Viruses, Trojans and Worms Explained

Viruses, Trojans and Worms Explained

Many computer users don’t understand the fundamentals of viruses, worms and trojan infection, commonly referred to as malware (which literally means malicious software) and often consider an attack on their computer as a personal thing.

However, there are many reasons that computers become infected with viruses (not as common as they once were), trojans and worms. Beyond this, there is also the risk of contracting Spyware and Adware, the former of which literally spies on your surfing habits in order to target adverts which you are likely to click on. These kinds of infections are rarely harmful to your computer but are obviously intrusive and often come bundled with free software, which installs a toolbar into your browser.

Once upon a time, email was the biggest risk when it came to becoming infected with malware, usually in the form of an attachment. This still happens and under no circumstances should you ever open an attachment if you don’t know the source. Many of these used to have extensions such as .scr or .exe, but malware authors have become more sophisticated these days and often disguise the attachment as a Word or PDF attachment.

What’s the difference between them?

Viruses attach themselves to a program in your computer and remain inactive until that program is actually run; viruses spread by human action, such as through email where they can attach themselves or file sharing.

Worms are similar to the above but it can travel without human intervention, it can spread across networks and by mailing itself to everyone in your address book. Worms tend to be more damaging to your OS and so are easier to spot – you may find that your anti-virus software becomes inactive, or that when you click on a program to open it, it appears on-screen for a second before disappearing again.

Trojans are a little trickier and are more effective at hiding themselves; they tend to be installed in genuine-looking programs and can then open a ‘back door’ on your machine which allows a criminal to control your machine, steal information and download further malicious programs to it. Unlike the above, trojans don’t self-replicate but have become more sophisticated and much more common in recent years. 

Why do all these things exist?

In the good old days, when hackers were known as professionals, rather than the criminals they are now regarded as, hackers were employed to test ‘holes’ in software and network setups. Whilst plenty of professionals still exist for this purpose, in more recent years what pros refer to as ‘script kiddies’ have emerged onto the hacking scene and seem to be most concerned with who can hack what and show off about it.

Another collection of groups dubbed ‘hacktivists’ have also appeared; these tend to attack large companies for political reasons and aren’t considered dangerous as such. However, they do publish their thefts online, which can include user account information.

OK, so what about the viruses and all that?

For the most part, viruses, trojans and worms exist for one reason, for criminals to make money, large amounts of it. This can be done in a variety of ways, such as banking trojans which trick you into filling in your details on a dummy login page, DDoS attacks, which we will cover later, spamming or identity theft.

The methods used to perform these malicious actions are becoming more sophisticated every day and many people are infected without even being aware of it. This is why it is vital to have anti-virus software installed; these days many security vendors produce suites that protect you in a variety of ways so that you have layers of protection.

It’s not only important that you have security software installed and use any protection built into your operating system (OS), it’s also imperative that you update these, along with any browser and software such as Adobe products and Office products regularly.

Most of the time, you will be prompted to update by the software itself; however, this irritates many people and they simply don’t bother.

The reasons for this are simple; security experts are playing a constant game of catch-up, cybercriminals are continuously looking for ‘holes’ which they can exploit in software in order to gain entry to your machine.

Last November, the FBI took down a huge botnet (again, we will go into these a little further later) and had to put their own servers in place so that infected computers could still access the internet. The botnet, DNSChanger, rerouted traffic from an infected computer to their own servers, where they deluged users with advertisements. 

The FBI closed their servers down recently and it was thought that 300,000 people were still infected and would lose their ability to get onto the net. However, ISPs (Internet Service Providers) have now stepped into the breach and set up many of their own servers.

DNSChanger is not difficult to remove, it’s just that many people don’t see the importance of security and therefore don’t protect their machines.

What’s a Botnet then?

A botnet is usually constructed by either a worm, trojan or both. When a machine is infected, the virus (for want of a better word) communicates with a server controlled by the authors of the infection, called a Command and Control (C&C) server.

Infected computers are often referred to a drones or zombies and they gather information and send it to the C&C servers. However, once enough computers are infected, this means that criminals can perform actions such as sending out mass spam or performing a DDoS attack.

DDoS stands for Distributed Denial of Service and basically sends a request to the infected computers for them to send a large amount of traffic to a website in order to take the site down.

This is often done for reasons of blackmail; imagine, for example, how much money a gambling site takes in an hour. Should their site be down for even that amount of time, then the business would lose millions of pounds. Other DDoS attacks appear to be nothing more than ‘I did it ‘cause I can’ when they attack sites such as Facebook, which is pretty well protected but has suffered an attack in the past.

Why should I care if it’s affecting big companies and not me?

Because every year millions of people have their credit card, banking and identity information stolen, which can prove very costly. Banking trojans especially have become so sophisticated that once they have infected your computer, they have the ability to access your account and then send you a dummy text message telling you that you should login to your banking account.

This then uses something called a ‘browser injection’ which when you open your browser and go to your banking login page, places a dummy one in its place, and tricking you into giving all your passwords etc. away to the criminal.

Windows, Mac OS, Linux

For the most part, Windows-based systems are by far the most affected by malware due in part to the popularity of the OS. Microsoft also has a nasty habit of bringing out OS’ that are full of vulnerabilities (or holes) that cybercriminals quickly find they can exploit.

However, the most popular OS is always going to be the most attacked and this has been somewhat proved recently by the growing amount of malicious apps to be found on the Android platform for mobile phones.

This isn’t to say that Macs can’t get viruses and suchlike, it’s just a lot less common. Whilst Apple themselves and many Mac users have cited Macs as invulnerable for many years, this has recently been disproved by the discovery of a botnet which affected 600,000 Macs across the globe.

Linux-based OS’, such as Ubuntu very rarely get infected due to the way that their systems are updated, as well as the open source community that develops it having always paid attention to security from its inception. Windows really only thought about security after Windows NT came into being, which has created something of a ‘shutting the stable door after the horse has bolted’ effect.

This has caused Microsoft to be blamed by those in the IT world as being responsible for the majority of the cybercriminal activity in the world today.

Facebook, Twitter and Social Media

The rise of social networking has seen a vast increase in spam and ‘survey scams’ and worse. Social sharing means that people share scams without realising that they are harming both themselves and their friends.

Common scams on Facebook are usually spread by ‘social engineering’, this means that a sensationalist headline or picture tempts people to click and this will take them to either a survey, which asks for mobile numbers and signs people up to premium rate services (costing anywhere from £1.50 to £5.00 to receive a text) and generally invites your friends to do the same.

Some pictures on Facebook have a transparent layer overlaid on the photo so that when you click on it, you’re executing a hidden code and become infected with malware, give permissions for the app to spread via your wall and friend’s list and propagate quickly across the social network.

Not only this but plenty of scams exist that ask you to share a picture, perhaps of a sick child, which promises to give money for every share. These are never true and often malicious – it’s vital that people learn not to share and click on everything they see – for constantly updated information on Facebook, email, phishing and other attacks Hoax Slayer is an absolute must see website.

If in doubt, visit Hoax Slayer or give it a quick Google – it takes minutes of your time and could save you both money and heartache.

The big picture

Cyberattacks on countries are becoming very common and infected machines help this come about. The Stuxnet worm was designed to attack an Iranian power plant and spin its machinery out of control. Duqu, known as the ‘son of Stuxnet’ also attacked Iran and collected intelligence information; it’s not known who created these, but the general consensus is that it was state-sponsored for cyber-espionage purposes.

Both the US and UK governments have now begun to realise the danger that cyber-attacks pose. Imagine how many services are used by the internet – a huge attack could take out national power grids and disrupt emergency services, causing chaos and potentially costing lives.

Besides the cost to your pocket, the costs to the country you live in could also be huge and this is one of the biggest reasons that people need learn how to protect themselves online. We live in a connected world; technology has invaded every aspect to our lives. It doesn’t take a huge amount of time and money to protect your machine, so do take the time to learn a little and implement protection.

Click this link to view all the products in our Software Category

Bluezoome works in association with some of the leading UK Online retailers, bringing you reviews and information about top quality products on the market today.

For a simple fastrack route to view all Amazon Products - Click here to vist our Amazon Store

Or you can - Shop at Amazon.co.uk

 

Are you viewing this page from the United States? If so why not take a look at our sister site Bluezoome.com