Malware is a general term to describe software that is is designed to disrupt computer systems. One of the most dangerous types of malware is a virus. What makes viruses so dangerous is the fact that they replicate and multiply, spreading to other computer programs or systems. Viruses often attack operating system or boot sectors of hard drives. They can also target network hubs and other devices
An important part of a strategy in preventing the spread of a virus is understanding how it propagates'. Like biological viruses they often exploit a series of hosts or vectors. (In the case of stuxnet, USB drive - Windows O.S. - Centrifuge control system.) Common vectors include email attachments, downloadable files, web servers, web browsers and operating systems.
Malware often uses social engineering to trick you in to running and installing on your computer. For instance opening an email attachment purporting to notify you of a windfall. The malware landscape is constantly changing, as software vendors create patches, anti malware programs update virus definitions, and malware authors attempt to circumvent these changes by created new or altered malware.
Symptoms of malware infection
Malware and viruses are created for many different purposes. They may simply be using your machine as a host and be temporarily inactive. It may be waiting for a particular target software or hardware to be connected or, in the case of zero day vulnerabilities, a certain time, to be activated . Once activated it may attempt to gain control of your device, steal private information such as passwords, identification, or attempt to contact an infected web server. Virus attacks have been launched targeting particular software or systems as part of as part of a sabotage campaign.
Symptoms of an infection vary but often include such things as a noticeable slowing down of your computers performance, unexpected behavior such as frequent crashes, applications refusing to start, unusual pop ups and system messages. (these can also be symptoms of hardware or software malfunction). Severe infections often target installed virus protection software preventing it from working or updating.
Man in the middle attacks: When you browse to a web page your computer normally makes a connection to the host web server through a series of network servers and routers. In this type of attack an agent on an infected network machine takes control of the connection. It can be used to steal passwords and information, or in other ways interfere with the communication between server and client. There is not a lot you can do to remove the threat, since it exist on a remote machine, but you can prevent some of its most damaging consequences. On a legitimate website sensitive information such as passwords, are automatically encrypted before being sent. You should be able to confirm this by the https protocol in the address window of your browser. It is possible however, on high value targets, worth the hackers effort to subvert https.
Ransomware: This is where a computer is hijacked and the owner warned that all data will be erased unless they pay a specified ransom. Set you anti malware to scan automaticly at a specified time. Perform a deep scan periodicly. Keep all applications patched and have a releible backup.
Keyloggers are when key strokes are captured and reported back to a malicious agent. This can be done by malware covertly installed on your computer, or by seperate physical devices. For instance it is relatively easy to read key strokes from a wireless keyboard using a near by receiver. It is also possible to log keystrokes by measuring and analisying key stroke vibrations using a smartphone resting on the table nearby. Use caution when using your computer in a public space.
Phishing: This is a scam where some one will contact you out of the blue pretending to be from a legitimate business such as a bank or telco. They use devious means to encourage you to divulge personal information such as bank accounts and passwords. They often use legitimate looking branding and logos. They may contact you by email, mail, phone, social media or even in person. Contact the business or organisation directly by a known means. Never use email links or contact information provided to you by the suspect.