Cybersecurity As Relatable As Possible — Malware (#2)
2024-1-24 00:40:59 Author: infosecwriteups.com(查看原文) 阅读量:32 收藏

Cyb3r Philosoph3r 🌐

InfoSec Write-ups

Although phishing is a term for another day. The funny thing about that tweet is like locking the front door while leaving the windows wide open.

It’s kind of silly but reminds us that cybersecurity is trickier than we might think. USBs can be a problem, but, seriously, there’s more to watch out for.

Image from: iStock

Welcome to the world of malware — where threats aren’t confined to USBs alone.

“Malware”, It’s a big word people throw around, but is not crystal clear. If you’ve started learning about computers but unsure what ‘malware’ means, don’t stress, let’s dive in together. We’ll explore various types and see why it’s not just viruses from USBs.

Oh, and we’ll even use some analogies along the way.

If you’re new here; welcome to the ARAP series — an adventure into demystifying cybersecurity through analogies, aiming to enlighten newcomers and entertain the enthusiasts. We just try to make things As Relatable As Possible.

If the “hard” in hardware means physical/tangible, the “mal” in malware means “bad”. When you hear malware, It is an umbrella term for digital threats aimed at messing with computers.

Malware, short for malicious software, refers to a broad category of software designed to infiltrate, disrupt, damage, or gain unauthorized access to computer systems and networks.

There are several types of malware, each with its own specific characteristics and purposes. They all follow a collective tenet though — waiting for an opportunity to wreak havoc on your computer, steal your data, or hold your digital life hostage.

Imagine malware as a notorious gang of cyber troublemakers, The Legion. Among their ranks is virus, the most infamous type and the leader of this malicious group, it replicates itself and infects files like a contagious illness.

But this gang isn’t a one-trick operation; it boasts a variety of members — worm, trojan, ransomware, adware, botnet, spyware, and more.

Each with its own sneaky method of causing chaos, either being ceated/recruited for their activities or arising from system vulnerabilities.

As the head of this criminal gang, the virus holds the most notoriety. It operates with cunning strategy, much like a skilled forger creating counterfeit documents for hidden agendas.

From: Yale University art gallery

Imagine a vibrant city where an esteemed artist’s studio crafts genuine, exquisite paintings. Now, envision a crafty forger; here, embodying the virus. This guy excels at replicating artists’ styles and techniques.

One fateful day, the forger slips into the artist’s studio unnoticed. With remarkable precision, they craft flawless copies of the artist’s paintings, each bearing identical signatures and appearances to the originals.

These replicas discreetly replace the authentic ones on the walls. Unbeknownst to all, these forgeries harbor subtle alterations that disrupt the originals’ harmony once displayed.

As unwitting buyers acquire these replicated artworks, they unknowingly introduce the forgeries into their homes, galleries and collections.

Over time, issues arise: colors start to fade, canvases distort, and the artwork’s quality deteriorates, causing confusion among art enthusiasts.

Similarly, viruses attach themselves to clean files and replicate like biological viruses, spreading through systems or networks. Once activated, they cause damage, corrupt files, and disrupt operations.

Most often, they spread through shared software or files between devices. And yes, including through USBs.

In The Legion, they are similar to viruses, but these ones have a knack for swift multiplication.

Think of them like a team of pickpockets working seamlessly in a bustling crowd, aiming to pick every pocket clean.

Computer worms can be classified as a type of computer virus, but there are several characteristics that distinguish computer worms from regular viruses.

A major difference is that computer worms have the ability to self-replicate and spread independently while viruses rely on human activity to spread (like running a program or opening a file).

Worms often spread by sending mass emails with infected attachments to users’ contacts.

In computers. Worms work to “eat” the system operating files and data files until the drive is empty without drawing attention.

They do this by exploiting vulnerabilities in networks or software to spread rapidly without needing human interaction. Once in, they can replicate themselves across networks.

Now here comes the most dangerous member of The Legion. Just like an impersonator who gains access to restricted areas by pretending to be someone else, a Trojan horse wears a camouflage to deceive the victim to gain entry into their lives.

In The Legion, he is the con artist.

After the wooden horse full of Greek soldiers described in Homer’s Odyssey. It has come to mean any malware hidden in software or a Web page that people voluntarily download.

A Trojan horse, commonly known as a “Trojan,” is a type of malware that disguises itself as a normal file or program to trick users into downloading and installing malware.

A Trojan can give a malicious party remote access to an infected computer. Once an attacker has access to an infected computer, it is possible for the attacker to steal data (logins, financial data, even electronic money), install more malware, modify files, monitor user activity (screen watching, key logging, etc), use the computer in botnets, and anonymize internet activity by the attacker.

Comparable to a kidnapper who holds someone hostage for ransom, in the case of our analogy, they are up when The Legion gang needs to target high profile victims to expand their criminal empire financially.

Let’s reuse the art gallery as analogy. Picture yourself as the owner of a highly valuable art gallery filled with priceless paintings and sculptures.

One day, a group of sophisticated kidnappers breaks into your gallery, using advanced techniques to lock away each piece of art in secure, impenetrable boxes.

Image from: iStock

Their message is clear:

unless a substantial ransom is paid, the keys to unlock these vaults won’t be provided.

And the art remains hostage indefinitely.

They’ve essentially kidnapped your precious artwork and demand a ransom for its safe return.

Yet, similar to real-life hostage situations, paying the ransom doesn’t guarantee data recovery. Worse, it could mark you as a repeat target, enticing further attacks.

Ransomwares come in various types, designed to encrypt or lock away your valuable data, demanding payment — often in cryptocurrencies like Bitcoin.

Much like the persistent street vendor eagerly pushing products with relentless ad. Similarly, adware creators profit by bombarding you with intrusive advertisements; ugh ! I know.

They profit when users interact with the ads, click on them, or get redirected to sponsored websites.

More so, just as the persistent street vendor can annoy and frustrate people in the marketplace, adware disrupts users’ online experiences, slowing down browsing speeds and cluttering screens with unwanted content.

Remember the CIA triad from our previous article? Adware threatens availability, hampering your system’s accessibility.

Here comes the most sociopathic member of the Legion gang. His job is to gather information and study the target for The Legion as discretely as possible.

Just as a relentless spy shadows your every move, recording your conversations and tracking your whereabouts, spyware slinks into devices — computers, smartphones, or tablets, without your knowledge.

Once inside a device, spyware silently observes and collects various types of information such as browsing habits, keystrokes, login credentials, personal conversations, or financial data.

Image from: Bloomberg.com

This stolen information is then transmitted to a remote server controlled by the spyware’s creators (hackers).

How can these information be useful ? Well the collected data can be used for various malicious purposes, including identity theft, financial fraud, espionage, or targeted advertising.

I mean, data breach is soup for bad actors

So, much like a private investigator compiling a detailed dossier on an individual, spyware gathers a wealth of sensitive information without the user’s permission, potentially compromising their privacy and security.

This one’s fun ! Think of a botnet as a crime boss silently controlling an army of minions, each unaware of their role until they receive orders.

Similarly, botnets can consist of thousands or even millions of compromised devices, all working together under the remote command of the operator without the owners’ knowledge.

The danger lies in the collective power of these compromised devices. When coordinated, they can execute large-scale attacks, overwhelm servers, and cause significant disruptions or damage to targeted systems or networks.

These attacks might include launching coordinated cyberattacks, sending spam emails, stealing sensitive data, or conducting Distributed Denial of Service (DDoS) attacks..

In the world of zeros and ones, these puppet devices are like zombies, moving around, clueless about what they’re up to but very dangerous.

There is more to the story. Just like in an organization where besides the main folks, there are janitors and other helpers making things work smoothly, The Legion is quite similar.

There are loads more of malware out there, but the ones we’ve talked about are the big ones. Some are similar, just more specific.

Take spyware and keyloggers for instance; spyware is the general watcher, while the keylogger is a pro at spying.

Here’s a quick listing of the others:

Logic Bomb, Polymorphic Malware, Macro Virus, Boot Sector Virus, Mobile Malware (for Android and iOS threats), Browser Hijacker, Exploit Kits, Rootkit, Backdoor, Dropper, Scareware, Grayware, Remote Access Trojan (RAT), Phishing Attacks (not fully malware but used together).

Understanding that malware is just bad software is key.

However, Talking about computer security aims to make people aware and help prevent these issues.

After all, you can’t prevent what you don’t understand. It’s not just about thinking viruses only come from USBs.

So, how do you prevent from them? Here are a few ways:

1. Install Antivirus: Think of this as your local police force chasing away the digital criminals we talked about. Antivirus software uses signatures to catch different types of malware. It also scans programs already on your device, looking for any suspicious behavior.

2. Firewall (or Router): These act like guards at a party entrance — no outsider gets in without an invite.

Image from: Quora

3. User Awareness (!): Seriously, this is the most crucial. Pay attention, especially to this one.

In essence, malware isn’t just viruses; there are different types, each with its unique way of causing trouble.

You’ve just learned one of the most important things in cybersecurity, and I hope you use this knowledge to stay safe.

Now, can you RELATE?😃

Stay protected,

Have fun,

And catch you next week! 🚀


文章来源: https://infosecwriteups.com/cybersecurity-as-relatable-as-possible-malware-2-6167918ee15d?source=rss----7b722bfd1b8d---4
如有侵权请联系:admin#unsafe.sh