Malware is malicious software designed to infect a user’s computer and achieve a variety of goals, including making money for the attacker, stealing sensitive information, and causing damage to the target system. As malware attacks are growing more and more common, and the number of malware variants is steadily increasing, understanding the different types of malware is essential to effectively protecting against them.
The term “malware” covers a variety of different types of malicious software, each designed to achieve different purposes and work in different ways. According to Check Point’s Cyber Attack Trends: 2020 Mid-Year Report, these are the five most common types of malware in the first half of 2020:
Cryptocurrency mining software is designed to take advantage of the fact that some cryptocurrencies pay miners for solving Proof of Work computational puzzles. Cryptomining malware uses the infected computer’s CPU resources to solve these problems, making money for the malware operator. Worldwide, cryptomining malware accounts for 22% of malware attacks with XMRig as the most common variant.
While many people focus on computer malware, mobile malware is a growing issue. Mobile malware is now the most common type of malware behind cryptomining malware. However, this malware family covers a wide range of functionality. The most common mobile malware variants are droppers that deliver other types of mobile malware but also include adware functionality.
A botnet is a collection of infected computers that an attacker controls and uses to perform Distributed Denial of Service (DDoS), credential stuffing, and other large-scale automated attacks. Botnet malware is malware that is designed to infect a computer and implements a command and control structure that allows the attacker to send commands to the malware and have it achieve the attacker’s purposes. In 2019, over a quarter of organizations worldwide were infected by botnet malware.
Infostealers or “spyware” are malware that is designed to spy on a computer’s user. This type of malware can collect a range of different types of information, including personal details, login credentials, financial data, or other information.
Trojan is a general term for malware designed to masquerade as something else. For example, while the CamScanner Android app was a popular app on the Google Play Store, this app was actually a trojan delivering the Necro malware. The fifth most common type of malware in 2020 is the banking trojan. This type of malware attempts to steal credentials for online accounts that can grant access to online bank accounts and other sources of income for its authors.
While these types of malware may be less prevalent or less visible, they are still an active threat. Some other common types of malware include:
All of these types of malware are designed to achieve different purposes. However, they can often be detected with similar tools and techniques.
Malware can be delivered via a large number of infection vectors. Phishing links and attachments could be delivered via email or social media, websites could serve malicious downloads, and attackers may gain access to a network or computer and install the malware directly. Securing all potential infection vectors is essential to protecting against malware, especially in this time of widespread remote work.
Check Point provides comprehensive endpoint protection to help block potential malware infection vectors. SandBlast Agent secures the endpoint, detecting and blocking potential malicious content before it gains a foothold on a computer, and SandBlast Mobile ensures that mobile devices are protected against mobile malware. To learn more about SandBlast protects against malware attacks, check out the SandBlast Agent product tour and SandBlast Mobile product tour.