1. Cryptomining Malware
Cryptocurrency mining software is designed to take advantage of the fact that some cryptocurrencies pay miners for solving Proof of Work computational puzzles. Cryptomining malware uses the infected computer’s CPU resources to solve these problems, making money for the malware operator. Worldwide, cryptomining malware accounts for 22% of malware attacks with XMRig as the most common variant.
2. Mobile Malware
While many people focus on computer malware, mobile malware is a growing issue. Mobile malware is now the most common type of malware behind cryptomining malware. However, this malware family covers a wide range of functionality. The most common mobile malware variants are droppers that deliver other types of mobile malware but also include adware functionality.
3. Botnet
A botnet is a collection of infected computers that an attacker controls and uses to perform Distributed Denial of Service (DDoS), credential stuffing, and other large-scale automated attacks. Botnet malware is malware that is designed to infect a computer and implements a command and control structure that allows the attacker to send commands to the malware and have it achieve the attacker’s purposes. In 2019, over a quarter of organizations worldwide were infected by botnet malware.
4. Infostealers
Infostealers or “spyware” are malware that is designed to spy on a computer’s user. This type of malware can collect a range of different types of information, including personal details, login credentials, financial data, or other information.
5. Trojans
Trojan is a general term for malware designed to masquerade as something else. For example, while the CamScanner Android app was a popular app on the Google Play Store, this app was actually a trojan delivering the Necro malware. The fifth most common type of malware in 2020 is the banking trojan. This type of malware attempts to steal credentials for online accounts that can grant access to online bank accounts and other sources of income for its authors.
Beyond the Top Five Malware
While these types of malware may be less prevalent or less visible, they are still an active threat. Some other common types of malware include:
- Ransomware: Ransomware is a type of malware that is designed to infect a computer and encrypt important files on it. Once these files are encrypted, the ransomware operator demands payment in exchange for the secret key needed to decrypt the lost files.
- Viruses: Computer viruses are malware that work by infecting other programs on a computer. For example, a virus may overwrite the code of a running program with its own code or force a program to import and run the malicious code.
- Worms: Worms are malware that is designed to spread itself to infected additional systems. This can include malware that scans for other vulnerable computers or ones that spread by sending out phishing emails.
- Rootkits: Rootkits are malware that is designed to be stealthy and snoop on a computer user. After installation, they try to hide themselves from detection by antivirus and similar programs and collect and exfiltrate data to their operators.
- Fileless: Traditional antivirus applications are designed to scan files on a computer for signs of malware. Fileless malware is designed to evade detection by replacing custom malicious code with the use of functionality built into the target system. This makes this type of malware more difficult to detect because it lacks the standalone file that matches the signatures stored by some antivirus applications.
- Adware: Adware is malware that is designed to serve unwanted ads to a computer user. This enables the malware author to make money by claiming revenue from the advertisers whose ads it serves. Adware remains the most common type of mobile malware according to Check Point Research.
All of these types of malware are designed to achieve different purposes. However, they can often be detected with similar tools and techniques.
Protecting Against Malware Threats
Malware can be delivered via a large number of infection vectors. Phishing links and attachments could be delivered via email or social media, websites could serve malicious downloads, and attackers may gain access to a network or computer and install the malware directly. Securing all potential infection vectors is essential to protecting against malware, especially in this time of widespread remote work.
Check Point provides comprehensive endpoint protection to help block potential malware infection vectors. SandBlast Agent secures the endpoint, detecting and blocking potential malicious content before it gains a foothold on a computer, and SandBlast Mobile ensures that mobile devices are protected against mobile malware. To learn more about SandBlast protects against malware attacks, check out the SandBlast Agent product tour and SandBlast Mobile product tour.
Feedback