Malicious Software and Its Types

Malicious Software and Its Types
This article explores various types of malware, detailing their characteristics, examples, and consequences in the cybersecurity landscape. It covers viruses, worms, trojans, spyware, rootkits, ransomware, and cryptojacking, highlighting both historical examples and mitigation strategies. Affected: malware, computer systems, data security

Keypoints :

  • Malware is software developed to harm computer systems, steal data, or gain unauthorized access.
  • Viruses propagate by attaching themselves to other files and often activate when files are opened by unwitting users.
  • Worms replicate themselves independently and do not require user interaction.
  • Trojans disguise themselves as legitimate software but perform harmful actions in the background.
  • Spyware secretly collects user information without consent, often stealing sensitive data.
  • Rootkits provide attackers with administrative control over a system stealthily.
  • Ransomware encrypts files and demands ransom for their release, impacting both individuals and organizations.
  • Cryptojacking utilizes device processing power for cryptocurrency mining without the user’s knowledge.
  • Prevention measures include using antivirus software, applying security updates, and implementing multifactor authentication.
  • User awareness training is essential for protecting against social engineering attacks, such as phishing.

MITRE Techniques :

  • T1059 – Command and Scripting Interpreter: Used by malware to execute commands through scripts.
  • T1566 – Phishing: Techniques like using COVID-19 themes in phishing emails to acquire credentials.
  • T1554 – Input Data Manipulation: Employed by Trojans to fake legitimate appearances and trick users.
  • T1203 – Exploitation for Client Execution: Used in vulnerabilities as seen in WannaCry attacks via MS17-010.
  • T1071.001 – Application Layer Protocol: Exploited for command and control communications, particularly in spyware scenarios.

Indicator of Compromise :

  • URL http://malicious.com/path
  • Domain malicious.com
  • MD5: a3c6ce4e8b20410d7f3c94e748e4de4c
  • SHA-256: f9d5b4a52a59c84c95ad247ef4c937e4c6cb13423e3d0b09a24a1b2a1eec623f7
  • Email attacker@example.com

Full Story: https://merridvanpolat.medium.com/zararl%C4%B1-yaz%C4%B1l%C4%B1mlar-malicious-software-ve-t%C3%BCrleri-8092564a1f33?source=rss——malware-5