O que são malwares? O que você precisa saber para se prevenir!
Muitas pessoas não sabem exatamente o que é malware. Alguns pensam que sabem, e destes uma parcela considerável responde que o malware é um vírus. Não é totalmente errado fazer tal afirmação, mas também não é totalmente certo. Quer acabar com esse tipo de dúvida? Então vá em frente e aprenda tudo o que você precisa para responder corretamente à pergunta e como não se tornar a próxima vítima.
De onde vem o nome?
Assim como praticamente todos os termos usados em computação, malware tem origem no inglês, a partir das palavras malicioso (malicioso) e software (programa). Ou seja, é uma abreviatura composta pelas duas palavras e designa todo programa que possui atividade maliciosa.
A palavra malicioso refere-se à finalidade do programa, pois invariavelmente a real intenção do programa é obter alguma vantagem em nome do criador do malware, geralmente na forma de roubar informações ou causar algum tipo de dano e/ou perda. à pessoa que possui um dispositivo afetado (notebook, tablet, smartphone, desktop, etc.) e por isso recebe o adjetivo malicioso.
O que é malware?
Consiste em pelo menos um programa, mas em alguns casos e dependendo da classe do malware, bem como das suas finalidades, pode ser um conjunto de arquivos, assim como outros programas legítimos que instalamos em nossos computadores e usamos ao máximo. finalidades diversas. propósitos.
O papel ou função ou propósito de uma praga virtual – como também é chamado o malware – é realizar ações de acordo com o que seu autor pretende. E o primeiro possível malware conhecido, embora não pretendesse causar grandes danos, era no mínimo irritante. Chamava-se Creeper.
A primeira manifestação do Creeper ainda estava na ARPANET, e ocorreu através da “infecção” de um sistema após o outro, durante o qual exibia a mensagem: 'Eu sou o Creeper: pegue-me se puder!' e depois disso, ele “pulou” para outra máquina da rede, apagando-se do computador anterior. Possivelmente seu autor queria apenas demonstrar que isso era possível, além de possuir certo senso de humor, dado o incômodo que causava com seu comportamento.
Naquela época a nomenclatura dos vírus ainda não havia sido utilizada e só algum tempo depois começaram a aparecer softwares que tinham comportamento semelhante ao Creeper, na medida em que se espalhavam entre os computadores de uma rede, não se apagavam, mas causou algum tipo de dano, como inutilizar sistemas ou outros programas. Devido ao seu comportamento, esses malwares foram os primeiros a serem chamados de vírus.
Inicialmente, a disseminação do malware ocorria por meios físicos, especificamente mídias removíveis, como disquetes, ou dentro de redes de computadores. Com o surgimento da web e a capacidade de conectar vários computadores em diversas regiões geográficas, os autores de malware começaram a se espalhar por qualquer forma pela qual um computador acessa a Internet de qualquer forma.
Que tipos de malware?
Os vírus foram as primeiras manifestações de malware, mas com o passar do tempo e com a expansão das tecnologias disponíveis, tanto para as pessoas acessarem, quanto para os dispositivos capazes de fazê-lo, surgiram variações de pragas virtuais com características específicas e com diferentes finalidades e comportamentos.
TROJANO
Conhecidos como cavalos de Tróia, porque assim como o cavalo grego dado aos troianos, ele se disfarça como algo para se inserir nos sistemas. Portanto, finge ser mais um tipo de programa que, ao ser instalado em um sistema, revela sua real natureza maliciosa;
ESPIÃO
It has the name derived from spy (spy in English), since they stealthily monitor the actions that are carried out on the device on which it is installed and provide such data to its author. Monitoring may include Internet browsing history, programs used by the user, e-mail messages sent, dates, times when actions were performed, etc.;
KEYLOGGER
It has behavior similar to spyware, in that it collects data and sends it to its author, but the data collected is exclusively related to which keyboard keys are used, that is, everything that is typed is known by the author of the malware;
SCREENER
It is another specialized variation of spyware, but the objective is to make and send images of the computer screens (Print Screen) on which it is installed at regular intervals of time. In this way, its author has visual knowledge of everything that is done by the user;
WIPERWARE
Also known as cleaner or cleaner, it is the “virtual vandal”, as it aims to destroy content, usually erasing data on HDs or making them unusable. There are 2 variations, and in the first, the data are copied by the author and later the data are deleted from where they were stored. In the second variation, only the data is erased.This class of malware has some of the most harmful and most famous programs for the damage it has caused and the number of people affected;
WORN
Also known as a worm, it is characterized by spreading from one system to another, without depending on the actions of the users of those systems. They often exploit vulnerabilities in operating systems or software installed on these systems; to self-disseminate and constitute one of the most successful classes of malware;
BANKER
It is a specialized class of malware that aims to steal bank details and passwords, and for that purpose can combine spyware, screener and keylogger behavior. It is one of the classes that poses the most threat, as it can cause severe financial losses;
ADWARE
Its name partly explains its purpose, which is to display advertising (advertise software). The problem is that usually the ads are of undesirable content, such as pornography and often generate a large volume of pop-up windows that are displayed successively and if the device does not have enough memory and/or processing to support such behavior, it may even stop responding.
Also sometimes, adware can be associated with other classes of malware and use the disturbing behavior of displaying advertisements, as a cover for other, more harmful actions;
RANSOMWARE
It is a very popular piece of malware these days and usually causes infection via an attachment or a link in a phishing email message. This class of malware encrypts data (documents) on the infected system, blocking access by the user unless a ransom is paid, usually in cryptocurrency;
MINERS
With the advance of cryptocurrencies, particularly desired at times when there was a great appreciation, a class of programs has emerged whose objective is to hijack the processing power of the machines in which they are installed, in order to mine cryptocurrencies. When this occurs, the infected machine usually has performance problems, due to the use of its processing power for the mining process;
BOTNET
It is not exactly a class of malware, but malware that aims to gain control of several computers or servers on different networks, with the aim of remotely commanding them all from a single point and from there all performing the same action simultaneously and on a large scale. It is the most used method for DDoS attacks.
How does malware infection occur?
Malware authors use various means to spread their creations, aiming to reach a variety of electronic devices and networks. The most common forms of dissemination of these virtual plagues are the following:
Received by email – comes in the form of an email attachment or a link in the body of the message. Generally, the text of the e-mail is intended to generate interest or curiosity in the person receiving it. It could be a security update from your bank, compromising photos, news, etc. This type of action is known as phishing;
Downloads – when you download content without checking the site or origin from which the content is being downloaded;
Piracy – installation of programs that are the result of piracy. The computer hacker is not an altruist who wants to provide you with paid programs for free. Usually your payment to him for the purchased program comes by making your computer or device able to install some malicious program that will give you something in return, such as making you a botnet zombie;
Websites – it is common for cyber criminals to invade websites to, among other actions, include their malware on them. When accessing these sites, users have malware downloaded and installed on the devices that performed the access;
Wi-Fi networks – public and unprotected wireless networks can be the target of malware dissemination, as it is not difficult to invade devices using such networks;
Modens – there are brands and models of modems whose firmware has security flaws that allow them to be accessed remotely and thus the network that uses such modems would be safe and unauthorized access by intruders is reasonably simple;
Corporate networks – corporate networks, if they are not managed in order to control the flow of data and user actions, can be the focus of malware propagation, especially when there is an intranet, virtual disks and collaborative content. A single piece of malware on a user's device can compromise all points on the network.
How to prevent?
The main measure to stop the spread of malware is information. Knowing the types of malware, how they manifest themselves and their dissemination behavior, helps to avoid having a compromised device, as it reduces the chances of exposure.
Even malware authors rely precisely on the lack of information on the part of most users, to be successful in spreading virtual plagues and some of the propagation mechanisms use this principle.
Below is a list of aspects that must be observed carefully in order to avoid compromise of your devices by malware:
Have your device's operating system (laptop, smartphone, tablet, desktop, etc.) always up to date. Some types of security flaw can be exploited by making the attacker have control of the system and thus it would be susceptible to various types of threats. Program and system updates usually correct flaws that are discovered;
Keep complete security systems installed, with firewall, antivirus (actually antimalware) and always update them or leave the automatic update enabled;
Avoid using removable media (pendrives, CDs, DVDs, etc.) whose origin is unknown. If your access is necessary, first submit the evaluation of its content using the antivirus that you have installed on your device;
Remember that just as you are susceptible to having an infected device, so are your acquaintances. Therefore, content from a known person does not imply that it is free of malware;
Avoid exposing sensitive and important data to networks or environments where you are unsure about the security. If you have to connect to insecure networks, try to use secondary users, without administrator privileges and that do not give access to all your data;
When you receive e-mails whose origin cannot be verified or if you have doubts as to their origin, before proceeding, try to check with the sender that the message was sent. When in doubt, never click on links or open attachments. In some cases, simply opening the message can be dangerous;
Do not trust your antimalware programs 100%. No protection is fully effective and just like the diseases that affect people, vaccines come only after the disease is discovered. Until then, some victims will be infected.
If the worst comes to worst and you suspect you have a system compromised by malware, avoid exchanging data with third parties and isolate the infected device from the network and the Internet until you've run a full scan for malware. If you don't know exactly what to do, ask an expert for help.
There are online solutions that can be used to complement the solution you have installed on your computer and that do not compete with it in identifying malware. Use these scanners in addition to the security solution you have installed on your machine, as as we said, no antimalware is 100% effective.
There are also quite specialized classes of malware that also require specific programs for their detection and cleaning, which is the case with bankers.
Conclusion
Existem diferentes tipos de malware e independente de qual classe seja, as consequências podem ser graves e representar prejuízos importantes. A principal medida para se proteger é manter todos os usuários informados e adotar um conjunto bem definido de medidas para reduzir as chances de infecção.
