Well folks, it’s actually been a slow Malware week this week, so I thought I might break from our regular format and instead define some of the terms I have been using in previous posts.
So, what does Malware mean?
Malware is short for “Malicious Software”, and is a general term used to describe any software that is designed to disrupt computer operation, gather sensitive information, or gain access to a private computer system. Malware is a very broad term, and can refer to several different families of malicious software, including Viruses, Ransomware, Trojans, Rootkits, Keyloggers, Spyware, and Backdoors. Each of these terms I will define in more detail below:
The term “Computer Virus” is named after it’s medical counterpart, because it has the ability to replicate itself, and spread from one computer to another. Unfortunately, the term “Virus” is used commonly, but incorrectly, to describe most other types of Malware. If you are interested in learning more about Computer Viruses, and the methods they use to replicate, check out this excellent Wikipedia article on the subject.
Ransomware is sometimes also referred to as cryptoviruses, cryptotrojans, or scareware. Ransomware is a class of Malware that is designed to restrict access to the computer system that it infects and then demands the end user pay a ransom to regain that functionality. Some Ransomware will encrypt files so that they cannot be opened, and some will simply lock the entire system, rendering it unusable.
The term Trojan comes from the Trojan Horse story in Greek Mythology. it is named this because it appears to provide a useful function (ie, a free software download), but instead, or in addition, facilitates unauthorised access to the user’s computer system. Trojan horses typically try to stay hidden, and steal information or install a backdoor allowing the attacker to control the computer.
A Rootkit is a piece of stealth software designed to hide the existence of another piece of Malware. Detecting a Rootkit can be very difficult, and removal can be complicated, and sometimes practically impossible.
A Keylogger, or keystroke logger, is designed to record or log the keys struck on a keyboard in a covert way. In the context of Malware, a Keylogger would typically capture this data 24/7, and then transfer it back to the attacked at regular intervals. The most common use of a Keylogger is to capture user-names and passwords typed in by the user.
Spyware is software that gathers information about a person or organisation without their knowledge. The first documented case of Spyware was in an educational software package called “Reader Rabbit” by Mattel toy company. A user of the software discovered that the software was covertly sending usage data back to Mattel. Since then, the term Spyware has been used to describe this activity.
Backdoors are given the name because they allow an attacker to more easily gain remote control of a computer after they have initially compromised it.
The definitions above are a brief overview as if we were to explain in detail all of the common methods used to create and deploy these types of Malware, it would be enough content to fill a book!
If you’re interested in knowing more about a particular type of Malware, or have come across a Malware term that I haven’t defined here, please shoot me an email to firstname.lastname@example.org. I will expand upon this article based on your feedback.
Do you have any questions, comments? Email us on email@example.com.
Interested in receiving these in your inbox as we write them? Simply fill in your email below and click “Sign me up!”