How malware can affect both home users and businesses
The severity of the damage caused by malicious software is frequently determined by whether the malware infected a personal computer or a corporate network. The severity of the damage may also vary depending on the type of malware and the type of device infected, as well as the nature of the data stored on or accessed by the device.
While the effects of a malware infection may be imperceptible to the user in some cases, the damage can be severe in others:
An infection may result in the loss of relatively unimportant information that can be easily replaced for home users, or it may result in the loss of information that gives the cybercriminal access to the user's bank account.
A Trojan virus that sends spam may cause a minor increase in communications traffic on a corporate network, whereas other types of infection may result in the complete breakdown of the corporate network or the loss of business critical data.
What is a Computer Virus or a Computer Worm?
Virus versus Worm
The primary distinction between a virus and a worm is that viruses must be activated by their host, whereas worms are stand-alone malicious programs that can self-replicate and propagate independently once they have gained access to the system. Worms do not require any human intervention to execute or spread their code.
Viruses are frequently attached to or hidden in shared or downloaded files, both executable (a program that runs scripts) and non-executable (a Word document or an image file). When a target system accepts or loads the host file, the virus remains dormant until the infected host file is activated. The virus can only run after the host file is activated, executing malicious code and replicating to infect other files on your system.
Worms, on the other hand, do not require the activation of their host file. Once a worm has entered your system, usually through a network connection or as a downloaded file, it can run, self-replicate, and spread without being activated. A worm replicates itself and then spreads across a network or through an internet connection. These copies will infect any unprotected computers or servers that connect to the infected device via network or internet. Worm-based infections spread quickly across computer networks and the internet at large because each subsequent copy of a worm repeats this process of self-replication, execution, and propagation.
How Are Computer Viruses and Worms Distributed?
Viruses are classified based on the method they use to infect a computer.
- File viruses
- Boot sector viruses
- Macro viruses
- Script viruses
Worms frequently take advantage of network configuration errors or security flaws in the operating system (OS) or applications.
Many worms spread across networks using a variety of methods, including the following:
Email: Files contained within email attachments
Internet: Through links to infected websites; usually hidden in the HTML of the website, so the infection is triggered when the page loads.
FTP & Download Servers: It may begin in downloaded files or individual FTP files, but if not detected, it has the potential to spread to the server and thus all outbound FTP transmissions.
Instant Messages (IM): Messages sent via mobile and desktop messaging apps, typically as external links, such as native SMS apps, WhatsApp, Facebook Messenger, or any other type of ICQ or IRC message.
P2P/Filesharing: P2P file sharing networks, as well as any other shared drive or files, such as a USB stick or network server, are used to spread it.
Networks: They are frequently hidden in network packets, but they can spread and self-promote across the network by sharing access to any device, drive, or file.
10 types of computer viruses can cause many different types of damage to computers, networks, mobile devices and data.
A Trojan horse is famous computer viruses that attempts to download remote files. It will inject a .dll file into the EXPLORER.EXE process causing system instability.
A mass-mailing worm that lowers security settings. It can delete security-related registry sub keys and may block access to security-related websites.
A Trojan horse that allows the compromised computer to be used as a covert proxy and which may degrade network performance.
A mass-mailing worm which spreads by emailing itself to addresses produced from files on the local drives.
A mass-mailing worm and IRC backdoor Trojan for the Windows platform. Messages sent by this worm will have the subject chosen randomly from a list including titles such as: Notice of account limitation, Email Account Suspension, Security measures, Members Support, Important Notification.
A mass-mailing worm and IRC backdoor Trojan similar in nature to W32-Mytob-GH. W32/Mytob-EX runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels. This virus spreads by sending itself to email attachments harvested from your email addresses.
Virus: W32/Mytob-AS, Mytob-BE, Mytob-C, and Mytob-ER
This family of worm variations possesses similar characteristics in terms of what they can do. They are mass-mailing worms with backdoor functionality that can be controlled through the Internet Relay Chat (IRC) network. Additionally, they can spread through email and through various operating system vulnerabilities such as the LSASS (MS04-011).
A mass mailing worm and a peer-to-peer worm which copies itself to the Windows system folder with the filename Norton Update.exe. It can then create a number of files in the Windows system folder with filenames consisting of 8 random characters and a DLL extension. W32/Zafi-D copies itself to folders with names containing share, upload, or music as ICQ 2005a new!.exe or winamp 5.7 new!.exe. W32/Zafi-D will also display a fake error message box with the caption "CRC: 04F6Bh" and the text "Error in packed file!".
A mass-mailing worm with IRC backdoor functionality which can also infect computers vulnerable to the LSASS (MS04-011) exploit.
A peer-to-peer (P2P) and email worm that will copy itself to the Windows system folder as a randomly named EXE file. This worm will test for the presence of an internet connection by attempting to connect to www.google.com or www.microsoft.com. A bilingual, worm with an attached Hungarian political text message box which translates to “We demand that the government accommodates the homeless, tightens up the penal code and VOTES FOR THE DEATH PENALTY to cut down the increasing crime.