How Malware Spreads: 8 Ways That Today’s Viruses Get Around

Malware is multiplying exponentially on the Web. Check out some of these statistics regarding the proliferation of malicious attacks:

  • Android malware in the Google Play store has increased by 388 percent, and an estimated 12.7 percent of Google Play apps could be malicious.
  • Java flaws make up 91 percent of Web-based attacks, and 76 percent of companies still run Java 6, which is unsupported and vulnerable.
  • The amount of new malware roughly doubles every year.
  • Browser attacks make up 45 percent of malware attacks.

Malware Spreads

To better protect yourself from today’s cyber security threats, you need to know how some of today’s most sinister exploits work. Malware uses eight primary vehicles to introduce itself and get unfriendly with your computer, mobile device or organizational network.

1. Drive-By Download

Reports released by Palo Alto Networks last year stated the majority of malware now gets into computers via drive-by download. Drive-by downloads happen when people click on malicious websites, and the website installs background files onto the computer or the network. In fact, attackers scan the Web looking for vulnerable websites to hack. When they find issues with website code or the ways websites are maintained, they insert malicious code that targets visitors.

Drive-by downloads happen without requiring users to click on a file, and attackers don’t have to send an executable file over email. Instead, malware, such as a Blackhole file, can scan your computer when you visit a vulnerable Web page and find the best security hole for infecting your device.

2. Social Networks

People who use social networks make a great pool of victims for cyber attackers, who launch social media malware in three main ways:

  1. Hacked accounts. Attackers use hacked accounts to send out malicious code.
  2. Fake apps. These apps steal user data or let users download fake antivirus programs.
  3. Fake accounts. By creating fake accounts from scratch, attackers can build friends lists, collect their personal information and then sell the information to online attackers.

3. Email and Instant Messaging

Cyber criminals often use email or IMs targeted at front-facing members of an organization, such as a marketing agent or customer service rep. They address the message directly to the person and make it look as though the message comes from an influential person in the organization. These targeted “spear-phishing” attacks open up footholds into company networks, where malware can spread throughout an organization’s infrastructure.

4. USB Drives

A thumb drive can come into an organization from an external source. For example, in the case of Stuxnet, U.S. government operatives may have used USB drives to upload malware to Iranian uranium enrichment plant computers. In the workplace, thumb drives are often used to prey on curious employees. For example, a thumb drive labeled “2014 bonuses” left in the restroom can catch the attention of a worker who then inserts the drive into a company computer.

5. Unpatched Vulnerabilities

Operating systems like Windows have multiple vulnerabilities that cyber criminals can exploit to introduce malware. Other vulnerable programs include widely used applications, which cyber criminals often use so they can introduce malware to a wide audience.

6. Zero-Day Exploits

Zero-day exploits take advantage of vulnerabilities application vendors haven’t yet discovered. Since older antivirus tools relied on signature detection, zero-day exploits could start running and do damage before the security community discovered their existence. Fortunately, newer antivirus tools detect malware based on its behavior rather than just relying on a signature.

7. Digital Certificates

In addition to creating fake SSL certificates, attackers are obtaining legitimate certificates from trusted sources and then using them to sign malicious code. Because people and browsers trust SSL certificate providers, they’re more susceptible to downloading these legitimately signed exploits.