Month: August 2015

What you should know about malware

Malware also known as malicious software is any file or program meant to harm computer users. These include worms, Trojan horses, viruses and spyware. Malicious software collects data about a computer use without consent. These malicious codes use ordinary tools of communication to spread including Trojan horses dropped from websites, worms transmitted through instant messages and emails and virus-infected files downloaded from peer-to-peer connections.

Malicious software can be used to steal information stealthily or spy on computer users without their knowledge. Malicious codes can also be utilized to cause harm by sabotaging or extorting money from users. Unknown to most people, these harmful programs are usually disguised or embedded in non-malicious files.

Initially most of the harmful programs were designed for experimental purposes or pranks. With time it was realized that these programs could be used to generate money or acquire valuable information from computer users. Today governments and black hat hackers regularly use malicious programs to acquire business or personal information.

Malware is often used against corporate or government websites to collect guarded data or interfere with their normal operations. Malicious programs can also be used against individual computer users to get data such as passwords, credit card or bank numbers as well as personal identification numbers.

At the beginning of 2015, most malware programs were perceived to be using a combination of various techniques to avoid detection. These include:

Confusing automated tools detection techniques-this is done to enable the program to avoid being detected by well-known technologies such as antivirus software. They accomplish this by modifying the serve used by the harmful program.

Internet data obfuscating-this is done to avoid detection of the malicious codes by automated tools.

Timing-based evasion-this is when the malicious program runs during certain times or when particular actions are initiated by the computer user. Timing-based evasion techniques exploit vulnerabilities such as those that occur during the booting process.

Basically malicious software exploits security defects in the operating system or applications such as browsers. Malicious codes can also exploit loopholes or bugs such as buffer overrun weaknesses where software meant to store data in a particular region of the memory does not stop influx of extra information compared to what the buffer can accommodate to be supplied. When harmful programs provide information that is more than what the buffer can handle, this ensures that when the payload is accessed it executes orders from the attacker and not from the legitimate software.

Since malicious program attacks are becoming quite common, attention is shifting from spyware and virus protection to protection against these harmful programs. Today there is a specific anti-malware and anti-virus program known as real-time or on-access scanner. This software goes deep into the operating system’s kernel and works just like harmful programs but with the permission of the user to protect the system.

Ultimately anti-malware program can deal successful with malware into 2 ways:

1. Detect and remove malware already installed on a computer. Software used for this purposes scans the content of the operating system, registry and programs installed on the computer. It then compiles a list of existing threats and allows the user to select which infected file to keep or delete.

2. Provide protection against installation of malicious codes on a computer. This type of protection functions in the same way as that of antivirus protection. It scans all incoming data for malware and blocks infected files.