransomware is software that demands money in exchange for the return of your compromised data. Sometimes ransomware is not legitimately ransomware. This may be a fake message trying to scare people into paying what they already have safe access to.
Crypo-Malware- is ransomware that encrypts all the data on a victims drive and sometimes even the backup drives, making it nearly impossible to recover important files without paying the ransom. Also, even when the ransom is paid often times the attackers either don’t have or don’t know the key needed to decrypt all this data.
Trojans and RATs
Trojan is short for the term Trojan Horse, which is named after the giant horse that the Greeks disguised as a gift that was used to capture the Trojan city of Troy.
Just like the name suggests, this can be a seemingly useful piece of software to the victim. Once it’s downloaded and installed however, this software is used to infect the host computer with malicious code that carries out other unwanted functions behind the scenes.
RAT stands for Remote Access Trojan or Remote Administration Tool. This is a trojan program that allows an attacker to remotely manipulate or completely control the victims device once it’s active.
Spyware is (again, just as the name suggests) software that intends on spying on the victim that has downloaded it. Spyware can do surveillance on a number of different functions including but not limited to, website tracking, microphone eavesdropping, camera monitoring, etc.
Keyloggers a type of spyware that can record and transmit a victim’s keystrokes for an attacker to visualize input of passwords, credit card numbers, social security numbers, etc.
Bot is short for the term robot. This type of malware gets downloaded to a victims computer and the program downloaded is essentially a robot taking commands from a remote attacker.
Botnet is a term used for a collection of computers infected with the same robot. This robot can perform any number of functions that it receives from an attacker often for the purpose of using the host computers to participate in a Distributed Denial of Service or DDoS attack.
This DDoS attack isn’t an attack on the host machines, it’s usually using the victims’ computing and networking resources to launch an attack against a bigger target such as a web server in an effort to make it unreachable by legitimate requests.
Rootkits are essentially designed to go to the lower levels of an operating system to bypass antivirus and anti-malware countermeasures in order to gain super user (root) or administrator level privileges to a victim’s device.
Since these can be inherently invisible to some anti-virus scanners, a specialized rootkit remover may be needed to remove these.
Now that we’ve discussed some of the different types of malware, let’s take a look at how these can commonly be installed to a user’s computer and ways to avoid introducing them to our devices and environments.
Common Entry Methods for Malware
Of course all e-mail links are NOT bad!! There are some e-mail links though that should be avoided like the plague.
Don’t join the ranks of countless individuals who had their lives turned upside down because they allowed an attacker to compromise their system through an e-mail link.
In a previous article we mentioned how to verify e-mails as legitimate or fraudulent. Following the same principles outlined in that article helps us also to avoid clicking malicious links in fraudulent e-mails as well.
Some things to watch for when it comes to e-mail links:
If a friend or family member you haven’t received an e-mail from in 5 or 10 years all of sudden sends you an e-mail that says “Check this out!!” and you have to click a link to do so...you may want to call them just to verify this was actually sent from them.
If you don’t know the sender, verify them as safe using the guidelines in the above mentioned article before clicking any of their links.
Remember this when it comes to e-mail links: when in doubt, do without. You don’t need to see where an e-mail link takes you if you don’t completely trust the authenticity of the e-mail itself or the sender.
You ever see those links at the bottom or the side of a blog site you frequent that say something to the effect of “Try this simple tip to lose 500lbs in a day!!” and has an image of someone who’s never weighed in at over a buck fifty in their life?
No matter how intrigued you are by these links, often times they have NOTHING to do with original entity of the website you happen to be on. In most cases these are paid advertisements, and what’s worse is you have no idea the actual intention of the advertiser...
Believe it or not, malware is big business to cybercriminals and some them will even pay some serious cash for these spots to get a chance at capitalizing on their victims when they follow these links.
“Disguised as Legitimate” Software Download Links
You just bought a printer, you hurry to get it all put together, and then trash everything that came in the box to the dumpster.
You go to turn on your computer to connect to your newly put together printer, only to found out that the installation cd or instructions are now buried under somebody’s leftovers...now what?
Well, no worries. You can go to the internet to download the software needed to make this thing work. But there’s a danger to avoid…
When you go to search for the drivers online, there are many third-party and fake driver sites just waiting for people to come to them instead of the manufacturer of the printer or device.
What’s in it for these guys? Well intentioned third party sites may offer drivers that may work flawlessly, but their endgame may be banking on paid advertisement clicks.
Worse still, malicious websites are REAL. The owner of legitimatelooking-software-drivers.com may have just what victim thinks they are looking for, but in reality they victim is about to voluntarily download and install malware.
We previously posted an article on how to stay safe online that talks about what to look for when it comes to URL links and verifying them as legitimate or not. This can help a user determine whether or not they are in the right place when browsing the web.
Torrent downloading can be used as an efficient way to download a large file or set of files that may be hosted on a single web server without much available bandwidth.
However, in other cases torrent downloading is done to either acquire or make available pirated content such as movies, television series, video games, etc.
In the latter case is usually where the danger lies. Pirated content is usually made available through circumventing protections put in place to prevent pirating, and this content often times can be infected with malware.
Infected Removable Media
Hmm… where did this flash drive come from? If you don’t know, don’t stick into your computer to try and find out.. the drive could be infected with some pretty nasty malware.
This mysterious flash drive could actually have been left on purpose by means of a malicious technique called baiting, that we mentioned in the article: Be on Guard Against Social Engineering.
Drive by Downloads
The long and short: you visit a site, a file gets downloaded to your computer, now its infected...the end.
That short story above was not to scare you into never browsing the web again...This sort of malware infection is best avoided by only visiting trusted web pages.
There are browsers and browser extensions made by some pretty reputable names that constantly inspect web pages for malicious content and can even tell you if a webpage is safe or not in some cases even before you click the link to go to it.
Since there are always new cyber threats emerging, keeping your operating systems, software, and networking devices up to date with the latest software, patch, and firmware updates and only installing software from trusted and verified sources can serve as a protection against new exploits.
Make sure also that if you are running anti-virus/anti-malware software that these are kept up-to-date with the latest signatures to make them as effective as possible against new and emerging malware threats.
To make sure your system is as safe as possible, be as safe as possible, and avoid voluntarily introducing infections to your devices.
Hopefully this article helped to identify some areas where more caution can be exercised to protect what’s yours, namely, your devices and your data.
If you found this article helpful, be sure to share it on your favorite social media platform. Thanks for reading!!