The Mechanisms of Malware

Cybersecurity can be viewed as a perennial battle between privacy and entities who wish to invade and dismantle private channels of communication and encrypted information, regardless of their motivations. While government organisations, particularly in the United States, pose the greatest threat to personal security, the unregulated domain of the independent hacker has been the ground zero of millions of lines of malicious code.

Although independent hackers are often depicted as rogue individuals acting on morally-justifiable grounds, it is important to remember that many capable individuals are simply motivated by the same thing that drives most of our professional lives – money. Most prominently in recent years, ransomware has extorted millions of dollars from individuals and corporations worldwide.

Ransomware refers to software which, once launched on a victim’s computer, encrypts their data and demands payment, usually in bitcoin (BTC), under threat of either deleting the data or releasing sensitive information to the public. While several successful operations have led to the eradication of many notorious snew-piktochart_172_4a82e47dfd356c097679c40c306e8c896b63b267trains of ransomware, new software is constantly emerging, devising new methods for encryption and data extortion. Most recently, malware called Mamba forgoes the encryption of individual files, instead encrypting a user’s entire hard drive and demanding one Bitcoin (approx. R14000) to decrypt the infected computer.

While ransomware generally targets large corporations due to the payment potential, the malware can affect anyone. As with most malicious software, ransomware is generally spread via phishing emails, which contain links or attachments which, once opened, install the malicious code onto your device.  Older strains of ransomware may be easily removed through the use of decryption software developed in response to the initial outbreaks of these programs, but newer strains of ransomware, such as Mamba, remain unfeasible to break. In line with that timeless IT mantra – the best way to safeguard against data loss in these situations is to ensure that your important data is regularly backed up via external storage, whether that be cloud-based or on a physical hard-drive.

Perhaps the most insidious form of malware in popular culture, Remote Access Trojan (RAT) software and its uses have even been the subject matter of horror movies and dystopian series Black Mirror in recent years. RAT malware, generally distributed through phishing links, allows an attacker to control an infected computer remotely. Currently, Dark Comet(targeting Windows) and AlienSpy (targeting Apple OS) have infiltrated thousands of computers, allowing attackers to remotely spy on, and record individuals via their webcams. These programs circumvent popular antivirus tools, allowing them to go virtually undetected.

Again, prevention is more effective than treatment in the case of combatting RAT malware. Individuals can avoid infection by maintaining safe online practices – ensuring that your device’s firewalls and antivirus are regularly updated, being wary of unexpected emails and potential phishing links, and, importantly, ensuring that your device’s webcam is physically covered when not in use.

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s