How to activate 9 types of computer virus and how they do their dirty work

How to activate 9 types of computer virus and how they do their dirty work

The human mind enjoys classifying things, and malicious software is no exception to this rule. We at CSO have done our part. Our malware explainer sorts malware by how it spreads (self-spreading worms, viruses that ride on other code, or Trojans that look like something else) and by what it does to machines that have been infected (rootkits, adware, ransomware, cryptojacking, and malvertising, oh my!).

You can find a lot of different examples of this kind of technical taxonomy, and there is undeniably some value in it. In particular, it can be beneficial to differentiate between the various kinds of malware infection vectors rather than classify everything as a “virus,” despite the common usage of the term. This is because doing so can help prevent infections from occurring. On the other hand, we run the risk of placing an excessive amount of importance on these kinds of division.

How to activate 9 types of computer virus and how they do their dirty work
How to activate 9 types of computer virus and how they do their dirty work

“A lot of the terminology used to describe malware in the 1990s and early 2000s is still technically accurate, but maybe less relevant than it once was,” says Jacob Ansari, Security Advocate and Emerging Cyber Trends Analyst for Schellman, a global independent security and privacy compliance assessor. “A lot of the terminology used to describe malware in the 1990s and early 2000s is still technically accurate,” says Ansari. “Malware from earlier decades was typically installed on the target system and then ran automatically without any intervention from a human.” However, the majority of attack campaigns in today’s world are run by groups of people who are collectively referred to as threat actors. A variety of programming and scripting languages are utilised by attackers in order to produce their malicious code. Attackers continue to make efforts to avoid detection and persist despite the presence of defences.

As a result, we questioned Ansari and several other security professionals about the classification systems they use to organise the various forms of malware they face. In general, we discovered that there are two distinct ways of looking at the classification of malware: one is to consider how viruses carry out their dirty work (that is, what they do to you), and the other is to consider where they fit into an ecosystem (i.e., what they do for an attacker).

There are nine primary categories of computer viruses.

  • Macroviruses
  • Viruses that exhibit polymorphism
  • Resident viruses
  • Viruses in the boot sector
  • Multipartite viruses
  • Droppers
  • Beacon/payload
  • Packers
  • In charge of management and direction

Viruses are classified accor to the harm they cause.

Talking to a person who makes their living by creating malicious software is not the worst thing you can do if you are interested in gaining a comprehensive understanding of the various strains of malicious software. At the cybersecurity professional services firm Echelon Risk + Cyber, where he works as the managing lead for offensive security, Dahvid Schloss develops malware designed to emulate real threat actors in order to carry out command-and-control platforms during the firm’s adversarial emulation and red team engagements. In other words, he tries to break into systems without being detected. He classified the various kinds of viruses that he works with according to the functions that they perform.

macroviruses According to Schloss, “this category” is “probably the most common malware technique in the world.” [Citation needed] “Phishing is the first step in approximately 92 percent of all external attacks, and macros are the primary source of the issue.” A macro is an automated execution of keystrokes or mouse actions that a programme can do without any interaction from the user. Typically, when we talk about macros, we are referring to those found in Microsoft Word and Excel, which can automate tasks that are performed repeatedly on a worksheet or document.

Macros are a type of malware that is extremely widespread. According to Schloss, “The delivery method is believable, especially when it looks like it has something to do with work.” In addition, the programming language, which in this case is called Visual Basic, is very easy to understand. As a result, the amount of technical expertise required to write macro viruses is significantly reduced. “

The incident response lead at the cloud security company, Redacted, Lauren Pearce, shared the same sentiment. According to what she said, “We continue to see significant damage from unsophisticated malware.” “The simple Office document macro continues to be the most common way for infections to get in.”

Viruses with multiple forms According to Schloss, “even though the macro virus is the simplest to code, this type [the polymorphic virus] would be the most complex because the virus is exactly what its name says: polymorphic.” “Every time the code is executed, it executes slightly differently, and in most cases, every time it moves to a new machine, the code will be slightly different.”

You should treat all of your children (or enemies) with the same amount of respect, but Schloss admits that “this category of viruses is my favourite because it’s complicated and hard to investigate and find.”

Resident viruses A disembodied virus is a type of virus that does not exist as part of a file and is considered to be one of the most dangerous types. “The virus itself is actually executing within the RAM of the host,” says Schloss. “The RAM of the host is where the virus is doing its work.” “The code for the virus is not kept within the executable that calls it; rather, it is typically kept on a website or in a storage container that is accessible via the internet.” In most cases, the executable that calls the resident code is written in such a way as to appear benign on purpose, with the goal of evading detection by an antivirus program. “

Naturally, the concept of a resident virus presupposes the presence of another type of virus known as a non-resident virus. This is how Schloss describes it: “a virus that is already present within the executable that is attempting to call it.” Abuse of enterprise services is the most common vector through which these viruses spread. “

Leave A Reply

Your email address will not be published.