How to Identify Malware/Spyware Attacks

August 30, 2016 | Views: 15255

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

We need tools and manual testing in order to identify the attacks on computers, including malware threats. Infection removal is possible only when we’re able to detect the disease. In short, we need to identify or detect the vulnerabilities and the next step is to remove the existing malware threat.

As new techniques and tools are being developed to detect the vulnerabilities, cyber criminals are not making any effort to make malware difficult to detect.

Let’s first understand Viruses, Worms, Identity Thieves, Hackers, etc.


Viruses infect computers through email attachments and file sharing. They delete files, attack other computer, and make your computer run slowly. One infected computer, can cause problems for all computers on a network.


A worm is also a malicious code that does not infect other programs. It makes copies of itself, and infects additional computers (typically by making use of network connections). It does not attach itself to additional programs. However, a worm might alter, install or destroy files and programs.

Identity Thieves

These are people who obtain unauthorized access to your personal information, such as Social Security and financial account numbers. They then use this information to commit crimes such as fraud or theft.


Hackers are people who can “trespass” into your computer from a remote location. They may use your computer to send spam or viruses, host a Web site or do other activities that cause computer malfunctions.


Spyware is software that “piggybacks” on programs you download, gathers information about your online habits, and transmits personal information without your knowledge. It may also cause a wide range of other computer malfunctions.

Trojan Horses

A Trojan horse is non-self-replicating malware that appears to perform a desirable function for the user but instead facilitates unauthorized access to the user’s computer system. Trojan horses may be encrypted or scattered throughout a program, making them difficult to detect.

Remote Administration Tool (RAT) is a type of Trojan. Ethical people use it for constructive purposes, like to provide online support if one is facing a problem in any software, to troubleshoot the issues with laptops or desktops. Unethical people use it to get unauthorized access into someone’ s computer.

Cyber Security Threats caused by Remote Administration Tool(RAT):

The operator controls the RAT through a network connection. A RAT provides an operator for the following capabilities:

—  Screen/camera control.

—  File management (download/upload/execute etc.

—  Shell control (from command prompt).

—  Computer control (power off/on/log off).

—  Registry management (query/add/delete/modify).

—  Start, stop and restart Windows services.

—  Copy/delete files and format disks.

—  View and clear the windows event logs.

—  Other software product-specific functions.

How to Detect Spyware

If your computer is slow, you may be automatically being directed to some other website, meaning there could be malware. Here are a few tips to detect malware:

—  Endless pop-up windows.

—  Redirected to other websites automatically.

—  Random Windows error messages .

—  Computer suddenly seems slow.

—  New and unexpected toolbars appear in web browser.

—  New and unexpected icons appear in the task tray.

—  Your browser’s home page suddenly changed.

—  The search engine your browser opens has been changed.

Prevent Spyware Installation

—  Don’t click  on links within pop-up windows.

—  Be  careful while installing free software; never forget to read the end user agreement.

—  Be aware of unexpected dialog boxes asking: “Do you want to run a xxxx program?” Always select “no” or “cancel,” or close the dialog box.     
Block pop-up windows and cookies by adjusting browser preferences.

Remove Spyware

—  Spyware copies several files to different directories and changes the registry. Use a spyware remover – a program dedicated to removal of spyware.

—  Run a legitimate product to remove spyware e.g Ad-Aware, Microsoft Window Defender, Webroot’s SpySweeper etc.


Share with Friends
Use Cybytes and
Tip the Author!
Share with Friends
Ready to share your knowledge and expertise?
  1. Do any of you know much about a company called comodo for internet security? and if so, are they worth the money?

  2. Good cheat sheet 🙂

  3. Its a good refresher and highlights some key points to watch out for

  4. even though i know all of it already, it’s very good information.

Page 3 of 3«123
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?