LetsDefend Academy

Online practicing and training platform for blue team members

Malware and Malware Types

Malware is a word derived from the words MALicious SofWARE. Software that targets a malicious purpose that will harm the integrity and safety of the system is called malware.

Today, cyber threat actors use complex malware. These types of malicious software contain techniques that make analysis difficult.

Malware Types

Malware is divided into many types according to their characteristics / behaviors. As a result of the analysis, the type of malware is determined by taking the capabilities of the malware into consideration.

Some types of malware and their descriptions are below:

  • Backdoor: Leaving a backdoor on the device where the malware is installed, it allows the attacker to access the system through this backdoor. For example, by opening a network port connected to the shell, it enables the attacker to connect to the system through this port.
  • Adware: It often comes with downloaded software, causing unwanted advertisements to be displayed on the device. While not all adware is harmful, some change the default search engine.
  • Ransomware: It is a type of malware that has been on the world agenda for the last few years. It demands ransom from people by encrypting and exfiltrating all files on the device.
  • Virus: It is one of the first types of malware seen in the wild. So we see that in daily life, it is often called a virus instead of the term malware. Viruses have a self-replicate feature. It provides persistence by infecting other files on the device.
  • Worm: Since this type of malware spreads from infected devices to other devices, it is named worm. WannaCry, a worm malware exploiting MS17-010 vulnerability, caused panic around the world.
  • Rootkit: It is a type of malware that disguises itself by providing access to a high level of authority on the device.
  • RAT (Remote Access Trojan): It is a type of malware that provides full control over the device to the threat actor.
  • Banking malware: A type of malware that targets banking applications and causes money to be stolen from the victim.

A malware may contain more than one feature, so a malware can belong to more than one type. For example, WannaCry malware includes both worm and ransomware malware features.