Reading about malware today…. I thought to share a few points I learnt. I hope it is beneficial for the reader of this article. It is a good start for me to understand what is computer virus?
a virus is basically a computer code embedded in a file that penetrates a computer for unauthorized data destruction or data distortion or data copying. But if the virus is just small code that embedded into a program – how it can spread so quickly and make such a destruction ? The answer is self-replication.
Self-replicating mechanisms were formulated in early1950s and was not intended to be used for computer virus.
Using self-replication mechanisms, computer virus develops the ability to spread from one file to another, from one computer to another on a network with neither knowledge nor consent of the user.
Infected computer, usually go through the below stages:
- Hidden : the effect of the virus is covert and remains unnoticed
- Multiplication: the virus multiplies but is not activated yet
- Activation: harmful actions programmed by its developer are performed. Activation process can be both time-related (activation on a specific date) or action related (Opening up a file or execute a program)
once the virus is activated, you should be able to spot some signs of the infection(Symptoms )
- Slow load of operating system
- Disappearance of files or directories or distortion of their content
- Change of file modification date and time
- Change of file size
- Increase in the number of files on the hard drive
- Decrease in the size of free RAM
- Unwanted content display like popup messages
- Frequent freezes and malfunction
Now we know what virus is, how it can spread and what are signs of infection – Can we classify computer virus? that’s hard one.. security specialists are struggling with this, however I found a lot of classification online so I choose up the below classification
Primitive viruses: these are viruses that can change the contents of your files and disk sectors but they can be easily detected and destroyed .
Stealth viruses: These are viruses that can hide their presence and very difficult to detect. they can actually cheat antivirus programs by using masking technique, However, there is an easy way to disable a stealth virusmasking technique.
Polymorphic viruses: This type of computer viruses seems to be the most dangerous today. That’s because their ability to change their own code. Polymorphic viruses can encrypt their own bod and can rewrite their code.
We need also to remember that computer viruses it’s not all about destruction, it can carry malware like Torjan horse. Malwares are usually want to perform unauthorized actions like data theft, destruction of confidential information, or utilization of its resources for malicious purposes.
Malware can do the below:
- Install backdoor in order to get access to computer or system
- Install Spyware which can listen up to computer user activities
- Password stealing
- Taking control of your devices to attack other by install program on victim to become a part of botnet(computer network consisting of a certain number of hosts with running bots)
- Locking or encrypting devices
at the end of this article, there are few things we can do reduce the probability of us being infected or at least reduce the damage if this to happen
- Always keep your PC firewall on and enabled at all time
- Make regular backups of your most important files and make sure that backup device is not always attached to your machine
- keep your OS up to date, actually keep all your software up to date. Software updates remediate know vulnerabilities which attackers are after
- Don’t visit websites that are known to be malicious
- Use multifactor authenticator whenever possible so if malware steals credentials they can’t easily be reused
- Reset your password periodically
- Never ever answer spammer
- Watch out of Phishers, Internet fraud aimed at obtaining your personal data
- Install good antivirus and internet security software on your machine
- If you feel that your computer is infected, you should immediately turn off the computer so that the virus does not continue its destructive actions. If you do not have enough knowledge and experience to cure your computer, ask for help.
Thank you very much for reading my post.