What is Malware?
Malware is any type of malicious software that can infect your computer and slow performance, monitor usage, steal sensitive information, or gain access to privileged areas on your computer. These can be harmful to your computer and your files. This post will discuss the different types of malware, how to tell if your computer is infected, prevention, and removal. For more detailed information about computer security resources, check out the IT Help Services Security Center online or stop into the IT Help Center for a free Security Check-up.
Types of malware:
Adware-The term Adware can be used for two different purposes. Adware can be a good thing when it is a legitimate piece of software containing ads embedded in a program which provides the user with free or reduced cost service. Adware when used in terms of malware, however, is a type of spyware (defined later in this article) that tracks your browsing history in order to produce ads which are more relevant to you.
Backdoor-A backdoor is a method of bypassing authentication (providing a username and password) and accessing the computer. While a backdoor itself isn’t necessarily malicious, a backdoor can be used to place other malicious software on a computer that wouldn’t be able to get there by other means.
Keylogger-A keylogger is a bit of software that gets installed on your computer unbeknownst to you, and starts logging everything that you enter into the computer. This type of malware will often send usernames and passwords back to the attacker, who can then use this information to get into your bank accounts, social media accounts, and really anything that would require a username and password.
Ransomware-Ransomware is a subcategory of malware which typically will appear as a popup on the desktop that will not allow access to anything on the computer until the user pays a fee to the creator of the malware.
Rootkit– A rootkit is a difficult, if not impossible piece of malware to detect and remove from a computer, as it embeds itself in the normal processes of the computer and its operating system.
Spyware– Spyware is any software that is on your computer, especially hidden in your browser, which monitor the activities that take place on your computer. It can observe browsing patterns, but in addition to just monitoring, spyware can install additional software to aid in observation or it can change computer settings to give itself more access to sensitive information.
Trojan Horse– A Trojan horse disguises itself as a legitimate program which will convince the user to install on the computer through social engineering, then it will dump malware into the computer , which can cause all kinds of problems on a machine.
URL Injector– Software that will place a different URL in place of the real URL of the site you were trying to visit is called a URL injector. If you are trying to visit Facebook, for example, this would place a different URL in it’s place but have an identical homepage. This prompts users to enter their login credentials to a malicious site that will steal them.
Virus-A type of malware that once it gets into your computer continuously replicates and attacks different files and programs is a virus. It is said to infect the files and programs it gets into, making them hosts for replication and transmission to infect other computers.
Worm-A worm is like a virus in that it replicates itself and spreads itself to different computers over a network, but unlike a virus it is a standalone piece of software and it does not embed itself in existing programs and files.
Signs to look out for:
- Slow performance
- Computer crashing frequently
- Phishing Scams
- Erratic behaviors that you did not initiate
- Keep all programs up to date
- Install and run an antivirus program
- Keep a single firewall on
- Have strong, long, and varied passwords that you change often
How to remove infections:
- Delete temporary files using a disk cleanup
- Download and run a malware scanner (such as Malwarebytes)
- Check the machine against our security checklist for personal computers or for university-owned machines
- For faculty and staff using university-owned machines: Data Protection Action Plan
OIT urges members of the UMass Amherst community to secure their computers, guard against online fraud, and protect personal and University data. The University has a defined incident response process for dealing with University-owned computers that have been infected with malicious software. This process is designed to comply with university policy, state law, and to help protect University’s data.
For more information about our incident response process, please visit our website, here: http://www.oit.umass.edu/support/security/data-security-incidents-prevention-response-procedures-umass-amherst