Tuesday, 01 November 2016 09:32

How Hackers Get Rich Spreading Malware

By: 

Computer viruses and malware are spreading faster than their biological counterparts it seems.

Numbers from security firms point to the fact that close to 20 million malware threats have been neutralized in the first quarter of 2016. This equates to about 27,000 in one single day.

This leads us to a frightening scenario: huge amounts of malware is being created and distributed intentionally on a daily basis only for the creators to make huge sums of money over the internet.

The hackers employ a variety of methods to spread the viruses on the victims’ computers.

Methods of Spreading Malware

Spreading is the name of the technique used by hackers to circulate viruses. These days it seems to be getting easy with many tutorials being made available on the Clearnet that teaches one the many methods used to spread malware.

The effort to spread starts with making payloads in a manner that makes the malware most effective once it is delivered to a victim’s computer.

It is usually done by packing the malware within contents of other files. The .exe files which are portable have a lot of space left that is used up by hackers for loading the malware programs. This makes it easy to be transported over the internet safely.

Sometimes, the hackers attach the malicious files to bundles of executable files that otherwise appear safe and normal. Viruses may be inserted even into .pdf and document files.

In a client-server setup, hackers sometimes use vulnerabilities of software that reside on client-side machines. The hackers use a technique called “java drive-by” and make it possible for the malicious software to download and run itself with or without user intervention.

This is possible when client-side browsers are weak and insecure. There are many platforms used by hackers to spread malicious software.

One example is pirate bay which is a torrent network. Using such a platform, it is possible even for a beginner hacker to infect millions of users within a short period.

In one instance, about 12 million users were infected with malware in a months’ time.

Malvertising is another common method used by hackers to spread malware.

They attach the malicious software into advertisements on well-trusted websites that earn their revenues through advertisements.

This ends up infecting millions of unsuspecting users’ computers from trusted platforms.

The biggest advantage that the hackers have is that there is no suspicion caused.

Anti-Virus and Malware

In the midst of such a scenario, it has now been understood that an anti-virus program alone is just not enough to keep data safe against malware these days.

However, in this context, it is important to know as to how an anti-virus program works.

Anti-virus programs are designed to scan all files residing on the hard disk and detect typical signatures that are found in infected files. The anti-virus program maintains large databases of signatures or even bits of code that typically come from malware or virus programs.

However, it is possible for the hackers to change signatures of virus programs with reasonable ease.

For this purpose, hackers use programs called runtime crypters that are available in darknet markets and specific forums that are frequented by hackers. Crypters are programs that contain coded versions of the actual malware.

When such a program is executed, the malware decrypts itself and runs from the memory. The malware thus effectively evades the action of the anti-virus.

Some anti-virus programs work by quarantining programs that remotely resemble malware. This is referred to as sandboxing.

In these methods, also called heuristic methods, a file’s contents are examined using algorithms which detect suspicious code.

Malware programs are now being designed to outwait the surveillance times of anti-virus programs before they start to work.

The latest malware programs are also designed to do nothing if they are run on virtual machines. Popular types of malware include Remote Access Trojan, spyware, and rootkits. Distributed denial-of-service (DDoS) attacks using malware is becoming more common.

Such programs are also called ransomware where an attack encrypts all data, and the hackers demand a ransom for regaining the data through an encryption key.

At the end of it all, according to security experts, the best option for any unsuspecting user to avoid such pitfalls is to educate oneself about lesser known aspects of computer security.

Source : darkwebnews

Leave a comment

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.
Please wait

airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Newsletter Subscription

Receive Great tips via email, enter your email to Subscribe.
Please wait

Follow Us on Social Media

Book Your Seat for Webinar GET FREE REGISTRATION FOR MEMBERS ONLY      Register Now