SECRET OF CSS

9 types of computer virus and how they do their dirty work


The human mind loves to categorize things, and malware is no exception. We here at CSO have done our part: our malware explainer breaks down malware based on how it spreads (self-propagating worms, viruses piggybacking on other code, or sneakily disguised Trojans) as well as by what it does to infected machines (rootkits, adware, ransomware, cryptojacking, and malvertising, oh my).

You can find a lot of this type of technical taxonomy, and there’s certainly utility to it. In particular, it can be helpful to differentiate different types of malware infection vectors rather than lumping everything together as a “virus,” despite popular usage of the term. But we can also put too much emphasis on these sorts of divisions.

“A lot of the terminology used to describe malware in the 90s and early 00s is still technically accurate, but maybe less relevant than it once was,” says Jacob Ansari, Security Advocate and Emerging Cyber Trends Analyst for Schellman, a global independent security and privacy compliance assessor. “While malware of the prior decades got installed on the target system and then ran by itself without human intervention, most modern attack campaigns are operated by groups of people, what we commonly call threat actors. Attackers still attempt to evade detection and persist despite defenses, and make use of a variety of programming or scripting languages to produce their hostile code.”

So we asked Ansari and other security pros about how they break down the categories of malware they deal with. In general, we found that there are two different perspectives on malware taxonomy: you can think of how viruses do their dirty work (i.e., what they do to you), or about where they fit into an ecosystem (i.e., what they do for an attacker). 

9 common types of computer virus

  1. Macro viruses
  2. Polymorphic viruses
  3. Resident viruses
  4. Boot sector viruses
  5. Multipartite viruses
  6. Droppers
  7. Beacon/payload
  8. Packers
  9. Command and control

Virus types defined by what they do to you
If you want a great perspective on the different types of malware, you could do worse than talk to someone who writes it for a living. That’s Dahvid Schloss’s job: he’s the managing lead for offensive security at cybersecurity professional services firm Echelon Risk + Cyber, where he works on malware meant to emulate real threat actors to execute command-and-control platforms on his company’s adversarial emulation and red team engagements. He broke down the different types of viruses he works with by their function.

Macro viruses. “This category is probably the most common malware technique in the world,” says Schloss. “Roughly 92% of external attacks begin with phishing, and macros are the core of the problem. A macro is an automated execution of keystrokes or mouse actions that a program can do without user interaction—typically, we’re talking about Microsoft Word/Excel macros, which can automate repetitive tasks on the worksheet or document.”

Copyright © 2022 IDG Communications, Inc.



News Credit

%d bloggers like this: