What method would a cyber attacker use to infect a system with malware

Malware discussion typically encompasses three main aspects:

Table of Contents Show

Types of malware attack vectors
Best practices against malware attacks

Objective: What the malware is designed to achieve
Delivery: How the malware is delivered to the target
Concealment: How the malware avoids detection (this item is beyond the scope of this discussion)

Here’s a breakdown of some of the objectives and delivery mechanisms observed in malware.

Objectives

Malware is created with an objective in mind. While it could be said that the objective is “limited only to the imagination of its creator,” this will focus on some of the most common objectives observed in malware.

Exfiltrate Information

Stealing data, credentials, payment information, etc. is a recurring theme in the realm of cybercrime. Malware focused on this type of theft can be extremely costly to a person, company, or government target that falls victim.

Disrupt Operations

Actively working to “cause problems” for a target’s operation is another objective seen in malware. From a virus on a single computer corrupting critical OS files (making that one system unusable) to an orchestrated, physical self-destruction of many systems in an installation, the level of “disruption” can vary. And there’s also the scenario where infected systems are directed to carry out large-scale distributed denial of service (DDOS) attacks.

Demand Payment

Some malware is focused on directly extorting money from the target. Scareware uses empty threats (ones which are unsubstantiated and/or couldn’t actually be carried out) to “scare” the target into paying some money. Ransomware is a type of malware that attempts to prevent a target from accessing their data (usually by encrypting files on the target) until the target “pays up.” While there is debate over whether victims of ransomware should or should not pay, it has become enough of a threat that some companies have preemptively purchased Bitcoin just in case they get hit with ransomware and decide to pay the ransom.

Types of malware attack vectors

There are three main types of malware attack vectors:

Trojan Horse: This is a program which appears to be one thing (e.g. a game, a useful application, etc.) but is really a delivery mechanism for malware. A trojan horse relies on the user to download it (usually from the internet or via email attachment) and run it on the target.
Virus: A virus is a type of self-propagating malware which infects other programs/files (or even parts of the operating system and/or hard drive) of a target via code injection. This behavior of malware propagation through injecting itself into existing software/data is a differentiator between a virus and a trojan horse (which has purposely built malware into one specific application and does not make attempts to infect others).
Worm: Malware designed to propagate itself into other systems is a worm. While virus and trojan horse malware are localized to one infected target system, a worm actively works to infect other targets (sometimes without any interaction on the user’s behalf).

Over the years, malware has been observed to use a variety of different delivery mechanisms, or attack vectors. While a few are admittedly academic, many attack vectors are effective at compromising their targets. These attack vectors generally occur over electronic communications such as email, text, vulnerable network service, or compromised website, malware delivery can also be achieved via physical media (e.g. USB thumb drive, CD/DVD, etc.).

Best practices against malware attacks

The following best practices can help prevent a malware attack from succeeding and/or mitigate the damage done by a malware attack.

Continuous User Education

Training users on best practices for avoiding malware (i.e. don’t download and run unknown software, don’t blindly insert “found media” into your computer), as well as how to identify potential malware (i.e. phishing emails, unexpected applications/processes running on a system) can go a long way in protecting an organization. Periodic, unannounced exercises, such as intentional phishing campaigns, can help keep users aware and observant. Learn more about security awareness training.

Use Reputable A/V Software

When installed, a suitable A/V solution will detect (and remove) any existing malware on a system, as well as monitor for and mitigate potential malware installation or activity while the system is running. It’ll be important to keep it up-to-date with the vendor’s latest definitions/signatures.

Ensure Your Network is Secure

Controlling access to systems on your organization’s network is a great idea for many reasons. Use of proven technology and methodologies—such as using a firewall, IPS, IDS, and remote access only through VPN—will help minimize the attack “surface” your organization exposes. Physical system isolation is usually considered an extreme measure for most organizations, and is still vulnerable to some attack vectors.

Perform Regular Website Security Audits

Scanning your organization’s websites regularly for vulnerabilities (i.e. software with known bugs, server/service/application misconfiguration) and to detect if known malware has been installed can keep your organization secure, protect your users, and protect customers and visitors for public-facing sites.

Create Regular, Verified Backups

Having a regular (i.e. current and automated) offline backup can be the difference between smoothly recovering from a destructive virus or ransomware attack and stressful, frantic scrambling with costly downtime/data-loss. The key here is to actually have regular backups that are verified to be happening on the expected regular basis and are usable for restore operations. Old, outdated backups are less valuable than recent ones, and backups that don’t restore properly are of no value.

In summary

Malware takes on many different forms and attacks in different ways. But with some thoughtful preparation and process improvements, as well as ongoing user education, your organization can gain-and-maintain a solid security stance against malware attacks.

Man-in-the-Middle (MITM) Attacks

Denial-of-Service Attacks

Malware is a catch-all term for any type of malicious software designed to harm or exploit any programmable device, service or network. Cybercriminals typically use it to extract data that they can leverage over victims for financial gain. That data can range from financial data, to healthcare records, to personal emails and passwords—the possibilities of what sort of information can be compromised have become endless.

Malware encompasses all types of malicious software, including viruses, and cybercriminals use it for many reasons, such as:

Tricking a victim into providing personal data for identity theft
Stealing consumer credit card data or other financial data

Assuming control of multiple computers to launch denial-of-service attacks against other networks
Infecting computers and using them to mine bitcoin or other cryptocurrencies

Since its birth more than 30 years ago, malware has found several methods of attack. They include email attachments, malicious advertisements on popular sites (malvertising), fake software installations, infected USB drives, infected apps, phishing emails and even text messages.

Unfortunately, there is a lot of malware out there, but understanding the different types of malware is one way to help protect your data and devices:

Viruses

A virus usually comes as an attachment in an email that holds a virus payload, or the part of the malware that performs the malicious action. Once the victim opens the file, the device is infected.

Ransomware

One of the most profitable, and therefore one of the most popular, types of malware amongst cybercriminals is ransomware. This malware installs itself onto a victim’s machine, encrypts their files, and then turns around and demands a ransom (usually in Bitcoin) to return that data to the user.

Scareware

Cybercriminals scare us into thinking that our computers or smartphones have become infected to convince victims to purchase a fake application. In a typical scareware scam, you might see an alarming message while browsing the Web that says “Warning: Your computer is infected!” or “You have a virus!” Cybercriminals use these programs and unethical advertising practices to frighten users into purchasing rogue applications.

Worms

Worms have the ability to copy themselves from machine to machine, usually by exploiting some sort of security weakness in a software or operating system and don’t require user interaction to function.

Spyware

Spyware is a program installed on your computer, usually without your explicit knowledge, that captures and transmits personal information or Internet browsing habits and details to its user. Spyware enables its users to monitor all forms of communications on the targeted device. Spyware is often used by law enforcement, government agencies and information security organizations to test and monitor communications in a sensitive environment or in an investigation. But spyware is also available to consumers, allowing purchasers to spy on their spouse, children and employees.

Trojans

Trojans masquerade as harmless applications, tricking users into downloading and using them. Once up and running, they then can steal personal data, crash a device, spy on activities or even launch an attack.

Adware

Adware programs push unwanted advertisements at users and typically display blinking advertisements or pop-up windows when you perform a certain action. Adware programs are often installed in exchange for another service, such as the right to use a program without paying for it.

Fileless malware

Fileless malware is a type of malicious software that uses legitimate programs to infect a computer. Fileless malware registry attacks leave no malware files to scan and no malicious processes to detect. It does not rely on files and leaves no footprint, making it challenging to detect and remove.

The most common signs that your computer has been compromised by malware are:

Slow computer performance
Browser redirects, or when your web browser takes you to sites you did not intend to visit
Infection warnings, frequently accompanied by solicitations to buy something to fix them
Problems shutting down or starting up your computer
Frequent pop-up ads

The more of these common symptoms you see, the higher the likelihood your computer has a malware infection. Browser redirects and large numbers of pop-up warnings claiming you have a virus are the strongest indicators that your computer has been compromised.

Even though there are a lot of types of malware out there, the good news is, there are just as many ways to protect yourself from malware. Check out these top tips:

Protect your devices

Keep your operating system and applications updated. Cybercriminals look for vulnerabilities in old or outdated software, so make sure you install updates as soon as they become available.
Never click on a link in a popup. Simply close the message by clicking on “X” in the upper corner and navigate away from the site that generated it.
Limit the number of apps on your devices. Only install apps you think you need and will use regularly. And if you no longer use an app, uninstall it.

Use a mobile security solution like McAfee® Security, available for Android and iOS. As malware and adware campaigns continue to infect mobile applications, make sure your mobile devices are prepared for any threat coming their way.
Don’t lend out your phone or leave your devices unattended for any reason, and be sure to check their settings and apps. If your default settings have changed, or a new app has mysteriously appeared, it might be a sign that spyware has been installed.

If you don’t already have comprehensive security protection on all your devices, then try out McAfee® Total Protection, which protects all your PCs, Macs, tablets and smartphones from online threats while safeguarding your data and identity.

Be careful online

Avoid clicking on unknown links. Whether it comes via email, a social networking site or a text message, if a link seems unfamiliar, keep away from it.
Be selective about which sites you visit. Do your best to only use known and trusted sites, as well as using a safe search plug-in like McAfee® WebAdvisor, to avoid any sites that may be malicious without your knowing.
Beware of emails requesting personal information. If an email appears to come from your bank and instructs you to click a link and reset your password or access your account, don't click it. Go directly to your online banking site and log in there.
Avoid risky websites, such as those offering free screensavers.

Pay attention to downloads and other software purchases

Only purchase security software from a reputable company via their official website or in a retail store.
Stick to official app stores. While spyware can be found on official app stores, they thrive on obscure third-party stores promoting unofficial apps. By downloading apps for jailbroken or rooted devices, you bypass built-in security and essentially place your device’s data into the hands of a stranger.
When looking for your next favorite app, make sure you only download something that checks out. Read app reviews, utilize only official app stores, and if something comes off as remotely fishy, steer clear.
Do not open an email attachment unless you know what it is, even if it came from a friend or someone you know.

Perform regular checks

If you are concerned that your device may be infected, run a scan using the security software you have installed on your device.
Check your bank accounts and credit reports regularly.

With these tips and some reliable security software, you’ll be well on your way to protecting your data and devices from all kinds of malware.

* Important Terms and Offer Details:

 Subscription, Free Trial, Pricing and Automatic Renewal Terms:

 Subscription, Free Trial, Pricing and Automatic Renewal Terms:

The amount you are charged upon purchase is the price of the first term of your subscription. The length of your first term depends on your purchase selection. Once your first term is expired, your subscription will be automatically renewed on an annual basis and you will be charged the renewal subscription price in effect at the time of your renewal, until you cancel (Vermont residents must opt-in to auto-renewal.)

Unless otherwise stated, if a savings amount is shown, it describes the difference between the introductory first term price (available only to customers without an existing McAfee subscription) and the renewal subscription price (e.g., first term price vs. each year thereafter).

Pricing is subject to change. If the renewal price changes, we will notify you in advance so you always know what’s going on.

You can cancel your subscription or change your auto-renewal settings any time after purchase from your My Account page. To learn more, click here.

You will be provided a full refund upon request, by contacting Customer Support within 30 days of your initial purchase or 60 days of auto-renewal.

Your subscription is subject to our License Agreement and Privacy Notice. Subscriptions covering "all" devices are limited to supported devices that you own. Product features may be added, changed or removed during the subscription term. Not all features may be available on all devices. See System Requirements for additional information.

Free Trial Terms: At the end of your trial period you will be charged $39.99 for the first term. After the first term, you will be automatically renewed at the renewal price (currently $109.99/yr). We will charge you 7-days before renewal. You can cancel at any time before you are charged.

Unlimited plans cover only household devices that you own for personal, non-commercial use, and is subject to our fair use policy. If you have an issue adding a device, please contact Customer Support.

 **Free Benefits With Auto-Renewal:

 **Free Benefits With Auto-Renewal:

For many qualifying product subscriptions McAfee offers additional benefits for free when you are enrolled in auto-renewal. You can check your eligibility for these benefits in your My Account page. Not all benefits are offered in all locations or for all product subscriptions. System Requirements apply. Turning off auto-renewal terminates your eligibility for these additional benefits.
Virus Protection Pledge (VPP): If we cannot remove a virus from your supported device we’ll refund you the amount you paid for your current term subscription. The refund does not apply to any damage or loss caused by a virus. You are responsible for backing up your data to prevent data loss. See terms here: mcafee.com/pledge.
Safe Connect VPN: You will receive free, unlimited access to our VPN wireless on supported devices. Users not on auto-renewal have access to 500 MB/month of bandwidth.

 ‡Additional Terms Specific to Identity Monitoring Service:

 ‡Additional Terms Specific to Identity Monitoring Service:

Eligibility: McAfee® Identity Monitoring Service Essentials is available within active McAfee Total Protection and McAfee LiveSafe subscriptions with identity monitoring for up to 10 unique emails. Phone number monitoring is enabled upon activation of Automatic Renewal. Not all identity monitoring elements are available in all countries. See Product Terms of Service for more information. 

Your subscription is subject to our License Agreement and Privacy Notice. Product features may be added, changed or removed during the subscription term. Some features may require registration and a valid ID number to activate. See System Requirements for additional information.

While McAfee Identity Monitoring Service provides you tools and resources to protect yourself from identity theft, no identity can be completely secure.

US Only:
Fair Credit Reporting Act: You have numerous rights under the FCRA, including the right to dispute inaccurate information in your credit report(s). Consumer reporting agencies are required to investigate and respond to your dispute, but are not obligated to change or remove accurate information that is reported in compliance with applicable law. While this plan can provide you assistance in filing a dispute, the FCRA allows you to file a dispute for free with a consumer reporting agency without the assistance of a third party.

Identity theft coverage is not available in New York due to regulatory requirements.