3aIT Blog

You have almost certainly seen many warnings that you should be always be wary of malware getting onto your device, but what exactly is malware?

Malware is a catch-all term for the various nasties that can end up on your computer, phone or tablet. This includes viruses, spyware, adware, trojan horses and many other hostile bits of software.

In brief, malware is something that is installed onto your device (usually either unknowingly or unwittingly) that causes undesirable effects. As this is a catch-all term, the symptoms can vary hugely. Adware is usually mostly harmless, although frequently annoying (although even adware will often send data about your browsing habits to a 3rd party so that customised adverts can be displayed to you).

At the more harmful end of the spectrum, things like "Ransomware" will deny you access to all of your documents and demand payment to regain access.

Another common malware trick is to install a "backdoor" into your device that allows full access to attackers to use it as they desire. They often harness this power to use thousands of machines at their command to mass mail on their behalf, or to swamp a website with traffic in an effort to take it down.

While viruses that can completely disable systems still exist, these tend to be less prevalent these days. A compromised machine is much more useful to an attacker than a broken one.

How does a device get infected by malware?

There are many ways for a device to get infected. These days, most attacks take place via the internet (although USB devices can get infected and pass malware from machine to machine). Most of the time, devices get infected one of two ways.

A device can be infected by just performing day-to-day tasks while running out of date software on your device. These "exploits" in the software offer an attacker a way to compromise a device completely unbeknownst to the user. These are usually found in the operating system of the device, but can also be found in programs installed on the device - especially things like browsers and things like Adobe Flash and Java.

The second approach is to ignore all the software and try to just trick the user into installing the malware themselves. This is frequently attempted via email, but can also be achieved by getting someone to click "Yes" to a prompt on a website, or make a downloaded file seem genuine enough to get the user to run it.

What can I do to protect against malware?

The two best ways to defend against malware is to ensure that all the software that you use is running the latest version and that all updates are applied as soon as they are released. As tempting as it can be to ignore these, as soon the details of a security update have been released, this gives the attackers a clue about where to look to exploit that hole.

The second line of defence is some form of scanner that proactively monitors what files are arriving on the device. Windows has come preinstalled with such a scanner since Windows 8, but they are available for most devices.

What can I do if I suspect I have malware on my machine?

There's many programs that can help in this situation. We will often use something like Malwarebytes to scan a machine. A lot of the time, this will do the job. However, once the malware is on the machine, it is not always possible to use a scanner to remove it. Sometimes, the malware will actively try and prevent such scanners from running, or may hide itself away in areas of the system that the scanner can't see and then just reinfect everything when you think you've removed it. While it is possible to check for and work round such tactics, this requires advanced techniques that are beyond the scope of this guide.