All you need to know about malware

They intrude onto devices through malicious apps, public Wi-Fi etc.

Malicious software, which is installed on an electronic device unknowingly and performs criminal actions for a third party, tries to steal personal data or make money off the user. They intrude onto our electronic devices through:

(a) Malicious apps

---

(b) Spyware

(c) Public Wi-Fi

(d) No proper end to end encryption

(e) Unused or inactive apps

(f) Unused or stolen devices

(g) IoT mobile security

(h) Botnets

(i) Phishing

(j) No proper password protection and

(k) Using default passwords.

Malware method is mostly implemented for ransomware crimes where systems, encrypted on the user end, exploit them by demanding ransom for decryption keys or else losing of data is the only way. Some of the malware removal tools are Malware Bytes and Hitman Pro. In case of decryption process, you might find the decryption methodology at www.nomoreransom.org.

Forms of malware:

* A worm can be a harmful programme that appears like a real programme and is usually downloaded onto devices unknowingly by users

* A virus is independent and duplicates itself. It contains code that copies itself into other files on the system. Viruses may camouflage with within the code of a real programme

* A worm is additionally self-replicating, but it copies itself into entirely different computers within the network

Example of Adware malware: –

* The Trojan phase: First, a user opens an email with the topic line ‘you got a match’. A person downloads the attachment, and ‘you got a match’ is truly an executable file.

* The virus phase: This adware malware gets installed when a user clicks on the executable file

* The worm phase: This adware malware, making it likely every ping a user gets an annoying ad notification instead of a message from a possible date

Recent Joker malware attack:

Joker malware has now been reported again after September 2019 with two variants in June 2020 — Dropper and Premium Dialer spyware. They have been discovered in Play Store, hiding inside of many genuine Android apps.

The malware is known for its ability to sneak into a user’s device and ask for contact access and manages to take phone call permissions as well. Joker malware subscribes to paid subscriptions without your consent. It steals your SMS messages and picks up OTP to authenticate payments.

If you are using Android phones, avoid using free apps like Scanner, Torch Lite, SMS, love messages, alarm, memory games, cache removers, wall papers, app locks, image converters, translation apps and check also check your mobile and credit card bills to check if you have been signed up for any subscriptions and unsubscribe.

Tips to be safe from malware:

1. Update your OS and apps promptly – Update device software as improvements are made to increase security and eliminate weaknesses.

2. Lock your devices – Your device may contain sensitive business and personal information. So implement fingerprint scanning and facial identification or a 4-to-6 digit passcode to unlock your device

3. Utilise built in mobile device management features – Implement Find My iPhone and Android’s Find My Device, which will be useful to delete data if phone’s lost.

4. Use the Wi-Fi and Bluetooth wisely – Free public Wi-Fi connection in areas like shopping centres, cafes, airports, parks or gyms is often less secure. It’s also a good idea to enable Bluetooth and Wi-Fi only when in use.

5 Use two-factor authentication wherever possible – Use Two factor authentication (2FA), it requires an additional step and this feature can help you be secure from getting compromised.

6. Manage app permissions – Revoke permissions when not required like access to the camera, the microphone, your contacts and location when not in use. For iPhones, go to Settings and tap on Privacy; for Android users can find app permissions in the Application Manager.

7. Phishing emails – We shouldn’t click on links in promotional emails, short links, or open suspicious attachments or run updates that are prompted through email. Please check the email headers thoroughly before responding

8. Back up your data – For an Android phone, make sure “Back up my data” and “Automatic restore” are enabled in the settings and then sync your data with Google. For an Apple Phone, go the settings and then back up to iCloud

9. Use an antivirus app – Antivirus apps like Norton, Avast, McAfee and ESET can help overcome any possible threats

10. Know where your apps come from – Install apps only from App Store for iPhones and from Play-store for Android Phones

Stay Tuned to Cyber Talk column to know more about internet ethics and digital wellness brought to you by Anil Rachamalla, End Now Foundation, www.endnowfoundation.org