Tech Talk: Malware Bits and Bytes

By David Shinn

Malware, short for malicious software, is any software used to disrupt computer operations, gather sensitive information, and/or gain access to data on private computer systems.

Malware normally loads quietly and is intended to steal information or spy on users for an extended period without their knowledge. Malware is an umbrella term used to refer to many forms of hostile or intrusive software ---including general viruses, worms, Trojan horses, ransomware, spyware and scareware. It can take the form of an executable program, email attachment, embedded script or active web content.

Depending on how technically correct you want to be, viruses are a subset of malware, but to most people the two words mean the same thing.

Some of the more critical forms of malware are ransomware—these will encrypt the data on your hard drive and post a message that you should purchase Bitcoin to pay for a decryption key. I don’t need to mention that you do not want to do this! The most publicized names are CrypoLocker, WannaCry and TeslaCrypt.

 

PUP Definition

(Potentially Unwanted Program) An application that is installed along with a desired program. Also called a "barnacle," in most cases, the PUP is spyware or some other key logger software. However, what makes spyware a PUP rather than pure malware is the fact that the end user license agreement (EULA) does inform the user that this program will be installed. Considering no one ever reads the license agreement, the distinction is a subtle one.

PUM Definition

(Potentially Unwanted Modification) A PUM is an unwanted change made to your computer's settings. PUMs can be performed by both legitimate applications and malware, though changes made by malware are more likely to cause serious problems.

PUMs often modify settings at the system level. On Windows systems, this usually involves updating the Windows registry. Note: The Windows Registry is a hierarchical map or database of everything on your computer…. settings, software, preferences, saved information (to include perhaps credit card numbers and personal information). 

Malvertising threats as you surf the internet

Over the past six months, there have been many new types of Malware introduced that have not been directly detected by MalwareBytes Premium. The threats have been deemed “Malvertising”.

Malvertising (malicious advertising) is a fairly new concept for spreading malware and is difficult to combat because it works its way into a webpage and can spread through a system unknowingly. Infections delivered through malvertising do not necessarily require any user action (like clicking) to compromise the system. Just visiting an infected site can download the threats to your computer. Even the most cautious users have been infected. Companies and websites have had difficulty diminishing the number of malvertising attacks, which suggests that this attack method isn’t likely to disappear soon.

Microsoft fake threat

One of the latest threats is a screen that pops-up branded like an official Microsoft page. The page will notify you that a virus has been found. You may also hear talking through your speakers with instructions on how to receive Microsoft support by calling the displayed toll-free phone number. All of this is a ploy to trick you into action.

Obviously, you should not call the number. They would want to remote connect to your computer… soon followed by a request for a credit card number for support and a software program to remove the viruses. Meanwhile, they would be scouring your computer for private information and credit card numbers.

There are many similar types of fake threats… do not fall for any of them. Simply hit Ctrl-Alt-Del and End Task on the browser sessions. Then run an anti-virus and malware scan. 

Malware Removal

1) MalwareBytes
Here is an address for a free anti-malware program that is very good. http://www.MalwareBytes.org
- MalwareBytes also has a Premium version that is fully automated for an annual fee.

2) HitManPro
HitManPro is for the next level of malware removal. http://www.HitmanPro.com
- The cost for this program is $24.95 per computer, per year. 

Backup your valuable data

If you do not have an active backup plan implemented, please investigate your options. Many of the Malware sects will completely encrypt and destroy your data. A current and tested backup is always your best defense.