Virus Education

From ETCwiki
Revision as of 16:28, 15 June 2014 by Ddxfish (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

This is designed to be an education page about Viruses and Malware, aimed at helping people better understand the differences.


Descriptions

Some basic descriptions of the types of Viruses and Malware that you may come across

What is a Virus?

A virus is a program or piece of code that is designed to act in a malicious way to you, your data, or your computer. Virus is a large category containing many sub-types I will go over here.

Trojan

A trojan is a virus that comes in a special package. The trojan virus is hidden inside a program or file that looks to be normal and uninfected. Once opened, the file releases the trojan into the computer to complete it's mission.

Worm

A worm virus is one that can spread without human interaction. Worms are tiny programs that look for "open holes" (ports) to get into other computers. Their main goal is to reproduce as fast as possible and without human help. The worm can contain a "payload" which is released when something triggers the worm, and cause anything from minor speed issues to a complete shutdown of industrial facilities.

Rootkit

A rootkit is a type of virus that allows "backdoor access" to a computer without the knowledge of the user. The computer can be modified, hacked, broken, etc all using the rootkit as the access point. Rootkits are designed to be stealthy, and they are the hardest to detect on a computer.

Botnets

Botnets are the result of specific types of viruses. Once you install a botnet virus, your computer the gives complete control of itself to whoever made the botnet virus. The computer is then left alone until it is called upon to do tasks. The tasks involve overloading websites with lots of page loads, using your computer as a spam relay for emails, or any number of malicious acts that require the power of a botnet of 1000+ computers.


What is Malware?

Malware is very similar to viruses. The intent of malware is more focused than a virus. Basic malware may be aimed at slowing down your computer, or causing it to malfunction. More advanced type of malware steal passwords, hijack your computer and worse.

Adware

Adware is one of the most popular types of malware. Adware displays advertisements on your computer when normally it would not be. If you click on the ads, the creator of the Adware gets money. The more people infected, the more money the programmer makes.

Spyware

Spyware is a type of malware that is intended to collect data about you and send it to the spyware's maker. Spyware can target logins and passwords, credit card and bank information, and personal information like address and phone. The data stolen from the computer by the spyware usually goes into a large list and is sold to hackers, crackers, spammers, and other malicious internet threats.

Ransomware

One of the most malicious types of malware is ransomware. Ransomware is a virus that loads onto your computer and says you cannot use your computer until you transfer money to someone. A common fake threat is an FBI warning saying you have been downloading illegal files, and that you need to pay $50 to re-activate your connection. Ransomware will literally prevent you from using the computer whatsoever, and is one of the more damaging types of viruses.

Toolbars

Toolbars are not always considered malware, but here is why I think they should be. A toolbar can see every site you visit, how long you spend on sites, what you type into search bars, then sends that information to a large company where they keep records on you. Later, this information will be used to get inside your head so they can advertise to you in a more effective way, and get more of your money. Toolbar users frequently have a profile on file with a 3rd party, and they never know about it.


How do Viruses infect computers?

User Interaction

This is the main way Viruses and Malware get into a computer - the user OKs it. In 99% of all virus cases I see, a user had opened a document or program they got from the internet or email and it contained a virus. The virus cannot infect your computer without someone giving it permission (i.e. opening the file). Once you open the file in question, the virus can do as it pleases on your data and computer.

Program Installs

A new popular theme in the adware world is to package "free toolbars", "free extra programs" with legitimate programs as a free bonus. These toolbars and extra programs are in 99% of all cases USELESS, and more than half of the time they are an actual risk to your privacy.

Toolbars

Toolbars are usually packaged with "free software" you can download from the internet. Toolbars should be all be considered spyware. Never install toolbars!

Coupon Programs

Some of the most malicious code I have seen recently has come from coupon programs. I was tasked to find one without spyware and I could not find a single one. I recommend avoiding coupon programs.

Fake protection programs

If you are on a website, and see an ad that says "Your computer is infected!", do not click it. There is no way they can know if you are infected over the internet, and they will usually offer you a program to remove the infection. Very often these "protection programs" are a virus themselves.

Fake Speed Optimizers

This is a very popular method to target less knowledgeable computer users who feel like their computer has gotten slower. Speed optimizers are not actually a real thing, because to optimize speed I remove programs, not install them. There are very few speed optimization programs that do anything good for you.

Automatic Infection

This type of virus can infect a computer with no human interaction. These viruses are pretty rare (less than 1%), so do not jump to this conclusion as your source. Sometimes, with outdated software, a security hole allows a virus to automatically infect the computer without a human clicking OK.

Outdated Software

Any large piece of software will end up releasing a security flaw in their product, and an update to fix it - it happens to all software. If you do not update that software, there could be a "hole" in it to allow viruses and hackers to do things to your computer. Updating software is a good idea to keep your computer free of security flaws.

Updated Software

Yes, this is exactly the opposite of the Outdated software section. Sometimes updates to software actually contain security holes that people just don't know yet. Updating software can cause a loophole in your software that allows hackers to get in. Updating once a month is a good idea still, as there is no way to know or prevent this type of hole a virus could access.

Script Hacker

There are people that have developed automated scripts, usually run on computers in other countries. These scripts roam the internet and test for active computers. When they are found, the scripts then try to guess the password for that computer. When they succeed, the script installs a "backdoor" or something like a rootkit. They save your password, then move on, saving your computer for later use.


How Do I Avoid Getting A Virus?

Program Protection

Antivirus

Antivirus is becoming a rather outdated form of protection at this point. It is good for removing viruses, but it is becoming harder and harder to prevent viruses with antivirus programs. That being said, if you want what extra protection it gives, it can help somewhat.

Antispyware

It is a good idea to run an antispyware program on your computer. Malwarebytes Anti-Malware (if installed) can scan a file when you right click on it in Windows. It only checks for SOME viruses so keep that in mind.

VirusTotal

VirusTotal has a program you can download that allows you to submit suspicious files by right clicking them in Windows. "VirusTotal Uploader" is the name of the program. You can simply right click a file, Send To, VirusTotal Uploader. This is freeware, and is one of the best ways to know if a file is safe.

Being Cautious

Check files before you open them

If you have a file and want to know before you open it whether it is infected, scan it! VirusTotal is a website that allows you to upload a single file, which is then scanned by 40+ different antivirus programs, and the results are displayed to you. You can also scan with other programs that may be on your computer (Antivirus, Antimalware)

No Toolbars

Never under any circumstance allow a toolbar to be installed on your computer. Your information will leak to third parties who will then use it to get your money.

No Extra Programs

When you get a program that offers to install yet another, free, additional program, deny it. Download single programs as you need them and install those. The free extra programs offered usually install yet more software on the computer if you allow it.


Definitions

  • Adware - A piece of software that delivers advertizements on your computer
  • Antimalware - A program that helps detect or protect against malware
  • Antispyware - A program that helps detect or protect against spyware
  • Antivirus - A program that helps protect against virus infections
  • Botnet Virus - A virus that can turn users computers into bots that perform hacking tasks
  • Denial of Service - When a computer is so overloaded it cannot be used
  • Malware - A malicious piece of software that aims at destruction of data or denial of service
  • Ransomware - A virus that claims you need to pay to get your computer back (never pay!)
  • Rootkit - A very stealthy virus that gives a hacker a "backdoor" to the computer
  • Scareware - A fake virus scanner that always says it detects major infections, and to upgrade (give them money) to fix it
  • Spyware - A malicious piece of software that aims at stealing personal data and giving to its creator
  • Toolbar - A bar near the top of a web browser that did not come with the browser
  • Trojan - A virus disguised as a legitimate piece of software, but contains a virus
  • Virus - A malicious piece of code that replicates itself
  • Worm - A virus that focuses on self replicating (spreading)