Scribd
Upload
39 views4 pages

Malware Note

The document provides an overview of malware, defining it as malicious software designed to damage or disrupt systems. It categorizes malware into types such as viruses, worms, Trojans, ransomware, spyware, adware, rootkits, and botnets, each with distinct characteristics and prevention methods. Additionally, it discusses common attack vectors, detection and prevention tools, and emphasizes the importance of cybersecurity practices and user education.

Uploaded by

awwalbrowns
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
39 views4 pages

Malware Note

The document provides an overview of malware, defining it as malicious software designed to damage or disrupt systems. It categorizes malware into types such as viruses, worms, Trojans, ransomware, spyware, adware, rootkits, and botnets, each with distinct characteristics and prevention methods. Additionally, it discusses common attack vectors, detection and prevention tools, and emphasizes the importance of cybersecurity practices and user education.

Uploaded by

awwalbrowns
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

📘 Cybersecurity – Types of Malware and

Threats

🔶 Introduction to Malware
Malware (short for malicious software) is any software intentionally designed to cause damage
to a computer, server, client, or network.

📌 Goal: Disrupt, damage, gain unauthorized access, or steal data.

Malware is a key component of many cyberattacks, and understanding it is critical for any
cybersecurity or IT professional.

🔷 Categories of Malware
Type Description Examples
Virus Attaches to clean files and spreads to others File infectors, macro viruses
Self-replicates across networks without human
Worm Morris worm, WannaCry
intervention
Fake antivirus, backdoor
Trojan Disguises as legitimate software
Trojans
CryptoLocker, WannaCry,
Ransomware Locks or encrypts data; demands ransom
Petya
Spyware Secretly monitors user activity Keyloggers, screen scrapers
Adware Displays unwanted ads; may track browsing Popup ads, redirecting apps
Hides malware presence, often in system-level
Rootkit Sony BMG rootkit scandal
operations
Botnet Group of infected devices controlled remotely Zeus botnet, Mirai botnet

🔶 Detailed Malware Types


🔹 1. Virus

 Requires user action (e.g., running a file).


 Spreads by infecting executable files.
 Often corrupts or deletes files.
Prevention: Use antivirus, don't run untrusted files.

🔹 2. Worm

 Self-replicating; no need for a host file or user action.


 Spreads quickly over networks.
 Can clog bandwidth and crash systems.

Prevention: Patch systems, block unused ports.

🔹 3. Trojan Horse

 Masquerades as useful software.


 Opens backdoors for attackers.
 Can give attackers remote access.

Prevention: Avoid downloading pirated or unknown software.

🔹 4. Ransomware

 Encrypts user files and demands ransom (usually in cryptocurrency).


 Often spreads via phishing emails or unpatched software.

Prevention: Keep offline backups, patch software, use EDR tools.

🔹 5. Spyware

 Secretly records keystrokes, passwords, and personal data.


 May be bundled with free software.

Prevention: Use anti-spyware, be careful with free downloads.

🔹 6. Adware

 Displays unwanted ads and collects browsing data.


 Often bundled with freeware.

Prevention: Custom install software and uncheck extra offers.

🔹 7. Rootkit

 Provides privileged access while hiding its presence.


 Hard to detect, often embedded in firmware or drivers.

Prevention: Use rootkit scanners, limit admin access.

🔹 8. Botnet

 Group of compromised computers (zombies) controlled by a botmaster.


 Used in DDoS attacks, spamming, credential theft.

Prevention: Strong firewalls, IDS/IPS, block command & control traffic.

🔷 Common Attack Vectors


Vector Description
Phishing Emails Trick users into clicking malicious links or attachments
Infected Websites Drive-by downloads or script injections
USB Devices Auto-run malware from flash drives
Unpatched Software Exploits vulnerabilities
Social Engineering Manipulates users into compromising security

🔶 Malware Detection & Prevention


Tools:

 Antivirus software – Signature-based detection


 Anti-malware scanners – Real-time & on-demand scanning
 Firewall – Blocks unauthorized traffic
 EDR (Endpoint Detection & Response) – Behavioral analysis

🔄 Best Practices:
 Keep OS and software updated
 Use strong, unique passwords
 Enable multi-factor authentication
 Perform regular backups (offline/cloud)
 Educate users about phishing and scams

🔷 Summary Points
 Malware comes in many forms; not all require user interaction.
 The spread of malware depends on vulnerabilities or user behavior.
 Defense requires layered security, combining tools and policies.
 Cyber hygiene and security awareness are just as important as software tools.

📝 Common Questions
Q1: What's the difference between a virus and a worm?

A virus needs user action and a host file; a worm is self-replicating and doesn't.

Q2: Can antivirus detect all malware?

No — especially not advanced threats like rootkits or zero-day malware. Behavioral tools are
needed.

Q3: Why is ransomware dangerous?

It can permanently encrypt user data and demand payment, even from critical systems like
hospitals.

You might also like