Malware, Security

2022 Malware Survival Guide


“Malicious” + “Software” = Malware

Malware is essentially the same as a human virus. It’s an umbrella term for malicious or intrusive software that a computer can catch from an outside source; it is any file, software, etc., that is intended to hurt a computer or user.

 

Malware can take over a computer and make it do things the user may not want it to do, such as sending spam mail, stealing sensitive information, spreading the malware to other computers, etc.

 

Some sources estimate that in 2022, malware now exceeds the number of legitimate programs available online. Microsoft, for instance, estimates that as many as 1 in 14 downloads may contain malware code.

 

Each variation of malware has its way of disrupting a computer system. As with many things, the best offense is a good defense. Familiarizing yourself with current and common malware types and tactics is a great way to help prevent them. Note that these are just a few of this year’s “most popular.” Many others like “traditional” spyware, ransomware, adware, etc., are not addressed here. 

 

Phishing

A phishing scam disguises itself as a legitimate website, email, or program. Have you ever received a fake email from your credit card company requesting information immediately, or else terrible things will happen? These scams are “fishing” for your sensitive personal and billing information.

 

Help protect yourself: Always check the URL for any site requesting login or sensitive information. Legitimate organizations never ask for sensitive info via email. Do not feel pressured to give information if you are uncomfortable; many phishing scams use scare tactics.

 

Viruses

Like a human virus, a malware virus can copy itself and spread over to other computers through a network via human activity (running programs, opening a file, etc.). Most malware viruses are programmed to perform malicious operations on a user’s system. 

 

Help protect yourself: Most Viruses spread via email attachments. The email attachment is opened, releasing the virus onto your system. Don’t open email attachments unless you are expecting them. It may help to install a trusted antivirus program onto your system and keep it updated.

 

Trojan Horse

Commonly known as a “Trojan,” this type of malware is used as a vehicle to download additional malware onto an already infected system. Trojan programs disguise themselves as legitimate programs or files for download. Then, once the Trojan gains access to your system, the Trojan can steal information and download more malware.

 

Help protect yourself: Trojans are usually downloaded by an email attachment or files from a website. Never open email attachments from unknown senders. If a Trojan has been found on your computer, it may help to disconnect your computer from the internet, run an antivirus program, and delete the files in question.

 

Bots

A bot is a simple program used to perform a small task repetitively. Some bots are used for legitimate reasons. For example, many bots gather information for search engines like Google. Other bots have more malicious intent, like scanning sites to collect email addresses for spamming purposes. CAPTCHA tests (aka Completely Automated Public Turing Test to tell Computers and Humans Apart) work to protect against bots by verifying that a human is involved in the interaction. 

 

Help protect yourself: Implementing a CAPTCHA on your site is a significant first step. Google and many WordPress plugins offer CAPTCHAS free to use.

 

 

Botnet

When malware controlled by a third party infects a group of computers, it is known as a botnet (combo of robot and internet). Distributed Denial of Service Attacks (DDoS) is the most common use of botnets. These attacks can shut down a competitor’s website by overloading it with requests or blasting spam.

 

One of the advantages of a botnet is harnessing hundreds or thousands of machines; attacks come from so many different devices that it makes them harder to block or trace.

 

Help protect yourself:

  1. Keep your operating system up to date and install an antivirus program.
  2. Don’t open files from unknown or suspicious sources or click on suspicious links.
  3. Scan all downloads before running the downloaded files.

 

Crytojacking

Crytojacking is relatively new in the same sense that cryptocurrencies like Bitcoin are relatively new. A little more than a decade old, Bitcoin was created as an electronic peer-to-peer cash system, essentially electronic cash. Still, the currency’s volatility scrapped this original intent (what is worth $1 today could be worth $30 tomorrow and vice versa). Regardless, it is much valued in many markets, so there is malware to compromise it.

 

Cryptojacking is the unauthorized use of someone else’s computer resources to mine cryptocurrency. NOTE: You do not have to own any cryptocurrency to be a victim. The malware is simply using your computer resource to mine others. 

 

The two primary forms of attack include 1) tricking victims into loading cryptomining code onto their computers through phishing or 2) injecting a script on a website or an ad delivered to multiple websites. Once victims visit the website or the infected ad pops up, the script automatically executes. Either way, the cryptomining code works in the background as victims use their computers and secretly mine cryptocurrency for the hacker. 

 

Help protect yourself: Install antivirus and malware protection software and keep them updated. In addition, use ad blockers in your browser and disable Javascript. 

 

Rootkit

A rootkit is a pretty darn nasty malware — it’s a “backdoor” program that allows full access and control of the infected device, including administrative privileges. YIKES!

 

The cybercriminal can then spy on the device, change its configurations, steal sensitive data, etc. All this is done remotely. 

 

Rootkit usually injects into applications, kernels, hypervisors, or firmware and can spread through phishing, malicious attachments, malicious downloads, and compromised shared drives. It can also hide other malware, like, a fake VPN app that one might download, so it is an actual supervillain.

 

Help protect yourself: Like most malware, rootkits are often activated through phishing scams, so avoiding these is your first step in prevention (see “Phishing” above). Scan your systems. Sounds easy, but it’s not. No one scanner can seem to detect and remove all rootkits at every level. To fully protect yourself against rootkit attacks at the boot or firmware level, you need to backup your data, then reinstall the entire system. Ugh. Make a practice of updating your software and keeping your antivirus program modern. 

 

Symptoms of Malware

Like a human catching cold, a computer infected with any malware will likely start showing symptoms. Because there are so many types of malware, the range of performance issues that could tip off an infection is pretty broad. The most common symptoms include:

 

  • Unusually High CPU usage
  • Alerts from Security/Antivirus Programs
  • Sluggish Computer/Internet Browser Speeds
  • Sudden Location Change or Deletion of Files
  • Sudden Appearance of Files or Programs
  • Outgoing Spam Messaging
  • Large Volume of Popup Ads
  • Odd Computer Behavior

 

None of these issues singularly reveals a malware program. However, suppose popup ads appear when your internet browser is not open. If your security program is issuing scary warnings, or your friends have suddenly received a flood of spam mail from your address, you most likely have a malware problem.

 

Prevention Vs. Reaction

Like one would expect from a domain host, PAIR addresses malware with an expert team of developers whose only goal is to build software that resists intrusions and eliminates exploits. 

 

Our Free Intrusion Defense Scans, Included with All Current Hosting Plans, Offers:

  • Automatic Weekly Scanning
  • Free Scanning for Your Whole Account — All Sites up to 10,000 files
  • Custom-Built Malware Scanning Tool
  • Suspicious Files Flagged for Easy Removal Later

 

Our Paid Intrusion Defense Plans Offer:

  • MAXIMUM 3 HOUR RESPONSE TIME
  • 24-7 Support
  • Daily scanning of all files
  • Experienced developers design PAIR’S custom detection & cleanup tools
  • Hands-on, expert, real-person attention to all exploits 
  • Clean-up of ALL account sites

 

Fair Pricing that Covers Your Entire Account

Other providers charge you high fees for each domain! We charge a flat price based on the number of domains per account.

 

Guaranteed Results

If you purchase an intrusion defense plan from us and your account is reinfected due to our action, we’ll clean it up again and provide a new backup. As a best practice, we keep and maintain disaster recovery backups and off-site backups, and for many account types, we offer additional customer-configurable backups.

 

Manual Review by Real Humans

No malware protection system is perfect, so we manually review cleanups and check security scans for possible false positives.

 

In addition, at Pair, we have an excellent track record of zero-day attack mitigation and prompt attack response with thorough customer communication.

 

If you’re a Pair customer, we encourage you to subscribe to one of our annual intrusion defense plans