Malware is any code that can be used to steal information, and it can access controls, or damage or disrupt the device.
Below are some common malware types:
- Spyware: This malware is designed to spy and monitor the user. Spyware also involves behavior trackers, data capture, and keystroke collection. Spyware also switches security settings to circumvent security measures. Spyware also consists of legitimate applications or Trojan horses.
- Adware: These ads are programmed to deliver the advertisement automatically. Adware is also installed with specific device versions. Some adware has been developed only to deliver advertisements, but adware with spyware is also popular.
- Bot: By the word computer, bot malware is programmed to act automatically, usually online. But most bots are harmless, and malicious bots are increasingly used as botnets. Several computers are infected with bots that are configured to wait silently for attacker commands.
- Ransomware: This malware is designed to hold a computer device, or the data that it contains a payment is made. Ransomware usually works by encrypting computer data with a user-free key. Many other ransomware versions will use device vulnerabilities to disable the machine. Ransomware is spread via a downloaded file or weakness in software.
- Scareware: This is a type of malware designed to persuade the user to take a specific action based on fear. Scareware forges pop-up windows that resemble operating system dialogue windows. These windows convey forged messages stating the system is at risk or needs the execution of a specific program to return to normal operation. In reality, no problems were assessed or detected, and if the user agrees and clears the mentioned program to execute, his or her system will be infected with malware.
- Rootkit: This malware is designed to allow the operating system to create a backdoor. Attackers then use the backdoor for remote access to the device. Most rootkits use program vulnerabilities to scale control and change device files. Rootkits are also famous for changing the forensic systems and monitoring tools to make them very difficult to detect. A rootkit infected computer often needs to be wiped and reinstalled.
- Virus: This virus a malicious code attached to other executable files, which are often legitimate programs. Most viruses that need to be activated by end-users may be activated at a particular time or date. Viruses can be harmless and can simply display pictures to be destructive, for example, by modifying or deleting data. To prevent detection, viruses can also be programmed to mutate—most viruses via USB drives, optical disks, network shares, and e-mail.
- Trojan horse: A Trojan horse is malware that carries out malicious operations under the guise of the desired operation. This malicious code exploits the privileges of the user that runs it. Often, Trojans are found in image files, audio files, or games. A Trojan horse differs from a virus because it binds itself to non-executable files.
- Worms: Worms are malicious code that replicates itself by network exploiting vulnerabilities independently. Worms slow down networks usually. While a virus requires a host the program, worms can run on their own. Other than the initial infection, user participation is no longer required. After a host is infected, the worm can spread over the network very fast. Worms share patterns of some kind. They all have a vulnerability, a way to spread, and they all have a payload.
- Man-In-The-Middle (MitM): MitM allows the attacker to control a device without the knowledge of the user. The attacker can intercept and capture user information before relaying it to the intended destination. MitM attacks are widely-used for robbing financial information. There are many malware and techniques available to assailants with MitM capabilities.
- Man-In-The-Mobile (MitMo): A variation of man-in-middle, MitMo is a type of attack used to take control over a mobile device. When infected, the mobile device can be instructed to exfiltrate user-sensitive information and send it to the attackers. Zeus, an example of an exploit with MitMo capabilities, allows attackers quietly to capture 2-step verification SMS messages sent to users.