What are some examples of malware websites


Everything about malware

As you have probably noticed, every year the health service runs a campaign to get as many people as possible to get the flu vaccine. That's because flu waves usually have a season - spread and infection begin at a specific time of the year.

In contrast, there are no predictable seasonal times in which PC, smartphones, tablets and company networks are more likely to be infected. Here you have to reckon with a permanent risk of infection. But instead of suffering from the chills and aching limbs, users can be the target of some kind of machine failure - malware.

Malware infections pelt down on us like a huge jet of water from a fire hose, and each one has its own method of attack; the palette ranges from secret and deceitful to the not so subtle hammer method. But if knowledge means power, we offer a short training course on malware as a preventive measure against infection and explain what it is, what symptoms are associated with it, how you can get infected with it, how you can counteract it and how you can avoid malware in the future .

What is malware?

Malware or "malicious software" is the generic term for any malicious program or code that damages systems.

Malicious, deliberately malicious, aggressive malware attempts to infiltrate, harm, or disable computers, computer systems, networks, tablets, and mobile devices. This often means that partial control of the processes on the device is taken over. As with the flu in humans, it interferes with normal functions.

Malware is all about making money from you illegally. While malware cannot damage the physical hardware of systems or network equipment (with one known exception - see the section on Google Android below), it can steal, encrypt, or delete your data, alter or take over the main functions of a computer, and without your knowledge or knowledge Your permission to spy on your computer activities.

How can I identify a malware infection?

Malware can be identified based on many different, deviating behavior patterns. Look out for the following tell-tale signs. They are an indication that your system has been infected with malware:

  • Your computer is slowing down. One of the biggest effects of malware is slowing down the speed of your operating system, whether it's surfing the Internet or using your local applications.
  • A flood of annoying advertisements can be seen on the screen that has no place here. Unexpected pop-up advertisements are another typical sign of malware infection. Most of all, this goes hand in hand with a type of malware called adware. But that's not all: Pop-ups are usually packed with other hidden malware threats. So if you see something like “CONGRATULATIONS, YOU HAVE WINNING A FREE SESSION WITH A SENSOR!” In a pop-up window, then under no circumstances should you click on it. Whatever free winning prize the advertisement promises, it will cost you dearly.
  • Your system crashes, freezes, or shows the blue screen of death (BSOD) error that can appear on Windows systems after a fatal error.
  • You experience an inexplicable loss of disk space, likely due to bloated malware hiding on your hard drive.
  • Your system is showing an absurd increase in internet activity.
  • Your system resources are being used unusually and your computer's cooling system is spinning at high speed. These are all signs that malware activity is tapping system resources in the background.
  • Your browser's homepage changes without your permission. Links you click redirect you to unwanted landing pages. This usually means that you clicked a “congratulations” pop-up that was downloading unwanted software. At the same time, your browser can slow down so that almost nothing happens.
  • New toolbars, extensions or plug-ins appear in your browser quite unexpectedly.
  • Your antivirus has stopped working and you cannot update it, i. H. You cannot protect yourself from the deceitful malware that the antivirus has disabled.
  • And then there is the painfully obvious, deliberately conspicuous malware attack. This is known to be the case with ransomware that advertises itself; she tells you that she has your details and wants a ransom for the return.
  • Even if everything seems to be working fine on your system, don't rely on it, because appearances are all too easy to deceive. Powerful malware can hide inside your computer and do its dirty things without warning while it steals your passwords and confidential files, or spreads to other computers from your PC.

How does malware get in?

The “instructions” for malware infection include a long list of points. At the top are the two most common ways that malware accesses your system - via the Internet and via email. That means practically every time you are online.

Malicious software can enter your computer while you are browsing infected websites (take a deep breath), clicking game demos, downloading infected music files, installing new toolbars from an unknown provider, installing software from a risky source, sending malicious email Open attachment or virtually any download from the web to a device that does not have an anti-malware security application installed.

Malicious applications can hide in what appear to be legitimate applications, especially when downloaded from websites or messages - rather than through a secure app store. Here it is important to watch out for warning messages when installing the program, especially if authorization to access your e-mail or other personal data is requested.

"However, malware attacks would not work without the most important element: You."

Bottom line: it's best to stick to trusted sources, install only reputable third-party applications, and download these apps directly from the provider's website - never from any other website. All in all, there are tons of players out there throwing their toxic bait at you by offering faster internet, a new download manager, a hard drive cleaner, or an alternative search service.

"However, malware attacks would not work without the most important element: you. That means, of course, a gullible version of you willing to open an unknown email attachment or click on something and download it from an untrustworthy source. And that has nothing to do with “denouncing clicks”, because even very experienced people have been tricked into installing malware.

Even if you install something from a trusted source, you could still install unwanted software if you ignore the consent prompt, which may approve the installation of other bundled software. This additional software is often presented as a necessary component, but it is not.

Another problem is some type of social engineering that a Malwarebytes expert observed in the UK. The scam targeted mobile device users and used a common payment method that went straight to the bill. The users visited the websites and unintentionally triggered invisible buttons. This led to bills being sent to them via their cell phone number, so that they were billed directly to the victims' networks. The networks, in turn, charged the costs.

To be fair, we should also cite a guiltless malware infection scenario. It is actually possible that just visiting an infected website and displaying an infected page and / or a banner could result in drive-by malware being downloaded.

On the other hand, if you do not run an adequate security program, the responsibility for the malware infection and its consequences rests with you.

What are the most common types of malware?

The most common villains in the malware arsenal are:

  • Adware is unwanted software designed to inundate your screen with advertisements - mostly within a web browser. Adware typically uses a sneaky trick to disguise itself as a legitimate program or is embedded in another program to trick you into installing it on your PC, tablet, or mobile device.
  • Spyware is malware that observes the activities of the computer user without authorization and reports them to the author of the software.
  • A virus is malware that attaches itself to another program. When typically performed unintentionally by the user, it reproduces itself by modifying other computer programs and infecting them with their own snippets of code.
  • Worms are a type of malware and, much like viruses, reproduce in order to spread to other computers on a network; they do damage by usually destroying data and files.
  • A Trojan, also known as a Trojan horse, is one of the most dangerous types of malware. He usually poses as something useful to trick you. As soon as a Trojan has entered your system, the attackers behind it gain unauthorized access to the compromised computer. From this point it can be used to steal financial data or introduce threats such as viruses or ransomware.
  • Ransomware is a type of malware that locks you out of your device and / or files, and then forces you to pay a ransom for them. Ransomware has been called cybercriminals' weapon of choice because it demands immediate, profitable payment in hard-to-track cryptocurrency. The code behind ransomware is easily available on the online criminal market platforms and it is very difficult to ward off ransomware.
  • Rootkit is a type of malware that gives the attacker administrative access rights to the infected system. Usually it is designed to remain undetected by the user, by other software on the system, and by the operating system itself.
  • A keylogger is malware that records all keystrokes made by the user and usually saves the recorded data and sends it to the attacker who is after sensitive data such as usernames, passwords or credit card details.
  • Malicious cryptomining is sometimes called drive-by mining or cryptojacking and is an increasingly common type of malware that is usually installed by a Trojan horse. This gives someone else the opportunity to use your computer to mine cryptocurrencies such as Bitcoin or Monero. Instead of letting you make your money with the performance of your computer, cryptominers send the mined money to their own account. Basically, a malicious cryptominer is stealing your resources to make money.
  • Exploits are a type of malware that takes advantage of flaws and weaknesses in a system so that the developer of the exploit can take control. Among other threats, exploits are related to malvertising, which is an attack made through a legitimate website that inadvertently injects malicious content from an infected website. The infected content then tries to install itself on your computer in a drive-by download. Not a single click is necessary. Visiting a safe website on the wrong day is everything; you don't have to do more.

Malware updates

SamSam ransomware: Controlled distribution of elusive malware
VPN filter malware is still making waves
Malware Analysis: Decoding Emotet, Part 1

How did malware develop?

In view of the biodiversity of malware and the huge number of variants that are brought into circulation every day, the complete history of malware would be too long to tell here. However, it is easier to take a look at the malware trends in recent decades. Here are the key trends in malware development.

The 1980s and development since then: The theoretical basis of "self-reproducing automatons" (i.e. viruses) goes back to an article published in 1949. Viruses first appeared on platforms in the 1970s, before personal computers existed. But the history of modern viruses begins with a program called Elk Cloner, which began infecting Apple II systems in 1982. The virus itself was harmless and circulated by infected floppy disks, but it infected all floppy disks attached to a system and spread so exponentially that it can be considered the first large-scale computer virus outbreak. It is noteworthy that this happened before any Windows PC malware. Viruses and worms have been widespread ever since.

The 1990s: In this decade the Microsoft Windows platform and the flexible macros of its applications emerged, which led to the authors of malicious software writing infected code in the macro language of Microsoft Word and other programs. These macro viruses infected documents and templates rather than executable applications, but in fact the macros in a Word document are a type of executable code.

2002 to 2007: Instant messaging worms - self-replicating code distributed over an instant messaging network - took advantage of network vulnerabilities to spread massively, including the AOL AIM network, MSN Messenger and Yahoo Messenger, and the Instant - Infect company messaging systems.

2005 to 2009: Adware attacks increased, producing unsolicited advertisements on computer screens, sometimes in the form of a pop-up or in a window that the user could no longer close. These advertisements often used legitimate software as a means of dissemination, but around 2008 software makers began suing adware companies for fraud. That resulted in fines of millions of dollars. In the end, it heralded the end of adware companies.

2007 to 2009: Malware scammers turned to social networks like MySpace, which they exploited as a route for placing malicious advertisements, redirects, and offering fake antivirus and security tools. Their scams were designed to outsmart consumers through social engineering tricks. After MySpace became increasingly unpopular, Facebook and Twitter rose to the top platforms. Common tactics included forging links to phishing pages and promoting Facebook applications with malicious applications. As this trend lost momentum, the scammers experimented with other ways to steal.

2013: A new type of malware called ransomware launched an attack called CryptoLocker that lasted from the beginning of September 2013 to the end of May 2014 and targeted Windows computers. CryptoLocker managed to force its victims into paying $ 27 million by the final quarter of 2013. In addition, the success of ransomware spawned other similarly named ransomware. A counterfeit variant stole more than US $ 18 million from approximately 1,000 victims between April 2014 and June 2015.

2013 to 2017: Ransomware was introduced through Trojans, exploits and malvertising and became the king of malware. In 2017, this culminated in massive outbreaks affecting companies of all kinds.Ransomware encrypts the victims' data and then demands a ransom for their release.

2017 until today: Cryptocurrency - and the mining that goes with it - has drawn a lot of attention and spawned a new malware scam called cryptojacking. A foreign device is secretly used to fraudulently mine cryptocurrency with the help of the victim's resources.

Are Macs also infected by malware?

Traditionally, it was sometimes said that Macs and iPads were immune to viruses (and didn't need an antivirus program). For the most part that's true. At least it can be said that nothing happened for a long time.

"Mac systems are affected by the same vulnerabilities (and consequently symptoms of infection) as Windows computers and cannot be considered bulletproof."

Other types of malware are a different matter. Mac systems suffer from the same vulnerabilities (and thus symptoms of infection) as Windows computers and cannot be considered bulletproof. For example, Mac's built-in malware protection does not block all of the adware and spyware that are bundled into the downloads of fraudulent applications. Trojans and keyloggers are also threats. Ransomware written specifically for the Mac first appeared in March 2016 when an attack by a Trojan hit more than 7,000 Mac users.

Indeed, Malwarebytes saw more Mac malware in 2017 than in any previous year. At the end of 2017, our experts found an increase of more than 270 percent compared to 2016 in terms of new unique threats on the Mac platform.

For more information on the status of Mac malware, visit the Malwarebytes blog here.

Are mobile devices infected by malware?

Malware criminals are very keen on the mobile market. After all, smartphones are sophisticated, complex handheld computers. They also give anyone who is dishonestly wanting to make quick money the opportunity to access a treasure trove of personal data, financial data and all kinds of valuable data.

Unfortunately, this has led to an exponentially increasing number of malicious attempts to exploit vulnerabilities in smartphones. From adware, Trojans, spyware, and worms to ransomware, malware can get into your phone in a number of ways. Obvious pitfalls include clicking a risky link or downloading an untrustworthy app, but you can also get infected through email, SMS, and even your Bluetooth connection. In addition, like worms, malware can spread from one infected phone to another.

The fact is: the market for this is huge (read: the target group). A statistical source puts the number of mobile device users at 2.1 billion worldwide - with a projected increase to 2.5 billion users by 2019. A quarter of these users have more than one device. Fraudsters find the mobile market very attractive and take advantage of a huge economies of scale to leverage their efforts.

Often times, mobile device users are also the easier target. Most do not protect their phones as carefully as their computers, neglect to install security software, or keep their operating system up to date. As a result, they are exposed to security breaches, even from primitive malware. Because mobile screens are small and users cannot easily see activity, typical warning behavior that indicates an infection on a PC can go unnoticed in the background, as is the case with spyware.

Infected mobile devices are a particularly insidious threat compared to a PC. A hacked microphone and camera can track every movement and conversation. Worse still, mobile banking malware intercepts incoming calls and text messages to bypass the two-step authentication used in many banking apps.

"The more popular Android platform attracts more malware than the iPhone."

Keep in mind that a cheap phone can come preinstalled with malware and it is nearly impossible to remove. (Malwarebytes for Android warns you of pre-installed malware and provides instructions on how to remove it.)

In terms of the mobile malware ecosystem, the two predominant smartphone operating systems are Google Android and Apple iOS. Android is the market leader with a share of 80 percent of total smartphone sales, followed by iOS with a share of 15 percent. So it's no big surprise that the more popular Android platform attracts more malware than the iPhone. Let's look at each of them separately.

How can I tell if there is malware on my Android device?

Fortunately, there are some unmistakable warning signs that indicate that your Android is infected. An infection is present in the following cases:

  • Pop-ups with aggressive advertising suddenly appear. If they appear out of the blue and you want to redirect you to questionable websites, you have likely done an installation that contains hidden adware. In no case do not click on the advertisement.
  • The data usage increases all of a sudden for some inexplicable reason. Malicious software devours your data plan by displaying advertisements and forwarding the data stolen from your phone.
  • Incorrect charges appear on your statement. This is what happens when malicious software makes calls and sends messages to premium rate numbers.
  • The battery runs out quickly. Malicious software taps resources and your battery runs out faster than usual.
  • The people on your contact list are reporting strange calls and text messages from your phone. Malware reproduces itself by spreading from device to device using email and text messages; in doing so, it invites other users to click the infected link that is displayed.
  • A phone heats up while its performance decreases. For example, there is even a trojan out there entering Android phones; he uses a really mean installer to do this, and it can put such processor stress on the phone that it heats up. Then the battery swells and your Android is practically dead.
  • There are unexpected apps on the screen. Sometimes apps that you download are loaded with malware to allow stealth installation. This happens because Android allows users to go straight from Google Play to other marketplaces like Amazon that may have let a malware maker slip away.
  • Your phone activates WiFi and Internet connections all by itself. It's another way malware spreads, ignores your settings, and opens up avenues for infection.
  • Below we discuss what to do if your Android is infected. We also have an article on how to secure your privacy on Android on the Malwarebytes blog.

How can I tell if there is malware on my iPhone or iPad?

If the name of your smartphone starts with a small "i", you can pat yourself on the back, because malware is not a big problem for the iPhone. That is not to say that it does not occur at all, but it does not occur very often. More precisely, a malware infection on an iPhone usually only occurs in two exceptional cases.

"Even if pure malware infections are unlikely: with an iPhone you are in no way protected from fraudulent calls or text messages."

One case is a targeted attack from a nationally sponsored adversary - a government that has either developed malware or spent millions on its purchase to exploit an unknown security flaw in iOS. That shouldn't come as a big surprise, because all devices have some kind of weak point. Sure, Apple has done a great job securing the iOS and even preventing any apps (including security software) from scanning the phone or other apps on the device system. This is why it is so costly to develop malware that installs your code - whatever the remote activity required by the attacking nation-state.

One particularly noteworthy case occurred in 2016 when an internationally recognized human rights activist at his headquarters in the United Arab Emirates (UAE) received text messages on his iPhone promising "new revelations" about torture in UAE prisons. The recipient targeted here was asked to click on the link listed. He didn't, but instead sent the message to cybersecurity researchers who found it contained an exploit that turned the activist's phone into a digital spy.

The second case occurs when a user makes an iPhone vulnerable to attack by means of jailbreaking. H. removing restrictions and restrictions imposed by Apple, especially to ensure that software apps can only be installed through the App Store. Apple is reviewing the app developers it supports, even if it has happened that malicious software has come in tow with a legitimate app.

Another point. Even if pure malware infections are unlikely, with an iPhone you are in no way protected from fraudulent calls or text messages. If you tap a link in a message from an unknown source (or someone you know whose identity is being impersonated or covered up), you could be directed to a website asking for your login information and enter other personal information. So there are still myriad ways you can become a victim. Always proceed carefully.

Who is malware targeting?

The answer to this is: the choice is yours. The world is teeming with billions of consumer-owned devices. They are used to connect to banks, retail accounts, and anything else worth stealing. This is a broad target for adware and spyware, for keyloggers and malvertising - and for lazy criminals an attractive method with which malware can be created and distributed to as many victims as possible and with relatively little effort.

"If you use your smartphone or tablet at work, hackers can use vulnerabilities in mobile devices to attack your employer's company."

Cryptominers and ransomware suppliers don't seem to make much of a difference to their targeted victims. Individuals fall for them as well as corporations, hospitals, local governments, and retail systems.

In addition, it is not only private users who are targeted by criminals who work with mobile spyware. If you use your smartphone or tablet at work, hackers can use vulnerabilities in mobile devices to attack your employer. In addition, your company's IT incident response team may not discover incidents that originated in a mobile device that is receiving corporate communications via email.

To reiterate, not all apps available through the Apple App Store and Google Play are desirable, and the problem is even more acute with third-party app stores. While app store operators try to keep malicious apps from infiltrating their website, they don't all get through, and some get through. These apps can steal user data, extort money from users, attempt unauthorized access to corporate networks to which the device is connected, and force users to display unwanted advertisements or engage in other malicious activities.

How can I remove malware?

If you suspect malware or just want to be careful, there are a few steps you should follow.

First of all, if you haven't already, we recommend downloading a legitimate anti-malware program such as Malwarebytes for Windows, Malwarebytes for Mac, Malwarebytes for Android, or one of our business products. Second step: install it and run a scan. Programs like these are designed to scan for malware on your device and eliminate it.

As soon as the malware has been eliminated, it is advisable to change your passwords - not only the password for your PC or mobile device, but also for your e-mail and social media accounts, your favorite shopping sites, your online Banking and your online billing provider.

If your iPhone has indeed been infected, things are a bit trickier. Apple does not allow the iPhone system or other files to be scanned. Your only option is to factory reset your phone and then restore it from your backup (which hopefully you haven't missed). You can also use security software to filter and block fraudulent calls and text messages, such as Malwarebytes for iOS (coming soon).
(To delve deeper into the subject, read “10 easy steps to clean your infected computer” by Wendy Zamora.)

How can I protect myself from malware?

Stay vigilant. In particular, be careful if you see a domain name ending in a strange series of letters (rather than com, org, edu, or biz, to name a few examples) as this can be a sign of a risky one Be website.

"Make sure that your operating system as well as your browser and plug-ins are always up to date."

For all of your devices, be careful with any early signs of malware infection in order to address them as early as possible.

Avoid clicking pop-up advertisements while browsing. Do not open an unsolicited email attachment or download peer-to-peer file transfer software from untrusted websites or networks.

Make sure that your operating system, browser and plug-ins are always up to date, as the regular application of patches to your software can keep cybercriminals at bay.

For mobile device users, only download apps from the Google Play Store (App Store is the only option available on iPhone). Every time you download an app, be sure to check its ratings and customer reviews first. If the app is doing poorly on the reviews or has a small number of downloads, then it is best to avoid it.

Do not download apps from third-party sources. The best way to do this is to disable this feature on your Android phone. Go to Settings on your Android device and open the Security section. Here, make sure that the Unknown Sources option is turned off to prevent the installation of apps from marketplaces other than the Play Store.

Don't click strange unchecked links in email, text messages, and WhatsApp messages from unknown sources. Weird links sent by friends and contacts should be avoided unless they have verified that the links are safe.

To keep their businesses safe, organizations can prevent malicious apps from threatening their networks by establishing strict mobile device security policies and providing a mobile device security solution that enforces those policies. In today's business environment, this has become essential considering the multitude of operating systems deployed under a number of rooftops.

Lastly, get a good anti-malware program. It should include layered protection (the ability to detect and scan malware such as adware and spyware while maintaining real-time proactive protection that can block threats such as ransomware). Your security program should also take care of eliminating malware and undoing any system changes so that everything works as usual.

Strike back before your PC, mobile device or corporate network is attacked by first downloading a top-notch cybersecurity and antivirus program, such as Malwarebytes for Windows, Malwarebytes for Mac, Malwarebytes for Android, a Malwarebytes portable product, or one of the Malwarebytes -Solutions for companies. (A vaccination wouldn't be a bad idea either ...)