Malware

What is a Malware ? 

Malware, as the name suggests is a malicious software. Computer Scientist and Researcher Yisrael Radai coined the term Malware in 1990. Malware is a software program developed with an intention to invade and corrupt the target system which in turn allows an attacker to steal sensitive information, gain unauthorized access to data or the system, encrypt data and demand a ransom etc. Computers infected with Malware are also used to launch DDoS attacks. In many instances these programs are used to launch attacks against government/banking systems to disrupt their operation or steal sensitive data.

Malware is an umbrella term for different types of malicious software programs.

Different types of Malware ?

• Virus - A self-replicating malicious piece of code that infects other programs, humans contribute in its spread, generally unknowingly.

• Worm - A self-replicating piece of code that spreads via networks, unlike a virus these can run independently without attaching to another program, usually does not require human interaction to spread across the network.

• Root Kit - Trojan horse backdoor tools that modify existing operating system software so that an attacker can keep access to and hide on a machine.

• Backdoor - A program that allows attackers to bypass normal security controls on a system, gaining access on the attackers own terms.

• Ransomware - Takes files/data hostage by encrypting them for a ransom(to decrypt them).

• Trojan Horse - A program that misleads users by appearing genuine, but really masks some hidden malicious functionality. Per greek mythology, the Trojan Horse was a wooden horse that is said to have been used during the Trojan War to enter the city of Troy.

• Combination Malware - A combination of two or more from the ones listed above.

When did it all begin (a brief history lesson) ?

The first recorded Computer Virus was the Creeper Program, created by Bob Thomas in 1971. This was developed as a proof of concept for the possibility of a self replicating software.

First Mac Virus -

Elk Cloner, the first Mac virus, released in 1982, was written by a 15 year old programmer - Rich Skrenta. This virus targeted the Apple ll systems. An Infected disk initiates its spread leading to this virus storing itself in memory. This  virus was attached to a game and would display a poem on the 50th boot, the screen would display this poem rather than playing the game. PFB a snapshot of this poem -

First PC Virus -

While there were other such malicious softwares prior to1986 the first PC virus/malware appeared this year. This was a PC virus named Brain.A. Developed in Pakistan by two brothers Basit and Amjad. This virus could infect the boot sector of floppy drives and disks. The two brothers were unhappy with customers making illegal copies of their software programs thus developed Brain.A with the intention to prevent piracy of their software.

Image Source : Wikipedia

The first Virus to infect the Windows OS was WinVir, created by a person who called himself Masud Khafir, this virus was able to infect the Windows Portable Executable (PE) files.

When did Malwares become tools for profiteering ?

Fizzer released in 2003 was the first malware(worm) created for financial gain. Fizzer is an email worm which remains one of the most widespread viruses. Here is an NBC article dated May 2003 that covers the newly introduced(at the time) Fizzer virus in good detail - https://www.nbcnews.com/id/wbna3078464 

SoBig is another worm that came a bit later but was far more devastating, reportedly causing damages worth 37 billion USD. This worm infected MS Windows machines that were connected to the internet. SoBig was so damaging that Microsoft came out the same year offering 250K USD for information of the creator of this worm. While it is not confirmed Ruslan Ibragimov is attributed to be the original creator of this worm. SoBig was not only a worm but also a Trojan Horse in the sense that it pretended to be something other than a worm.
Here is a CNN article dated Aug 2003 that covers the SoBig worm in good detail - https://edition.cnn.com/2003/TECH/internet/08/21/sobig.virus/index.html 

So Ransomware is a type of Malware, Right ?

This is correct! All Ransomware are a type of Malware however as discussed above Malware has other types as well. Ransomware is taking files hostage by encrypting them and demanding a ransom to decrypt them. The first recorded Ransomware AIDS Trojan dates all the way back to late 1980s, released via a floppy disk your files would be held hostage for a ransom that was to be sent to a P.O. Box in Panama to restore access to these files. Such Ransomware have been around for almost two decades before gaining the popularity they did over the last decade plus. The reason for this popularity is the emergence of Cryptocurrency.

Cryptocurrencies provide an easy way to collect ransom which is largely untraceable. Before the emergence of cryptocurrencies it was not easy collecting ransom from the victims which is why Ransomware has been around for a very long time but never gained the popularity it did post the emergence of cryptocurrencies.

A Snapshot of WannaCrypt Ransomware -

Image Source : Microsoft

What is the estimated cost of these Cybercrime attacks worldwide ?

Please refer snapshot below for the current cost of these attacks, historical trend and the estimated growth over the next few years.

Source : Statistica

How do you know if your machine is infected with Malware ?

Look for these signs and you may have a Malware infection -

• A number of pop-ups appearing frequently, generally contain inappropriate content or advertisements.

• You are unable to shut down your machine.

• You are unable to uninstall software.

• Performance Impact - Your computer slows down considerably.

• Battery drains much faster than expected.

• Your browser has a new search engine which you did not install.

• Your landing page on the browser may change frequently.

• Displays multiple errors on many simple operations.

• Emails are sent, not written by you, generally you would not even notice until much later.

• Look for new icons on your desktop.

How to avoid Malware ?

• Malware generally gets on your machine when you try download pirated content - movies, shows, softwares, games etc. from illegal websites. 

• Through phishing emails.

• When you click on ads placed on suspicious websites etc.

• Be very careful when you are downloading any free softwares, games etc.

How to remove Malware ?

• Keep an anti-virus/malware program from one of the top vendors installed on your computer, also keep it up to date.

• Run/Schedule anti-virus scans regularly.

• When malware is detected try deleting it immediately.

• If it cannot be removed try recovering your operating system, if this does not work you may need to reinstall your operation system.

Blog Images Source :  Image by Kerfin7 on Freepik, Image by Freepik