The average Internet user has a rather vague idea of the malware with which he somehow has to contact almost every day. In the material below, we will try to deal with some quite relevant threats, avoiding complex formulations and giving illustrative examples.
♥ BY TOPIC: How to turn an iPhone with AirPods into a spy microphone.
It’s important to understand that even if you install on your computer all the top antivirus programs with purchased premium subscriptions, add a dozen firewalls and paste foil over the keyboard, you won’t be able to prevent malware from actively using the Internet, the only question is how strong it is for you will do harm. Here are a few examples of common problems of ordinary users, moving from less to more serious:
- The virus installed on a friend’s computer copied your contact information from the address book for spamming;
- Your password from the social network account was obtained by cybercriminals and now the page is blocked by the administration;
- Your cat walked on the keyboard, accidentally opened several sites with adult films, and now when you turn on your Windows computer it asks you to send a paid SMS to the specified number;
- You demand from the provider the declared Internet connection speed, while your PC is involved in DDOS attacks or mine cryptocurrency without your knowledge;
- Your credit card is replenished and lost the balance of the game account in the online casino;
Of course, for most users, the security measures can be considered as refusing to download programs from unfamiliar sites, setting an Internet limit on a credit card, using reliable login passwords for important resources, and having any kind of protection in the form of a free or low-cost antivirus. We will not recommend specific methods of countering malware, but only consider several of its varieties with specific examples of their impact on ordinary users.
♥ BY TOPIC: Erasing data on iPhone after 10 incorrect password attempts: how it really works.
What is a trojan?
Everyone has heard about the “Trojan programs” and roughly understands the essence of their impact thanks to the episode of the Trojan War described by Homer – we get the program for free, but inside there is malware. Moreover, for the layman, all especially dangerous viruses usually belong to the Trojan family, while in reality in most cases the Trojan is not a virus at all in essence.
The main property of the virus is the independent distribution and infection of new devices, while trojans are usually downloaded to the public resources by the authors and installed by users themselves. In this case, the trojan can perform a variety of tasks: send user data to an attacker, disrupt the system, use its resources, download additional malware, destroy files, etc.
It is important that the Trojan can actually perform the declared functions along with the hidden ones. That is, the developer can use the working application as the horse from the poem, adding malicious code fragments to it – the program will play music, get cryptocurrency or let it see through the walls in the game, and at the same time transfer your personal data or send spam .
♥ BY TOPIC: What is Darknet and how to get there?
What is a backdoor?
One of the most dangerous types of malware that is very difficult to detect and impute its creation to the developer. The backdoor is a vulnerability of the program, specially allowed by the creator, which he can use for any purpose, when necessary. However, it is often impossible to prove the intentional creation of a backdoor, since it is indistinguishable from an ordinary error in the code.
Here are some examples:
Last May, Kaspersky Lab experts discovered a backdoor in the firmware of the D-Link DIR-620 routers, thanks to which attackers could gain access to device control and quietly use a user’s Internet connection;
In October 2018, Thomas Reed of Malwarebytes announced that the macOS CoinTicker exchange rate monitoring application contains a backdoor and can be used to steal user data.
In January 2019, a Dutch cybersecurity expert, Victor Gevers, discovered a backdoor account in MongoDB databases used by thousands of companies in Russia and abroad. In particular, attackers could gain unauthorized access to Disney Russia data or the Unified Register of pre-trial decisions of the Ministry of Internal Affairs of Ukraine.
♥ BY TOPIC: What is a proxy server and how to configure it on iPhone and iPad.
What is a zero day vulnerability?
Everyone refers to this type of vulnerability. mistakes made by the developer and not discovered until the moment of their use by hackers. That is, theoretically, each program can have a zero-day vulnerability, which has not yet been announced. Obviously, it is very difficult, although impossible, to combat the use of the zero-day vulnerability – anti-virus companies use, for example, special software that analyzes the actions of applications and captures threats in time (for example, sending data to a third party).