🖥 Types of malware

▶️Let's start by discussing some of the most common types of malware. There are many different categories, but we can start by talking about viruses, worms, and trojans. Viruses are pieces of code that attach themselves to other programs and replicate themselves, often causing damage in the process. Worms are similar to viruses, but they are self-replicating and can spread across networks without human intervention. Trojans are pieces of software that appear to be legitimate but actually have a hidden, malicious purpose.

🚪 Backdoors
🚪

🟡Malware with a backdoor capability allows an attacker to breach normal authentication or encryption in a computer, product, or embedded device, or sometimes its protocol. Backdoors provide attackers with invisible access to systems, enabling them to remotely control the victim’s machine for various malicious activities.

⬇️ Downloaders

🟡Downloaders are a type of malware that, once installed on a victim’s system, downloads and installs other malicious software. These are often used in multi-stage attacks where the downloader serves as a means to bring in more advanced, and sometimes tailored, threats onto the compromised machine.

🇬🇷 Trojan

🟡Trojan malware is malicious software that disguises itself as legitimate software. The term is derived from the Ancient Greek story of the deceptive wooden horse that led to the fall of the city of Troy. Trojans can allow cyber-thieves and hackers to spy on you, steal your sensitive data, and gain backdoor access to your system.

🐀 Remote access trojans (RATs)

🟡RATs provide the attacker with complete control over the infected system. They can be used to install additional malware, send data to a remote server, interfere with the operation of devices, modify system settings, run or terminate applications, and more. RATs can be particularly dangerous because they often remain undetected by antivirus software.

🥷 Stealers

🟡These types of malware are designed to extract sensitive data from a victim’s system, including passwords, credit card details, and other personal information. Once the data is stolen, it can be used for malicious purposes such as identity theft or financial fraud, or even sold on the dark web.

🖥 Bootkits

🟡A bootkit is a malware variant that infects the master boot record (MBR). By attacking the startup routine, the bootkit ensures that it loads before the operating system, remaining hidden from antivirus programs. Bootkits often provide backdoor access and are notoriously difficult to detect and remove.

◀️ Reverse shells

🟡In the context of a reverse shell, the attacking machine obtains communications from the target machine. A listener port is present on the attacking machine, through which it obtains the connection, providing a covert channel that bypasses firewall or router restrictions on the target machine. This can provide command-line access and, in some cases, full control over the target machine.