Skip to main content

Know Your Enemy: From Adware to Worms, the Whats and Hows of Common Cyber Attacks

Know Your Enemy: From Adware to Worms, the Whats and Hows of Common Cyber Attacks

Know Your Enemy: From Adware to Worms, the Whats and Hows of Common Cyber Attacks Cyber crime is no longer the province of the computer super-geek. In fact, it can almost be said to have gone mainstream with exploit lists, downloadable network tools and scripts – even hacking IT supportall available online at bargain prices.
As with any threat to our homes and businesses, knowing the nature of the threat we face helps us to minimize the danger.
Unless you are working for a big company or organization, it is unlikely that you will face a concerted cyber-attack, but there are enough nasties out there to cause damage and loss to your sensitive data if you don’t take the right precautions.

Six types of malware and how they work

The term ‘malware’ simply stands for ‘malicious software’ and is an umbrella term for all the harmful pieces of computer code designed to steal data, cause disruption or take control of devices.

1. Adware

Adware is simply software that contains integrated advertising materials often in the form of pop-ups or other visually prominent material. Adware can be a gray area as it is often legitimately included as part of a bundle to allow a service to be used free of charge or at a reduced price.
However, if you are tricked into downloading adware, if it is designed to be difficult or impossible to remove or if it downloads itself through browser vulnerabilities, it can rightly be thought of as malware.

2. Ransomware

Ransomware is a popular form of malware that is characterized by two things: it locks away or threatens to delete data as it asks for money – usually in a cryptocurrency like Bitcoins – to save or unlock it. Ransomware can take the form of a Trojan horse, virus, worm, or blended attack. (See below.) The May 2017 WannaCry attack was an example of a ransomware worm.

3. Spyware

Spyware often comes packaged with adware. Its purpose is to covertly collect data and pass it back to the author of the code.

4. Trojan Horse

Adware, ransomware and spyware are defined by what they do whereas trojan horses, viruses and worms are defined by how they work. A trojan horse is a malicious program that is designed to mimic another type of program (e.g. an anti-virus, screensaver, etc.) in order to avoid detection.
Unlike viruses and worms, trojan horses are rarely able to replicate themselves but are often used to steal data, alter or damage files, or create a ‘back door’ to facilitate remote control. Remote controlled devices are often recruited as part of a ‘botnet’ for launching attacks on other devices or networks.

5. Virus

A virus is a piece of code with the ability to replicate itself. It is introduced into another program and runs when that program is executed. Since most viruses reside on an executable file, they need to be activated by the recipient before they can do their damage. However, there is a subset of viruses that need no human assistance to spread.

6. Worm

Unlike its namesake, a computer worm is actually a type of self-sending virus that uses a system’s inbuilt transport features to infect further devices before replicating itself. A worm’s main method of attack is via system vulnerabilities, but authors may use social engineering tactics (see below) to initially introduce the malware into an unsuspecting victim’s device.
A blended attack uses one or more of the above methods and can be extremely potent once installed.

 Attack Strategies

There are two main attack vectors through which malware gains access to devices and networks:

1. Drive-by download/install

Drive-by attacks generally target vulnerabilities in browsers or insecure third-party API calls. The malware is introduced simply by browsing an infected website and may be encrypted to foil anti-virus programs. Most drive-by downloads can be thwarted by ensuring operating systems have been updated with the latest security patches.

2. Social engineering (phishing and pharming)

Whereas drive-by attacks can be triggered automatically or with minimal human input, social engineering attacks rely on human behavior to bypass safeguards. Phishing is the most widely mentioned tactic for targeting computer users. This is the practice of hiding malware behind emails or websites designed to look like legitimate organizations (banks, tax collection services, social media sites, shopping sites, etc.).
The strategy offers either a reward (prize, free gift, voucher, etc.) or a warning (stolen data, compromised password, etc.) in the hope that the recipient will drop their guard and click a link, download a file, or execute a similar action. Avoiding phishing attacks is best achieved through security education.
Pharming is an even more insidious tactic in that it poisons the host computer’s DNS cache or even an ISP’s DNS server so that a browser is redirected to a fake version of an intended website.
If you are concerned about any aspect of cyber security, you may wish to consider investing in high-quality IT consulting for tailored advice on creating an action plan for your business.

Popular posts from this blog

Hidden Wiki

Welcome to The Hidden WikiNew hidden wiki url 2015 http://zqktlwi4fecvo6ri.onion Add it to bookmarks and spread it!!!
Editor's picks Bored? Pick a random page from the article index and replace one of these slots with it.
The Matrix - Very nice to read. How to Exit the Matrix - Learn how to Protect yourself and your rights, online and off. Verifying PGP signatures - A short and simple how-to guide. In Praise Of Hawala - Anonymous informal value transfer system. Volunteer Here are five different things that you can help us out with.
Plunder other hidden service lists for links and place them here! File the SnapBBSIndex links wherever they go. Set external links to HTTPS where available, good certificate, and same content. Care to start recording onionland's history? Check out Onionland's Museum Perform Dead Services Duties. Introduction PointsAhmia.fi - Clearnet search engine for Tor Hidden Services (allows you to add new sites to its database). DuckDuckGo - A Hidden S…

[SOLVED] IDM WAS REGISTERED WITH A FAKE SERIAL NUMBER

[SOLVED] IDM WAS REGISTERED WITH A FAKE SERIAL NUMBER
Good News [May 08, 2015]: IDM developers got smarter, but the crackers are always a step ahead. Follow this article and send an email to uglyduckblog@gmail.com if you are desperate. I can NOT post any crack here for legal reasons. Happy Downloading with IDM. ;) *********** first tip is to use latest crack for idm from  onhax.net idm universal web crack and make sure u are using all latest vers I am sure many of us are too much dependent on Internet Download Manager a.k.a. IDM. The main reason didn’t permanently switch to linux was IDM. I mainly use it for batch downloading and download streaming videos. Till yesterday, IDM was working fine with me (of course with fake serial numbers, keygen, crack, patch etc. which could be found with little effort). But few days ago, with the latest update version 6.18 build 7 (released on Nov 09, 2013) Internet Download Manager was literally had a breakthrough and crushed all the serial numbers, …

Mouse, touchpad, and keyboard problems in Windows

Mouse, touchpad, and keyboard problems in Windows Introduction This tutorial is designed to help you identify and fix common mouse, touchpad, and keyboard problems in Windows. It doesn't cover device problems related to specific programs. Mouse, touchpad, and keyboard problems can have a number of causes: Cables that aren't connected properly Incorrect device settings Missing updates Corrupted or incompatible drivers Hardware problems Check hardware Many mouse, touchpad, and keyboard problems are caused by hardware that isn't set up properly. Here's some information about how to check your device, make sure cables are connected properly, make sure the hardware has power, and check the settings. Make sure cables are connected properly Check that all cables are plugged in to the correct locations. This can include mouse and keyboard, PS2 and USB cables, and, in some cases, external USB touchpad cables. Disconnect USB cables and wait for a short time for the device drive…