Technology & automation has become a crucial part of our lives today!
Every aspect of the world is somehow connected to technology. There are different tools that are used to increase the productivity of individuals as well as organizations.
While most of the tools are used for ethical practices, there are some who use them for unethical purposes. Nowadays, digital safety has the same importance as physical safety. There are many types of attacks and vulnerabilities that could be used to cause trouble for any targeted individual or organization.
In this blog, we will have a quick glance at how malware and viruses can harm you. So, activate your birds eye view and explore the potential threats.
According to computer historians, the first virus was created in 1970. It was a worm known as the Creeper Worm. It self-replicated and copied itself across the whole ARPANET. When the worm was activated, it displayed a message “I'm the creeper, catch me if you can!”.
This was the first instance when people came to know about the unethical uses of the internet and technology. Viruses have evolved ever since and today there are multiple variants of viruses and malware that may tamper with your system.
However, today we have various virus cleaner that help to combat the preceding threats of malware bytes.
When it comes to unethical practices, there are many ways in which hackers or malpractitioners can misuse the power of technology. They can use malware, worms, keyloggers etcetera to get access to your system.
They might do it to attain monetary benefits or to invade your privacy. There could be multiple other reasons too, but the important part is, how do we keep ourselves safe from such attacks.
To avail that solution let's first understand what are the different threats that could harm you.
Ransomware is a software that if activated will encrypt all your files. It will only be accessible when a particular key is entered. The hackers may ask for extortion money or any other favors in exchange for the key.
No virus scan or malware removal technique will work until you have the key. You will not be able to access your data until you pay the required amount.
A famous example of ransomware is Robin Hood. The city of Baltimore was hit by this malware in 2019. It halted all the city activities including tax collections, property transfers and government emails. The hackers demanded $18 Million for the key.
Fileless Malware makes changes to the files that are a crucial part of the operating system. It cannot be tracked by antimalware software because the changes are made to the necessary files in the system. During the scan, these files are recognized as legitimate requirements.
A well-known example is Astaroth. It is a fileless malware campaign that spams users with links to a .LNK file. After downloading the file, a WMIC tool is launched along with a number of legitimate windows tools. It is totally invisible to any virus checker.
The tool operates in the memory so that no evidence of the attack can be tracked. After that the attacker downloads trojan into the systems, which leads to stealing all the credentials.
Spyware collects users' data and information without consent. This information includes passwords, pins and payment details. Spyware is not only used for desktop browsers, but it can also operate on your smartphones.
A perfect example of spyware would be DarkHotel. DarkHotel targets business and government employees using the hotel Wi-Fi. They manage to procure the credentials and other sensitive information about their targets.
Adwares are a bit similar to spyware. However, they do not record or publish your sensitive information, rather they focus on your location, your habits, your friends, your hobbies and many more. This information is sold to advertisers. After that you will be shown customized ads that are based on your interest.
A proper example of Adware will be Fireball, an adware that infected about 250 million computer devices. It hijacks browsers to change their default search engine and track web activity.
Trojan virus is considered as one of the most dangerous viruses and it justifies its position. The virus disguises itself as software. It can be embedded in any software, patch or any other file that you might download from the internet. It can hide in games, apps or even the attachments in emails.
One of the well-known trojan attacks is Emotet. It is a banking trojan that has been hiding itself since 2014. It can evade signature-based detection and spread some modules that can help it propagate without any external help.
The hacker just needs to put trojan once on your system and it will be there maybe for a lifetime.
Worms are viruses that enter your system and further install themselves into networks. They can gain access through multiple backdoors, unintentional software vulnerabilities or through flash devices. Once activated they can be used to launch DDoS attacks or conduct various ransomware attacks.
A very popular example of worms would be Stutxnet. It was introduced in Iran via a flash drive. It was only designed to interfere with industrial controllers, however, when done on a large scale, it had a huge impact.
A virus is a set of code that is embedded in an application and runs with the app. Once executed they might be used to steal sensitive data or breach the system. Just like any other virus, computer viruses also require a host to affect the system.
A very famous example of computer viruses is the ILOVEYOU virus. It appears as a love confession on the target’s email. Once he/she clicks the email, it automatically sends itself to everyone in the email list of individuals.
Rootkits are accessibility thieves that allow hackers to remotely access the system. It comes packed with softwares or downloads done from unauthorized sources. They can also be spread through phishing, malicious email attachments and compromised google drive links.
Zacinlo is a popular example of rootkits. It infects the system when users download fake VPN apps. It opens invisible browsers and interacts with the search to open up a page. Then it clicks on ads which increases the number of clicks for that particular ad.
A keylogger is spyware that was initially intended to be used for ethical purposes. It has proved to be helpful for keeping track of employees. Many parents use it to keep an eye on their children. However, when used for malicious purposes it can steal banking information, passwords and other sensitive information.
A very popular example of keylogger is Olympic Vision. It uses social engineering techniques and spear-phishing to infect its target’s system. The main purpose of this malware is to track the transactions of a business, or an organization.
A bot is software that has a set of instructions embedded in it. They are mostly used for legitimate purposes such as indexing search engines. However, when used for unethical objectives, it converts into a self-propagating malware that can connect to the central server. It can be used to launch DDoS attacks.
Echobot is a well-known example. It attacks the IOT devices and exploits over 50 vulnerabilities. It could be used to interrupt supply chains, steal sensitive data and perform full-fledged corporate sabotage.
Just as there is malware for computer systems, mobile devices possess the same level of threat. The malware could be distributed via emails, phishing and malicious downloads. Jailbroken phones are more prone to this malware as they do not have the authentic safety mechanism. Even iPhone that is considered to provide the best safety features are not fully secure. iPhone virus is specifically designed so that it could tamper with the operating system of iPhone.
One such example of mobile malware is Triada. It is infused into the supply chain when millions of Android devices are shipped. Triada gains access to sensitive areas in the operating system. It is used to install spam apps on your device. These apps have their own advertisements that are sometimes inappropriate.
Wiper malware, as the name suggests, wipes away all the user's data and makes it impossible to be recovered. This is done to take down any private or public computer network. It can also be done just for the sole purpose of harming any institution. Sometimes hackers may do it to cover up their traces. This will weaken the ability of the victim and they cannot respond properly.
On January 15th, 2022, a malware named WhisperGate was deployed against Ukranian targets. This malware corrupted local disks and left the users with zero data in their system. It technically destroyed the whole directory of information that the country had.
These were some of the malwares that could be used to create nuisance for users. Yet there are many people who take good care of their system and are untouched by these malwares. However, using social engineering techniques hackers try to slide in these malwares in their systems.
You may be wondering, how?
Well, lets take a look at the social engineering techniques, hackers use to manipulate you