How The State & Hackers Hack (And How to Stop Them) – Part 2: Classic Malware & Future Trends

Everyone is familiar with the term Malware - but what is it? This article hopes to provide a basic explanation of the various types of malware, the format they take, and future trends. The follow up article will discuss methods to prevent infections.

Malware is short for 'Malicious Software' and is specifically designed to DISRUPT, DAMAGE, or gain UNAUTHORIZED ACCESS to a computer system – be it laptop, phone, watch, cameras…even car hacking is now on the rise. For some perspective, there are 2 million unique types of malware generated every day in the world. Artificial Intelligence (AI) generated malware is also a growing area as computers learn how to trick humans into giving away login credentials.

WHY YOU SHOULD CARE

Most malware is deployed to make money by hackers and is not necessarily targeting its recipient, you are one of thousands or even millions. A less discussed truth is that alphabet agencies also deploy malware to target an individual, group, or business – something to ponder as we all become branded domestic terrorists. So the best bet is to assume the worst and plan to block all and any types of malware types and methods.

BASIC TYPES OF MALWARE

Virus – A harmful computer program that can copy itself and infect a computer.

Worm – A malicious computer program that can send copies of itself to other computers via a network.

Spyware – Spyware collects information about users' activities without their knowledge or consent and is the James Bond of the malware world. Spyware can obtain passwords, pins, payment information and more.

The use of spyware is not limited to the desktop browser: it can also operate in a critical app or on a mobile phone.

Examples include info stealers, password stealers, keyloggers, Banker Trojans, and Modem Hijackers. Good news – Spyware detections are on the rise.

Adware – Software that automatically plays, displays, or downloads adverts

Trojan horse – A destructive program that fakes being a useful application but instead harms your computer or steals information.

Ransomware – A type of malware that can alter or shutdown the normal operations of a device or network. It encrypts data required to run a system then demands money from the company or agency to decrypt that data.

Keyloggers – Logs the keystrokes of a computer user and sends them to a hacker. Useful for login details and observing the behavior or plans of a target.

Rootkits – Extremely dangerous type of malware that aims to take control of a computer with full admin privileges. Difficult to discover as they are often very good at hiding their presence on a user's computer.

Bots – Bots require no human interaction and are capable of infecting a host on their own. Bots are a kind of advanced form of Worms which can steal passwords, log keystrokes, launch Denial of Service (DoS) attacks and more.

COMMON DELIVERY METHODS

Phishing - Emails can be disguised to look like they are coming from a genuine company for the sole purpose of getting you to reveal personal information.

Above is a classic phishing email example. Note the actual senders email address. It resembles but is clearly different from a genuine Paypal address.

Free software – Files shared through BitTorrent's are generally unsafe because you never know what to expect until they're downloaded

Email attachment – Opening an email attachment that contains malware. 94% of malware originates from emails sent to victims.

This is malicious malware named Bazar Loader on a fake google docs hosted attachment.

Fake Pop-up window – Clicking a fake error or other type of pop-up window that starts a malware download

Visiting Malware infected website – Visiting a site infected with malware

LATEST MALWARE TRENDS IN 2022

Raas (Ransomware as a Service) – A growing industry among the underground hacking community whereby those without the skill or knowledge but the funds can pay to hire a team of professional hackers to perform attacks for them.

The recent Colonial Pipeline attack in 2021 was conducted by the darkside gang, a Russian hacking group. This group was paid to attack by a mystery third party – the identity of this mystery financier has still not been revealed – although the media has generally accused the Russian government.

https://www.senseon.io/blog/raas-the-terrifying-trend-behind-the-colonial-pipeline-attack

News Malware Attacks – Hackers often use current news stories and events to target people with Malware. The Covid-19 outbreak was used by hackers to entice recipients to click a link and learn more information – that link leads to a malicious infected website.

Fleeceware – this malware continues to charge app users despite the apps being deleted. It has been estimated that 600 million android users have been infected with this malware so far – that is 25% of all global users!

IoT Device Attacks – Hackers can use internet-based cameras and mics to spy on unsuspecting residences or companies. Often for sexual reasons but intelligence services also use this method to spy on targets' conversations and planning. They can also act as weak points in a corporations' network and act as a launching point for lateral attacks.

In April 2020 hackers targeted Israel's water treatment facilities through their IoT system, which gave attackers the ability to change, among other things, the level of chlorine.

Social Engineering – Human psychology and deception methods are growing in the hacking community. The hacker will trick customer support agents of a corporation into handing over pieces of sensitive information - this method must be very convincing to be successful.

Malware can initiate a Social Engineering attempt to add authenticity.

SMS Phishing (Smishing) – Hackers or government intelligence send pointed SMS messages to phish the user. Covid-19, stimulus check info are among some recent ways to entice the user to click a link.

Above is a fake Google verification message – This fake SMS appears more realistic because it is cleverly using Google's own URL shortening service to link to a malicious website.

Cryptojacking – This malware is designed to use a person's computing power to 'mine' cryptocurrencies and can be very lucrative. This malware slows down the speed of a target's computer or phone.

Artificial Intelligence (AI) Attacks – Hackers are beginning to program AI scripts and software to carry out devastating attacks – This emerging technology is keeping cyber security professionals awake at night. The use of AI allows hackers to have less concern over time and resources and the destructive and almost limitless ability of AI malware will soon become known by everyone. One upside is that AI is also becoming a popular and successful method to block or prevent attacks.