Internet Security Threats Articles | Kaspersky Lab US

PC, Mac, Smartphone and Tablet users are under ever-evolving threat from computer viruses and malware. Taking action means understanding what you're up against. Here's a look at the major types of malware and their potential impact.

Brief Overview

The term "malware" — an amalgamation of malicious and software — is now used to describe any malicious program on a computer or mobile device. These programs are installed without the consent of users and can cause a number of unpleasant effects, such as crippling computer performance, mining your system for personal data, erasing data or even adversely affecting the operation of computer-controlled hardware. As hackers develop more sophisticated ways to infiltrate user systems, the malware market has exploded. Let's look at some of the most common types of malware seen in the wild.

1. Computer Viruses

Computer viruses earned their name due to their ability to "infect" multiple files on a computer. They spread to other machines when infected files are sent via email or when carried by users on physical media, such as USB drives or (in the early days) floppy disks. According to the National Institute of Standards and Technology (NIST), the first computer virus, called "Brain," was developed in 1986. Tired of customers pirating software from their shop, two brothers claim to have designed the virus to infect the boot sector of software thieves' floppy disks; when the disks were copied, the virus was passed on.

2. Worms

Unlike viruses, worms don't require human help in order to spread and infect: they infect once and then use computer networks to spread to other machines — without the help of users. By exploiting network vulnerabilities — such as weaknesses in email programs — worms can send out thousands of copies of themselves in the hope of infecting new systems, where the process begins again. While many worms simply "ate" system resources, thus reducing performance, most now contain malicious "payloads" designed to steal or delete files.

3. Adware

One of the most common online nuisances is adware. The programs automatically deliver advertisements to host computers. Familiar types of adware include pop-up ads on webpages and in-program advertising that often accompanies "free" software. While some adware is relatively harmless, other variants use tracking tools to glean information about your location or browser history and serve up targeted ads to your screen. As noted by BetaNews, a new form of adware has been detected that can disable your antivirus software. Since adware is installed with people's knowledge and consent, such programs can't be termed malware: typically, they're identified as "potentially unwanted programs."

4. Spyware

Spyware does just what it says: It spies on what you're doing at your computer. It collects data such as keystrokes, browsing habits and even login information, which is then sent to third parties, typically cybercriminals. It may also modify specific security settings on your computer or interferes with network connections. According to TechEye, emerging forms of spyware may allow companies to track user behavior across multiple devices without their consent.

5. Ransomware

Ransomware infects your computer, then encrypts sensitive data such as personal documents or photos and demands a ransom for their release. If you refuse to pay, the data is deleted. Some ransomware variants lock out all access to your computer. They might claim to be the work of legitimate law enforcement agencies and suggest that you've been caught doing something bad. In June 2015, the FBI's Internet Crime Complaint Center received complaints from users reporting $18 million in losses from a common ransomware threat called CryptoWall.

6. Bots

Bots are programs designed to automatically carry out specific operations. They're useful for many legitimate purposes, but have also been repurposed as a type of malware. Once on a computer, bots can cause the machine to execute specific commands without the user's approval or knowledge. Hackers may also try to infect multiple computers with the same bot to create a "botnet" (short for robot network), which can then be used to remotely manage compromised computers — to steal sensitive data, to spy on the victim's activities, to distribute spam automatically or to launch devastating DDoS attacks on computer networks.

7. Rootkits

Rootkits allow remote access or control of a computer by a third party. These programs are useful for IT professionals trying to troubleshoot network issues at a distance, but they can easily become nefarious: Once installed on your computer, rootkits allow attackers to take complete control of your machine to steal data or install other pieces of malware. Rootkits are designed to go unnoticed and actively hide their presence. Detecting this kind of malicious code requires manual monitoring for unusual behavior, along with regularly patching your operating system and software to eliminate potential infection routes.

8. Trojan Horses

Commonly called "Trojans," these programs hide in plain sight by masquerading as legitimate files or software. Once downloaded and installed, Trojans make changes to a computer and carry out malicious activities, without the knowledge or consent of the victim.

9. Bugs

Bugs — flaws in pieces of software code — are not a type of malware but mistakes made by a programmer. They can have detrimental effects on your computer, such as freezing, crashing or reducing performance. Security bugs, meanwhile, act as easy ways for attackers to slip past your defenses and infect your machine. While better security control on the developer end helps eliminate bugs, it's also critical to apply software patches, which address specific bugs in the wild.

Myths and Facts

There are a number of common myths surrounding computer viruses:

  • Any computer error message indicates virus infection. This is false — error messages can also be caused by faulty hardware or software bugs.
  • Viruses and Warms Always require user-interaction. False. Code must be executed in order for a virus to infect a computer, but this doesn't require user-interaction. For example, a network worm can infect automatically if certain vulnerabilities exist on a user's computer.
  • Email attachments from known senders are safe. Not true, because they might have been infected by a virus and be used to spread the infection. Even if you know the sender, don't open anything you aren't sure about.
  • Antivirus programs will stop all threats. While antivirus vendors do their best to stay on top of malware developments, it's important to run a comprehensive Internet security product that includes technologies specifically designed to proactively block threats. Even then, of course, there's no such thing as 100 percent security. So, it's important to adopt an online common sense to reduce your exposure to attack.
  • Viruses can inflict physical damage on your computer. What if bad code makes your machine overheat or destroys critical microchips? Antivirus providers have debunked this myth multiple times — damage like this simply isn't possible.

The rise of interconnected devices across the Internet of Things (IoT), meanwhile, raises further interesting possibilities: What if an infected car is run off the road, or an infected "smart" oven is directed to put out maximum heat until it overloads? The future of malware may make this kind of physical damage a reality.

People have a number of misconceptions about malware, such as the assumption that infection is obvious. Often, users assume they'll know if their computer has been compromised. Typically, however, malware doesn't leave a trail to follow, and your system will display no signs of infection.

Similarly, don't believe that all reputable websites are safe. If hackers can compromise legitimate websites with infected code, users are more likely to download files or give up their personal information; according to SecurityWeek, that's exactly what happened to World Bank. In the same vein, many users believe their personal data — photos, documents and files — aren't worth anything to malware creators. Cybercriminals mine publicly available data, to target individuals or to gather intelligence that helps them create spear-phishing emails to sneak inside organizations.

Common Infection Methods

So how does your computer become infected by computer viruses or malware? There are several common ways. These include clicking on links to malicious sites in email messages or messages in social networks, visiting a compromised website (known as a drive-by download) and inserting an infected USB flash drive in your computer. Operating system and application vulnerabilities make it easy for cybercriminals to install malware on computers. So it's vital that you apply security updates as soon as they become available to reduce your exposure to risk.

Cybercriminals often make use of social engineering to trick you into doing something that jeopardizes your security or the security of the company you work for. Phishing emails are one of the most common methods. You receive an email that looks legitimate and convinces you to download an infected file or visit a malicious website. Here, the goal of hackers is to create something you find convincing, such as a supposed virus warning, notification from your bank or message from an old friend.

Confidential data, such as passwords, are a key target of cybercriminals. As well as using malware to capture passwords as they are typed, cybercriminals also collect passwords from websites and other computers they have been able to hack. That's why it's so important that you use a unique, complex password for each online account. This means 15 characters or more, made up of letters, numbers and special characters. This way, if one account is compromised, cybercriminals don't get access to all your online accounts. Of course, if you use easy-to-guess passwords, cybercriminals may not need to compromise your machine or the website of an online provider. Unfortunately, most users have woefully weak passwords. Instead of using strong, hard-to-guess passwords, they rely on standbys, like "123456" or "Password123," which are easy for attackers to guess. Even security questions may not act as an effective barrier, because many people give the same answer: If the question is "What's your favorite food?" and you're in the United States, "Pizza" is a common answer.

Signs You're Infected

While most malware leaves no telltale signs and leaves your computer operating normally, sometimes there can be indications that you might be infected. Reduced performance tops the list — this includes slow-running processes, windows that take longer to load than usual and seemingly random programs running in the background. You may also notice that Internet homepages have been changed in your browser, or that pop-up ads are occurring more frequently than usual. In some cases, malware can also impact more basic computer functions: Windows may not open at all, and you may be unable to connect to the Internet or access higher-level system control functions. If you suspect that your computer might be infected, scan your system immediately. If nothing is found, but you're still in doubt, get a second opinion — run an alternative antivirus scanner.