HomeSecurity Testing Concepts

Security Testing – Different types of Malware

Security Testing – Different types of Malware
Malware is a short form of the malicious software program on infecting the targeted system will give full or partial control of the targeted system to the attacker (i.e. creator of malware). The following are different types of malware that an attacker can create and get it installed on the targeted systems:
  • Virus is a malicious program which is capable of creating copies of itself by modifying other computer programs and thereby infecting them with an intention of corrupting the system or destroying the data.
  • Worm is a malicious program which is capable of replicating itself with an intention of spreading to other computers and causing harm to the network by consuming its bandwidth. Though worm passes through many computers in its journey of replication, it won’t corrupt the system data.
  • Trojan is a malicious program which makes the users believe that it is a trusted software. Once the users get tricked and install Trojan software on their systems, the cybercriminals will gain access to your system with an intention of spying, stealing, deleting, blocking, modifying sensitive data and reducing the performance of your computers & networks. Trojans cannot replicate themselves, instead, they trick the users into making them believe that they are legitimate software.
  • Adware is a free software on infecting the computer will display commercial advertisements to collect user behavior information and send to the advertisers. These ads will continue displaying on the computer even after un-installing the freely installed software.
  • Spyware is a malicious program which is designed to gather data from the system and pass it to the attackers without the knowledge of the user. These malicious programs generally spy the activities performed by the user in the system with an intention of stealing confidential data like passwords, credit card numbers, card pins etc.
  • Rootkit is a malicious program, which when installed by the hackers on the victim’s machines by exploiting and gaining access. The Rootkit, when installed on victims machine, will give complete admin level access to the targeted computer/network. The purpose of Rootkit is to transform the temporary access into always open access.
  • Ransomware is a malicious program which infects the victim’s system, encrypts the files on the hard drive, locks it and display the message on the system to force/blackmail the user in paying money for getting it unlocked.
  • Greyware is a software program which is not classified as malware, but when infected decreases the performance of computers and causes security threats.
  • Keyloggers are a type of spyware when installing on a system by a hacker will record the keyboard strokes, save them into a log file and sent it to the hackers with an intention of revealing the information typed by the users.
  • Phishing is an attempt performed by hackers for stealing sensitive information like user-names, passwords, and credit card details by redirecting him to a fake website similar to the original website. As part of phishing, the hackers may create a fake website whose look and feel will be similar to the actual website by just changing the URL of the website.
  • Tracking Cookies are text files created in the web browsers and used by the hackers with an intention of tracking the user activities on their web browsers.
  • Crimeware is a malicious program whose purpose is to conduct malicious and illegal activities online. Crimeware is specifically meant to conduct illegal activities like stealing the information and gaining access to the financial accounts of the online users.
  • Malware Spam – SPAM is nothing but unwanted bull/excessive emails/information sent to the users with an intention of suppressing the required messages or for commercial purpose. SPAM emails can be used as a means for spreading different types of Malware and can be called as Malware SPAM.
  • Malware Bots – BOTS are also known as internal robots/spiders/crawlers/web bots etc. are generally used by big companies like Google with an intention of automatically performing repetitive jobs such as indexing a search engine etc. Malware Bots created with a bad intention are used to gain total control over the computer, compromising a network of computers and other devices. Malware Bots have the worm-like ability to replicate with an intention of performing illegal activities like gathering passwords, recording Log keystrokes, obtaining financial information, launching DoS attacks, open back doors on the infected computer and exploit back doors opened by the viruses and worms.
  • Backdoor – For example, you have locked the main door of your home with a lock by accidentally keeping the back door open. In this case, the thieves can easily bypass the security measures you placed at your home by simply entering your home from your back door. Similarly, in the computer world, the backdoor is a malicious program created with an intention of bypassing normal authentication by targeting the vulnerable/backdoor entry points in the software. The hackers will then remotely access the confidential and private information in the system using the identified entry points which bypass the security measures of the software and keeping themselves in hiding mode.
  • Malware Dialers are spyware programs which are created with an intention of getting themselves installed into your dial-up setting and then modifies your telephone connection number to dial via premium rate number which is chargeable. As a result, the users will end up getting very expensive telephone bills.
  • Browser Hijackers are malicious programs when infected will modify the browser settings and will replace the home page, error page, search engine with an intention of advertising and earning the revenue from it.
  • Pharming is a malicious program on infecting the system will redirect the users to the fraudulent copy of the websites even though the user has browsed a legitimate website.
  • Riskware is legitimate software which is not designed for the malicious purpose. But this software can be used by the hackers by installing them on the user machines with a purpose of hacking. For example, a legitimate software for connecting remotely to the system can be installed into a computer by a hacker to access it remotely without the knowledge of the user.
  • And many more.
Different types of Malware
Different types of Malware
Conclusion: Malware is a short form of malicious software programs which will infect the targeted system with different intentions like gaining access, stealing data, robbing money, displaying advertisements and so on. There are several preventive measures for protecting the system from getting infected with these different types of malware.

Please leave your questions/comments/feedback below.

Happy Learning 🙂

Arun Motoori (www.QAFox.com)

Comments (4)

Leave a Reply

Your email address will not be published. Required fields are marked *