28 Major Malware Types and How to Avoid or Remove Them

by Mohammad Nadeem 1,305 views0

Unfortunately, most computer users have experienced the painful effects of malware: malicious software, code snippets, or content designed to carry out nefarious acts against your systems—even if just to wreak general havoc.

Volumes have been written about the myriad of malware types and the vast range of malicious software programs associated with each. The following are 13 of the most common types and how to combat them.

1. Adware

Source Malware-detective.com.
Source Malware-detective.com.

Adware is software that enables the display of banner advertisements when the program is running.

2. Trojan

Source: uob.com.sg.
Source: uob.com.sg.

These programs seem to be legitimate and even useful, effectively tricking users into its installation and use.

3. Virus

Source: Kasperskylab.com.
Source: Kasperskylab.com.

Malicious software designed to copy itself and propagate from one system to another—usually by attaching itself to program files.

4. Worm

Source: Wikimedia Commons.
Source: Wikimedia Commons.

A worm will infect other computers but—unlike viruses—do not propagate by infecting other files. Worms are known for their self-replication abilities.

5. Backdoor

maxresdefault
Source: Mr. RemoveVirus / YouTube.com.

A program that installs itself in such a way that the infected computer can be accessed and controlled remotely from anywhere.

6. Greyware

Source: Wikimedia Commons.
Source: Wikimedia Commons.

Greyware is essentially software that may be viewed as useful in some cases but which also includes components that may be seen as malicious or annoying in other contexts.

7. Bot/Botnet

Source: Wikimedia Commons.
Source: Wikimedia Commons.

This particular type of malware uses a network of computers—called a botnet—manipulated by a robot under the control of a cyber attacker or bad actor.

8. IRC Bots

Source: Trustwave.com.
Source: Trustwave.com.

An IRC bot is a set of scripts or an independent program that connects to Internet Relay Chat (IRC) as a client, and so appears to other IRC users as another user. The owner/attacker then uses it to launch spam and DDoS attacks.

9. Dropper

Source: security.foi.hr.
Source: security.foi.hr.

A dropper is a program that has been designed to “install” some sort of malware (virus, backdoor, etc.) to a target system.

10. Browser Hijacker

Source: ctijournal.com.
Source: ctijournal.com.

This term covers a range of malicious software, but generally speaking browser hijacking software is external code that changes browser settings—usually without the user’s knowledge.

11. Keystroke (key) Logger

Source: Wikimedia Commons.
Source: Wikimedia Commons.

Keystroke loggers—or key loggers for short—are programs that capture and send which keys are pressed on a keyboard to a third party, usually a cyber attacker or bad actor.

12. Phishing

Source: it.sheridancollege.ca.
Source: it.sheridancollege.ca.

Phishing is a common form of social engineering that uses impersonation—usually in the form of confirmation/validation emails—to steal user credentials and other information.

13. Smishing

Source: niiconsulting.com.
Source: niiconsulting.com.

Smishing is essentially phishing on mobile devices. The “sm” is derived from SMS, the protocol used by cyber attackers to transmit smishing text messages.

14. Ransomware

Source: Wikimedia Commons.
Source: Wikimedia Commons.

Ransomware encrypts a computer’s files and alerts the user that an amount must be paid for the decryption key to be disclosed—usually before a specified deadline, pending deletion.

15. Rogueware

Source: Techpatio.com.
Source: Techpatio.com.

Rogueware is fake software that attempts to steal money from users by tricking them into paying for the removal of nonexistent threats.

16. Rootkit

Source: Pcmag.com.
Source: Pcmag.com.

Rootkits are software designed to open up areas of a computer or software—such as the kernel or reserved memory spaces—that it would not otherwise be allowed to access.

17. Spam

Source: Wikimedia Commons.
Source: Wikimedia Commons.

Spam is simply junk email or unsolicited bulk email that often contains malicious elements for setting up bigger cyber attacks.

18. Image Spam

Source: Wikimedia Commons.
Source: Wikimedia Commons.

Image spam uses images as all or part of an email’s text in a popular attack method known as “clickjacking,” where users are tricked into revealing confidential information or relenting control of their computers while clicking on seemingly innocuous web page elements (e.g., images, text, etc.).

19. Scareware

Source: Macobservers.com.
Source: Macobservers.com.

Scareware comprises several classes of scam software that are of limited or no benefit to users, sold to consumers via certain unethical marketing practices—sometimes carrying malicious payloads.

20. Spyware

Source: Howstuffworks.com.
Source: Howstuffworks.com.

Spyware are programs that collect information about a person or an organization without that entity’s consent and/or knowing.

21. Vishing

Source: Financialfraudauction.org.uk.
Source: Financialfraudauction.org.uk.

Vishing attackers use the phone to scam users into giving up privileged information that in turn will be used for identity theft.

22. DNS Changer Malware

Source: Fbi.gov.
Source: Fbi.gov.

This type of malware modifies a computer’s Domain Name Service (DNS) settings to point to the attacker’s rogue servers, which then injected their own advertising into websites and pages.

23. IP Spoofing Malware

Source: Hackingloops.com.
Source: Hackingloops.com.

In this highly common attack method, an attacker sends IP packets from a false source IP address to hide its true origins.

24. Tracking Cookie

Source: norton.com.
Source: norton.com.

Though usually inocuous, tracking cookies allow vendors and third-parties to track, store, and share your personal information. Cookies are also commonly used by cyber attackers for nefarious purposes.

25. Pharming

Source: Techrepublic.com.
Source: Techrepublic.com.

Pharming works by installing malicious code on computer or server that allows traffic to be misdirected to another imposter website without the user’s knowledge or consent.

26. Vienna

Source: Malware.wikia.com.
Source: Malware.wikia.com.

A bit of a throwback—but no doubt still considered a threat to the handful of MS-DOS users still in existence. Vienna is a virus that—when triggered—searches for .com files on the system and infects one of them.

27. Cutwail Botnet

Source: news.softpedia.com.
Source: news.softpedia.com.

This botnet–one of the largest of its type to date—affects Microsoft Windows computers, forcing them to send spam emails en masse.

28. Hybrid Malware

Source: my.infotex.com.
Source: my.infotex.com.

As its name implies, hybrid malware combines various types of malicious software and techniques for a specific malicious purpose.

Prevention and Countermeasures

Antivirus solutions are increasingly ineffective for combating malware and other types of cyber threats. Current defenses that rely on known malware fingerprints or signatures will clearly fail in the presence of unknown threats. The best two measures for maintaining a strong security posture are still personal vigilance—being aware of current cyber threats, not opening suspicious emails, avoiding dubious websites—and staying on top of operating system and software patches/updates.

 

Source(s):

  • M. Bailey, J. Oberheide, J. Andersen, Z. M. Mao, F. Jahanian, and J. Nazario. Automated Classification and Analysis of Internet Malware.
  • Malware Analysis – International Journal of Scientific & Engineering Research Volume 4, Issue 1 by Samanvay Gupta.

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>