A Complete Guide to Malicious Software: From Viruses to Spyware

Malicious Software (Malware)

Definition

Malicious Software — known as Malware — refers to programs that resemble ordinary software we use regularly, but carry a harmful nature and perform unwanted functions. These functions range from displaying annoying advertisements to causing severe system damage that leads to complete data destruction. Malware also performs data theft operations, stealing passwords and sensitive files and sending them to external parties, in addition to infecting internal network devices.

Types of Malware and How They Work

1. Infectious Malware

• Viruses — Programs capable of copying themselves and spreading to other computers by merging with existing files and data, causing data corruption and software malfunctions. They require a host medium to spread across a network. Some viruses may consume the computer's memory entirely or display annoying messages to the user.

• Worms — Programs that spread themselves across a network to infect other computers without needing a host medium, exploiting security vulnerabilities in software or operating systems. They are more dangerous than viruses due to their rapid spread.

2. Silent Malware

• Trojan Horses — Any program that invites the user to run it while hiding harmful intentions. The results can range from immediately deleting all user files to installing malicious programs on the user's system to serve the creator's long-term goals. Examples include instant messaging apps that install spyware like WildTangent, P2P sharing programs like Kazaa and eMule bundled with adware, and programs that claim to speed up browsing but instead change browser settings to serve third parties for advertising purposes.

• Backdoors — One of the most important methods used to bypass normal authentication systems. They occur when a system is breached and the attacker opens backdoor vulnerabilities to make future access easier.

• Rootkits — A technique used to hide malware after it is installed on a system. Rootkits achieve this concealment by modifying host system files so the malicious program remains hidden from the user. They may also prevent the malware's process from appearing in the list of running programs, or prevent its files from being read.

3. Profit-Driven Malware

• Spyware — Software that secretly collects information about users and sends it to external parties interested in data collection. The information gathered ranges from a list of websites the user visits to their address, operating system details, credit card data, chat logs, correspondence, email addresses, and even the type of internet connection and IP address.

• Keyloggers — Malware that records the user's keystrokes when entering a password, credit card number, or any other useful information, then automatically sends it to the program's creator — enabling credit card theft and other forms of fraud. Similarly, it can copy a software license key or online game password, allowing theft of accounts or other virtual assets.

Methods of Spread

1. Storage media — Malware transfers from an infected computer to a clean one through storage media such as USB flash drives.
2. Bundled with other software — Malware is packaged alongside legitimate programs.
3. Exploiting security vulnerabilities — In operating systems or programs such as web browsers, typically through suspicious websites that offer free software or free license keys.
4. Instant messaging — Through direct chat and file transfer programs between contacts.
5. Email — A common method for spreading malware, sent as attachments in emails.

Prevention Methods

1. Do not open any file attached to a message from a known person unless you were expecting that file. If you are unsure, verify with your contact through another communication channel.
2. Do not open or read messages from unknown senders with suspicious subject lines such as: I love you, Your money, You win — as some email clients may execute them automatically.
3. It is advisable not to view messages formatted in HTML.
4. Download software only from official websites. Never download files from strangers — whether via email, instant messaging, suspicious websites, or any other method.
5. Scan any file you intend to download with an antivirus program to check for malware.
6. Back up your files regularly and store backups outside your device — this will protect you in case a virus infects your system and deletes files.
7. Keep all your software updated to avoid security vulnerabilities.