How to Identify Malware/Spyware Attacks

August 30, 2016 | Views: 15151

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

We need tools and manual testing in order to identify the attacks on computers, including malware threats. Infection removal is possible only when we’re able to detect the disease. In short, we need to identify or detect the vulnerabilities and the next step is to remove the existing malware threat.

As new techniques and tools are being developed to detect the vulnerabilities, cyber criminals are not making any effort to make malware difficult to detect.

Let’s first understand Viruses, Worms, Identity Thieves, Hackers, etc.

Viruses

Viruses infect computers through email attachments and file sharing. They delete files, attack other computer, and make your computer run slowly. One infected computer, can cause problems for all computers on a network.

Worm

A worm is also a malicious code that does not infect other programs. It makes copies of itself, and infects additional computers (typically by making use of network connections). It does not attach itself to additional programs. However, a worm might alter, install or destroy files and programs.

Identity Thieves

These are people who obtain unauthorized access to your personal information, such as Social Security and financial account numbers. They then use this information to commit crimes such as fraud or theft.

Hackers

Hackers are people who can “trespass” into your computer from a remote location. They may use your computer to send spam or viruses, host a Web site or do other activities that cause computer malfunctions.

Spyware

Spyware is software that “piggybacks” on programs you download, gathers information about your online habits, and transmits personal information without your knowledge. It may also cause a wide range of other computer malfunctions.

Trojan Horses

A Trojan horse is non-self-replicating malware that appears to perform a desirable function for the user but instead facilitates unauthorized access to the user’s computer system. Trojan horses may be encrypted or scattered throughout a program, making them difficult to detect.

Remote Administration Tool (RAT) is a type of Trojan. Ethical people use it for constructive purposes, like to provide online support if one is facing a problem in any software, to troubleshoot the issues with laptops or desktops. Unethical people use it to get unauthorized access into someone’ s computer.

Cyber Security Threats caused by Remote Administration Tool(RAT):

The operator controls the RAT through a network connection. A RAT provides an operator for the following capabilities:

—  Screen/camera control.

—  File management (download/upload/execute etc.

—  Shell control (from command prompt).

—  Computer control (power off/on/log off).

—  Registry management (query/add/delete/modify).

—  Start, stop and restart Windows services.

—  Copy/delete files and format disks.

—  View and clear the windows event logs.

—  Other software product-specific functions.

How to Detect Spyware

If your computer is slow, you may be automatically being directed to some other website, meaning there could be malware. Here are a few tips to detect malware:

—  Endless pop-up windows.

—  Redirected to other websites automatically.

—  Random Windows error messages .

—  Computer suddenly seems slow.

—  New and unexpected toolbars appear in web browser.

—  New and unexpected icons appear in the task tray.

—  Your browser’s home page suddenly changed.

—  The search engine your browser opens has been changed.

Prevent Spyware Installation

—  Don’t click  on links within pop-up windows.

—  Be  careful while installing free software; never forget to read the end user agreement.

—  Be aware of unexpected dialog boxes asking: “Do you want to run a xxxx program?” Always select “no” or “cancel,” or close the dialog box.     
Block pop-up windows and cookies by adjusting browser preferences.

Remove Spyware

—  Spyware copies several files to different directories and changes the registry. Use a spyware remover – a program dedicated to removal of spyware.

—  Run a legitimate product to remove spyware e.g Ad-Aware, Microsoft Window Defender, Webroot’s SpySweeper etc.


References

wwww.scribd.com/doc/237981192/Combating-Cyber-Crime

Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
22 Comments
  1. Well explained basic terms..it would be nice to include some well known remedies especially freeware like malwarebytes, Microsoft security essentials etc … Thnx for sharing…

  2. Thanks! Good reminder.

  3. Thanks for the Article,it has really helped me differentiate Viruses,worms,Trojan horses and spywares but i could not help wonder, the so called “shortcut virus” is it really a virus or a worm?, since tends to portray more of worm characteristics.

    • The clear difference between worms and viruses is that worms replicate throughout a network without the interaction of an end user (think Slammer or Code Red), while viruses need an end user to initiate the infection (think I Love You)

  4. The complete info in this article has been helpful in understanding the core fundamentals of Information security and the need of combative programs to maintain integrity and security.

Page 2 of 3«123»
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel