 |
| Malware |
Malware has been one of the most common threats that the user of the internet face daily. However, you have heard about the various types of malware you can encounter, chances are you don’t know how these malicious programs can infect your devices.
While knowing what types of threats exist is the first step
towards protecting yourself and your devices, the next more important step is to know how threat actors try to sneak these malicious pieces
of code into your computers, smartphones, and tablets. To help you combat these
threats, we look at some of the most common methods and tactics used to
tricking users of the internet into downloading malware and compromising their data and
security.
Phishing and mal-spam emails
While usually, the main objective of phishing emails is to
wheedle sensitive information out of you such as your access credentials to
various services, your card verification code (last three digits on the
backside of your payment card), PIN code, or other personally identifiable
information (PII) by masquerading as a trusted institution, they may contain attachments
or links that will lead to your device getting infected with malware.
Therefore, it’s always prudent to not just skim over your
emails but read them thoroughly. More often than not you’ll notice dead
giveaways that you’re dealing with a scam. Telltale signs usually
include spelling mistakes, evoking a sense of urgency, requesting personal
information, or the email originating from a suspicious domain.
Fraudulent websites
To trick victims into downloading malicious apps,
cybercriminals like to spoof websites of famous brands or organizations. The
scammers create fraudulent webpages masquerading as the real deal, with the domain name resembling the domain of the organization being
spoofed as closely as possible, with some subtle differences here and there,
such as adding a letter or symbol or even a whole word. The websites will be
malware-laced and will try to dupe the target into clicking on links that will
download malware into their devices.
To avoid getting your device to overspread with malware by visiting
one of these websites, always search for the official domain by typing it into
a search engine or by typing it manually into the address bar. It bears
repeating that a proper security solution will also protect you from most
threats and will also block you from accessing known malicious websites.
USB flash drives
External storage devices are a popular form of storing and
transferring files; however, they do carry several risks. For example, threat
actors like to use the “lost” flash-drive social engineering strategy, to dupe
unwitting good Samaritans into plugging a compromised thumb drive into their
computers. Once an afflicted drive is plugged in and opened your device can get
spread with a keylogger or ransomware.
Alternatively, if you aren’t careful about how you handle
your flash drive, your computer may get infested by cross-contamination. To
mitigate the chances of contaminating your PC you should use a reputable and up-to-date endpoint security solution that will scan an external media plugged
into your device and warn you if it contains anything suspicious.
P2P sharing and torrents
While over the years peer-to-peer sharing and torrents have
gained a reputation for being a place to illegally download software, games,
and media, they have been used by developers as an easy way to disseminate
their open-source software or musicians to spread their songs. However, they
are also infamous for being abused by black hats who inject the shared files
with malicious code. Most recently, ESET researchers uncovered cybercriminals
misusing the BitTorrent protocol and Tor network to spread KryptoCibule, a
multitasking multicurrency crypto-stealer.
To minimize the risk of being compromised, you should use a
reputable Virtual Private Network (VPN) to encrypt your traffic and keep it
safe from prying eyes. You should also use an up-to-date security solution that
can protect you from most threats including viruses or malware that may be a
part of the files you’re trying to torrent.
Compromised software
Although it may not happen often, software being directly
compromised by threat actors isn’t a rare occurrence. One important example of
an application’s security being compromised was the case of CCleaner. In these
attacks, the black hats inject the malware directly into the application, which
is then used to spread the malware when unsuspecting users download the app.
Since CCleaner is a trusted application, it wouldn’t have
occurred to a user to overly scrutinizing it.
However, you should be careful when downloading any type of software even the
one you trust. You also can’t go wrong by using a reputable security solution
and don’t forget to patch and update your apps regularly, security patches
usually deal with any vulnerabilities or loopholes found in the affected apps.
Adware
Some websites are often riddled with various ads that pop up
whenever you click on any section of the webpage or can even appear immediately
whenever you access certain websites. While these ads aim to generally generate
revenue for these sites, sometimes they are laced with various types of malware
and by clicking on these ads or adware, you may involuntarily download it onto
your device. Some ads even use scare tactics telling users that their device has
been compromised and only their solution can clean it up, however, that is rarely
the case.
A sizeable amount of the adware can be avoided by using
trusted ad-blocking extensions on your browser, which will, as the name
suggests, block ads from appearing on the website you’re visiting. Another thing you can do is avoid suspicious websites that use such advertisements
altogether.
Fake apps
The last item on this list deals with fake mobile
applications. These apps usually masquerade as the real thing and try to dupe
users into downloading them into their devices, thereby compromising them. They
can take on the guise of anything, posing as fitness-tracking tools,
cryptocurrency apps, or even COVID-19 tracing apps. However, in reality,
instead of receiving the advertised services, the devices will get infested
with various flavors of malware such as ransomware, spyware, or keyloggers.
To avoid downloading any malicious apps onto your devices,
you should stick with applications offered by trusted developers with a
verifiable track record and reviews. Also keeping your devices patched and
up-to-date can help you stay protected from various threats that would try to
exploit the vulnerabilities that may be present in older versions of apps and
operating systems.
Conclusion
While the list of strategies used by cybercriminals to target unsuspecting citizens are long and it may get longer (black hats keep coming up with new malicious tactics, after all), there are ways you can keep your data secure and your devices protected. These threats can be countered by adhering to cybersecurity best practices, which include using reputable security solutions and keeping your systems patched and up to date.
Some important keywords:
keylogger: a computer program that records every keystroke made by a computer user, especially to gain fraudulent access to passwords and other confidential information.
malicious: intending or intended to do harm.
phishing: a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking, and credit card details, and passwords
masquerading: pretend to be
telltale: revealing
scrutinize: examine or inspect closely
cryptocurrency: a digital or virtual currency that is secured by cryptography, which makes it nearly impossible to counterfeit or double-spend
BitTorrent: a peer-to-peer file transfer protocol for
sharing large amounts of data over the internet, in which each part of a file
downloaded by a user is transferred to other users.
KryptoCibule: a triple threat that uses a victim's resources to mine virtual coins and try to hijack transactions by replacing the wallet address in the clipboard, and exfiltrates cryptocurrency-related files, all while employing techniques to evade detection.
Thanks For Reading :-)
0 Comments: