Paul Ducklin:
1. KEYLOGGERS: keyloggers don’t always need to be implemented at the operating system level, and they often don’t need administrative or root powers to hook themselves into the keystroke data stream. For example, JavaScript code inside your browser can monitor (and alter, if it wants) the flow of keystrokes as you browse, meaning that rogue JavaScript injected into a login page could, in theory, recognise and steal your usernames and passwords. Banking trojans very commonly include a keylogger module so they can try to capture your passwords when they recognise that you’re in the middle of logging in to your bank. Keyloggers also exist in hardware form – a tiny device that’s connected between an external keyboard and the computer port it’s plugged into. 2. DATA STEALERS: A data stealer is malware that does pretty much what its name suggests: it goes hunting around your hard disk, and perhaps even around your whole network if it can, looking for files that contain data that’s worth the money to the crooks. These days, the crooks are interested in much more than email addresses to steal – anything that can be reduced to a text-matching pattern is surprisingly easy to hunt out and thieves, including bank account details, ID numbers, passport data, credit cards and account passwords. 3. RAM SCRAPERS: some data only ever exists temporarily in memory, and then gets scrubbed without ever reaching disk. An obvious example is the CVV number (the short code) on the back of your credit card – that code is used to authorise a transaction …but with RAM scraping malware that keeps an eye on data as it is stored temporarily in memory, the crooks may be able to identify critical data such as CVVs and full credit card information and “scrape” it straight out of RAM. 4. BOTS, aka ZOMBIES: short for robot program, is malware that opens a backdoor into your computer so that crooks can send it commands from afar. A collection of bots is known, in turn, as a botnet, short for robot network, and crooks who control an army of networked bots can command them remotely all at the same time. Most bots work by periodically calling home, only ever making outbound connections – something your home router allows – and downloading the latest list of commands published by the crooks. 5. BANKING TROJANS: A general term for malware that goes after information about your online banking. Banking trojans typically include a key-logger to sniff out passwords as you type them in and a data stealer component to trawl through likely files such as browser databases and password vaults in the hope of finding unencrypted passwords or account details. 6. RAT: RAT is short for Remote Access Trojan, typically the sort of remote access tool that lets baddies spy on you by taking surreptitious screenshots or secretly turning on your webcam (combat this with a webcam cover or a tiny piece of electrical tape ). 7. RANSOMWARE: ransomware scrambles all your files, uploads the one-and-only copy of the decryption key to the crooks, and then offers to sell you back the decryption key so you can unlock your computer and get back to work. In an ideal world, ransomware wouldn’t work for the crooks at all, because you’d simply wipe your computer clean (handily removing the ransomware at the same time), restore your most recent backup, and be up and running without paying the crooks anything. Fight all of these by patching early and often, and using an antivirus and/or anti-malware. |