How do things like malware, spyware and trojans get onto computer?

tufffta

Senior Member
How do things like malware, spyware and trojans get onto computer?
Opening dodgy email attachmens or running executable files downloaded off the internet - ok, I get it. I understand the concept of an infected executable file. But except for that? How can stuff like possibly that get onto computer?
Can simply opening a website in a browser result in installation something like that?
 
Yes they can they're called driveby installs. They normally rely on browser faults or dodgy plugins

Sent from my Nexus 6 using Tapatalk
 
Yes they can they're called driveby installs. They normally rely on browser faults or dodgy plugins

Can anti-virus or firewall software prevent that from happenning (as opposed to stopping them after they have installed/started on my computer)?
 
Yes programs like malwarebytes stop that kind of infection.

Sent from my Nexus 6 using Tapatalk
 
Malware can get on your system in many many ways. Some of the more common.
  • You download software that is compromised (bundled with malware) this can be from legitimate sites or bit torrent/file sharing sites
  • Through email either spam or social engineering (this includes spoofing people you know to make it seem legitimate)
  • Through vulnerabilities (known and unknown) in any piece of software (Common: Browsers, java, adobe products, office, Windows)
  • Direct through vulnerabilities in hardware firmware
  • Removable media (USB, external drives, CDs that may be infected)
For Anti-Malware there are many techniques used to protect you
  • Using a filter driver that monitors read/writes to disk
  • Network filter driver (Ex: firewall)
  • Signature based detection (only works for known threats)
  • Behavior based detection (based on things like traffic generated, functions the application uses)
  • Sand boxing (program is contained, ran and analyzed for IoCs)
  • Cloud Analytics
  • Analyzing memory (some malware never touches your hard drive, or only writes an encrypted blob for persistence, and can be very difficult to find)
 
Back
Top