Today we will be continuing from my previous post on Viruses and Malware. We will be covering 3 more types of common computer malware and we will learn what they are and how they work.
Let’s start with one of the more common types of malware which is Adware!
The simple definition of Adware is unwanted software which displays advertisements on your screen. This most commonly occurs on a website browser such as Internet Explorer, Google Chrome or Mozilla Firefox.
However, Adware is not to be confused with genuine adverts that run on websites which are a genuine source of revenue for the website owner. Adware is designed to place false adverts over the top of the website which is then tricks users into clicking on them.
Let’s explain in more detail how Adware works. Adware, or advertising-supported software, is software that generates online advertisements in the user interface. These adverts may be implemented in a variety of ways such as a static box display, a banner display, a video, or a pop-up advert. Although Adware is most common in web browsers, they can pop up during every day use in an Operating System.
How is Adware installed? Well Adware is most commonly installed by accident by the end user and often in secret. It’s most common when the end user installs pirate copies of software which have been downloaded from an unknown source. However, Adware can still appear when installing legitimate software if the software vendors website has been compromised and the download tampered with.
If you would like to research Adware in even more detail here is a link to a Wikipedia page on Adware.
The 007 of Computer Malware?!
Computer Spyware is another common type of Malware that can be found on computers. We have seen a lot of cases of Spyware infected machines in our workshop, but what is so secretive about Spyware?
We will start with the simple fact that Spyware is designed to run in the background of your computer without the end user even realising it is there. It’s programmed to be covert, most of the time, it is used to gather information and then send it off to its developer. Like a secret service spy hiding in plain sight, gathering intelligence and then sending it back to MI5.
Spyware is a blanket term given to software that is designed to gather information about your computer and the things you do on it. It then sends this information over the internet to a third party. Although Spyware can be used legitimately it is mostly used for malicious purposes, aiming to gather personal information such as credit card details, usernames and passwords which can then be exploited and used for fraud.
It can pose major privacy and security risks as some types of Spyware can record instant messages, Skype chats, control webcams (use them like security camera and record the footage), take screenshots of your computer screen and even send audio to your computer. The data gathered could in turn be used as leverage for black mail demands.
There are known cases of people having had their webcams accessed and footage of them being saved by the perpetrator and held for a ransom. Others have had perpetrators access their security cameras in their house to check if anyone is home before breaking in. As for businesses spyware could gather hundreds of thousands of confidential documents that could get the business is serious financial and reputation trouble if released to the public.
How does it get onto your computer and how would you avoid infection?
Often spyware is covertly downloaded along with software that you’ve chosen to install, such as a video or software you’ve downloaded from a peer to peer file-sharing network. It typically piggybacks on freeware or you may inadvertently pick up spyware while surfing the internet. You could be persuaded to click on a pop-up window offering a prize, a free PC scan or urging you to download essential software – but instead you’ll be opening a door to the spyware.
These days most people accept end-user agreements on software without reading the tedious small print. This is where notifications of user tracking and advert delivery tend to be placed and a lot of Spyware developers know this and exploit it.
More on Spyware can be found here.
A few key tips to follow to help prevent infection;
- Make sure your security software includes protection against spyware AND that it is updated regularly (This is very important).
- Be careful what you download and ensure that you understand what the program will do.
- Only download files from known and trusted sources.
- Avoid clickable adverts.
- Beware of “free” anti-spyware tools.
Keyloggers
We’re at the climax of the blog post however we still have 1 more type of malware to talk about which is the infamous Keylogger.
You may have heard the term Keylogger before but what is one?
Well a keylogger can be considered a type of Spyware as it is designed to work covertly with a malicious intent. It’s a piece of software that tracks and logs the key strokes on your keyboard., typically without the end user knowing. The Keyloggers aim is to obtain credit card information, passwords and other personal information that may be typed into your computer. Keyloggers can also be present in the form of hardware connected to the PC such as a memory stick or in a software version.
Banks fully understand the severity of Keyloggers and the threat they can pose to their clients. Therefore, most online banking websites now ask you to only enter certain characters of a password so that in the event of a Keylogger being present on your machine they will only get 2 or 3 letters of it. Many of them have also now moved to a process where you will use your mouse to select the character instead of a keyboard.
If you would like to dive deeper into what Keyloggers do and the threat, they offer here is a link to a Wikipedia page on them.
If you have any questions regarding what we have discussed in the blog post please feel free to contact us on 01553 692727 or pop an email over to [email protected].
Stay safe,
Brodie
