Hello again.
The topic of today's article. Types of computer viruses, principles of their operation, ways of infection by computer viruses.
What are computer viruses anyway?
A computer virus is a specially written program or assembly of algorithms that are written for the purpose of: making a joke, harming someone’s computer, gaining access to your computer, intercepting passwords or extorting money. Viruses can self-copy and infect your programs and files, as well as boot sectors, with malicious code.
Types of malware.
Malicious programs can be divided into two main types.
Viruses and worms.
Viruses- are distributed through a malicious file that you could download on the Internet, or may end up on a pirated disk, or they are often transmitted via Skype under the guise of useful programs (I noticed that schoolchildren often fall for the latter; they are allegedly given a mod for the game or cheats, but in fact In fact, it may turn out to be a virus that can cause harm).
The virus introduces its code into one of the programs, or disguises itself as a separate program in a place where users usually do not go (folders with the operating system, hidden system folders).
The virus cannot run itself until you run the infected program yourself.
Worms They already infect many files on your computer, for example all exe files, system files, boot sectors, etc.
Worms most often penetrate the system themselves, using vulnerabilities in your OS, your browser, or a specific program.
They can penetrate through chats, communication programs such as skype, icq, and can be distributed through email.
They can also be on websites and use a vulnerability in your browser to penetrate your system.
Worms can spread across a local network; if one of the computers on the network is infected, it can spread to other computers, infecting all files along the way.
Worms try to write for the most popular programs. For example, now the most popular browser is “Chrome”, so scammers will try to write for it and create malicious code on sites for it. Because it is often more interesting to infect thousands of users who use a popular program than a hundred with an unpopular program. Although chrome is constantly improving protection.
The best protection against network worms This is to update your programs and your operating system. Many people neglect updates, which they often regret.
Several years ago I noticed the following worm.
But it clearly did not come through the Internet, but most likely through a pirated disk. The essence of his work was this: he allegedly created a copy of each folder on the computer or on a flash drive. But in fact, it did not create a similar folder, but an exe file. When you click on such an exe file, it spreads even more throughout the system. And so, as soon as you got rid of it, you came to a friend with a flash drive, downloaded his music, and you returned with a flash drive infected with such a worm and had to remove it again. I don’t know whether this virus caused any other harm to the system, but soon this virus ceased to exist.
Main types of viruses.
In fact, there are many types and varieties of computer threats. And it’s simply impossible to consider everything. Therefore, we will look at the most common and most unpleasant ones recently.
Viruses are:
— File— are located in an infected file, are activated when the user turns on this program, but cannot be activated themselves.
— Boot- can be loaded when windows loads, getting into startup, when inserting a flash drive or the like.
-
Macro viruses
- these are various scripts that can be located on the site, can be sent to you by mail or in Word and Excel documents, and perform certain functions inherent in the computer. They exploit the vulnerabilities of your programs.
Types of viruses.
-Trojan programs
— Spies
— Extortionists
— Vandals
— Rootkits
— Botnet
— Keyloggers
These are the most basic types of threats that you may encounter. But in reality there are many more.
Some viruses can even be combined and contain several types of these threats at once.
— Trojan programs. The name comes from the Trojan horse. It penetrates your computer under the guise of harmless programs, and then can open access to your computer or send your passwords to the owner.
Recently, Trojans called stealers have become widespread. They can steal saved passwords in your browser and in game email clients. Immediately after launch, it copies your passwords and sends your passwords to the attacker’s email or hosting. All he has to do is collect your data, then either sell it or use it for his own purposes.
— Spies (spyware) track user actions. What sites the user visits or what the user does on his computer.
— Extortionists. These include Winlockers. The program completely or completely blocks access to the computer and demands money for unlocking, for example, to deposit it into an account, etc. Under no circumstances should you send money if you fall into this situation. Your computer will not be unlocked, and you will lose money. You have a direct route to the Drweb company website, where you can find how to unlock many winlockers by entering a certain code or performing certain actions. Some Winlockers may disappear within a day, for example.
— Vandals can block access to antivirus sites and access to antiviruses and many other programs.
— Rootkits(rootkit) are hybrid viruses. May contain various viruses. They can gain access to your PC, and the person will have full access to your computer, and they can merge to the kernel level of your OS. They came from the world of Unix systems. They can disguise various viruses and collect data about the computer and all computer processes.
— Botnet quite an unpleasant thing. Botnets are huge networks of infected “zombie” computers that can be used to DDoS websites and other cyber attacks using infected computers. This type is very common and difficult to detect; even antivirus companies may not know about their existence for a long time. Many people can be infected with them and not even know it. You are no exception, and maybe even me.
— Keyloggers(keylogger) - keyloggers. They intercept everything you enter from the keyboard (websites, passwords) and sends them to the owner.
Ways of infection by computer viruses.
Main routes of infection.
— Operating system vulnerability.
— Browser vulnerability
— The quality of the antivirus is poor
— User stupidity
- Removable media.
OS vulnerability— no matter how hard you try to rivet protection for the OS, security holes appear over time. Most viruses are written for Windows, as this is the most popular operating system. The best protection is to constantly update your operating system and try to use a newer version.
Browsers— This happens due to browser vulnerabilities, especially if they are old. It can also be treated with frequent updates. There may also be problems if you download browser plugins from third-party resources.
Antiviruses- free antiviruses that have less functionality than paid ones. Although paid ones do not give 100 results in defense and misfire. But it is still advisable to have at least a free antivirus. I have already written about free antiviruses in this article.
User stupidity- clicking on banners, following suspicious links from letters, etc., installing software from suspicious places.
Removable media— viruses can be installed automatically from infected and specially prepared flash drives and other removable media. Not long ago the world heard about the BadUSB vulnerability.
https://avi1.ru/ - you can buy very inexpensive promotion on social networks on this site. You will also receive really advantageous offers for purchasing resources for your pages.
Types of infected objects.
Files— They infect your programs, system and regular files.
Boot sectors- resident viruses. As the name implies, they infect the boot sectors of the computer, assign their code to the computer’s startup and are launched when the operating system starts. Sometimes they are well camouflaged and difficult to remove from startup.
Macros— Word, Excel and similar documents. I use macros and vulnerabilities in Microsoft Office tools and introduce malicious code into your operating system.
Signs of computer virus infection.
It is not a fact that the appearance of some of these signs means the presence of a virus in the system. But if they exist, it is recommended to check your computer with an antivirus or contact a specialist.
One of the common signs is This is a severe overload of the computer. When your computer is running slowly, although you don’t seem to have anything turned on, there are programs that can put a lot of stress on your computer. But if you have an antivirus, note that the antiviruses themselves load the computer very well. And if there is no such software that can load, then most likely there are viruses. In general, I advise you to first reduce the number of programs launched in startup.
It may also be one of the signs of infection.
But not all viruses can heavily load the system; some of them are almost difficult to notice changes.
System errors. Drivers stop working, some programs start to work incorrectly or often crash with an error, but let’s say this has never been noticed before. Or programs start to reboot frequently. Of course, this happens due to antiviruses, for example, the antivirus deleted it by mistake, considering the system file to be malicious, or deleted a truly infected file, but it was associated with the system files of the program and the deletion resulted in such errors.
The appearance of advertising in browsers or even banners start appearing on the desktop.
The appearance of non-standard sounds when the computer is running (squeaking, clicking for no reason, etc.).
CD/DVD drive opens by itself, or it just starts to read the disk even though there is no disk there.
Turning the computer on or off for a long time.
Stealing your passwords. If you notice that various spam is being sent on your behalf, from your mailbox or social network page, it is likely that a virus has penetrated your computer and transferred passwords to the owner, if you notice this, I recommend checking with an antivirus without fail (although it is not a fact that this is exactly the case the attacker got your password).
Frequent access to the hard drive. Every computer has an indicator that flashes when various programs are used or when you copy, download, or move files. For example, your computer is just turned on but no programs are being used, but the indicator starts blinking frequently, supposedly programs are being used. These are already viruses at the hard drive level.
So we actually looked at computer viruses that you may encounter on the Internet. But in fact, there are many times more of them, and it is not possible to completely protect yourself, except by not using the Internet, not buying disks, and not turning on the computer at all.