BotNet News

Malware is malicious software used by cyber criminals to steal data, disrupt service and extort money. It’s a key tool in their arsenal, and cyber criminals share it openly or sell it to each other as a service. While the type of malware varies, it all has one goal in common—to benefit its perpetrators at the expense of its victims.

There are many ways that malware infiltrates systems and it can be spread by phishing emails, exploit kits, malvertising and social media scams. It can also infect removable drives like USB sticks or external hard drives or even websites using cross-site scripting vulnerabilities. A Trojan, or “dropper,” can then install other forms of malware on the infected device. For example, ransomware and cryptojacking, which encrypts devices to mine cryptocurrency, have been a major threat for years.

While some types of malware cause system damage (computer worms, for example), the main purpose is to steal information. It’s often called data exfiltration and threats may target login credentials, intellectual property, financial information and more. Other uses include committing corporate espionage, disrupting business operations and inflicting reputational damage.

Unlike the popular assumption that malware attacks desktop computers and laptops, attackers can use exploit kits to slip malware into Linux-based Internet of Things (IoT) devices. They can also target mobile phones and connected home or office appliances. Effective cybersecurity practices, including patch management and access control, can limit the impact of malware attacks on businesses and individuals.