Future Skills Fiesta:
 Get up to 30% OFF on Career Booster Combos
AVAIL NOW
D H M S

CEH Module 7: Malware Threats

Author by: Pooja Rawat
Dec 30, 2024 769

Module 7 of CEH: Malware Threats explains the basics of different types of harmful software (malware) and how they can negatively affect computers and networks. It describes the usual methods attackers use to spread this harmful software on the internet and talks about unwanted programs that users might unintentionally install.

CEH Module 7

What is Malware?

The word malware is a combination of two words: mal+ware, which means malicious+software that damages the user’s computer system or network or even takes over control from the user. Some of the most common types of malware are viruses, worms, Trojans, backdoors, rootkits, botnets, ransomware, spyware, adware, and many more. This malicious software can cause significant harm by deleting files, slowing down the computer’s performance, stealing sensitive information, and even locking the user out of their own system. These malicious programs are used to:

  • Spy on the web browsing and watch which websites you’re visiting.
  • Make the computer drag along slowly and not work as well as it should.
  • Take private details, such as who you know and other personal info.
  • Get rid of important files you have, causing you to lose a bunch of stuff.
  • Use the infected computer to go after other computers.
  • Fill the email with lots of annoying junk ads.

How Malware Enters into the System?

Let’s explore some of the sneaky methods attackers use to enter malware into the system:

1. Instant Messenger Applications

Can you imagine a day without your trusty gadgets and the buzzing world of social media? It’s tough, right? Now consider that your casual chat over Facebook Messenger or WhatsApp could be a Trojan horse’s secret door into your digital life. Even if your friend Tom sends a file, it might not really be Tom. Attackers could use Tom’s account as a digital puppet to unleash chaos into your cyber sanctuary.

2. Portable Hardware Devices

In our daily lives, we frequently use portable devices, like flash drives, CDs/DVDs, and external hard drives. Don’t think those handy USB sticks or external drives are just innocent storage devices. If Tom gets his hands on your computer while you’re grabbing a coffee, he might slip a nasty surprise—a Trojan—onto your hard drive, corrupting your personal files.

Another means of portable media malware infection is Autorun or autoplay or autostart. The feature that enables USB drives or CDs to automatically execute a program when they are inserted is called Autorun.

3. Downloading Files from the Internet

This method of malware transmission occurs when users download seemingly benign content like music players, movies, games, greeting cards, or screensavers from questionable sources online. These files may appear harmless but can be loaded with Trojans. Additionally, Microsoft Word and Excel files can be weaponized using macros to spread malware. Even multimedia files, such as audio or video files and their subtitle files, can be embedded with malicious code.

4. Email Attachments

Email is a prevalent vector for malware distribution, with attachments being a particularly common method. Attackers often disguise malware within various types of files — documents, audio clips, videos, brochures, invoices, or even job or lottery offer letters. These attachments seem legitimate and relevant but are designed to trick users into downloading and opening them, thereby initiating the malware installation process. For example, an attacker sends an email or attachment that appears to come from a friend or a reputable organization, enticing the recipient to open an attachment that is actually malicious.

5. File Sharing

Attackers can compromise systems through file-sharing services like NetBIOS, FTP, and SMB if these services are not properly secured. When these ports are left open, they can be exploited for file sharing or remote execution of malicious code, allowing attackers to install malware or modify system files. Additionally, attackers can utilize Denial of Service (DoS) attacks to force a system to shut down and restart, which could potentially allow a Trojan to reboot and immediately reactivate. To prevent this, it’s crucial to disable file sharing when it’s not needed. To turn off file and printer sharing on a Windows system, you can:

  • Go to the Start menu, type “Control Panel” and open it.
  • Navigate to “Network and Internet” and then to “Network and Sharing Center.”
  • Click on “Change Advanced Sharing Settings.”
  • Find the network profile you’re using.
  • Under “File and Printer Sharing,” select the option to turn off file and printer sharing.

6. Installation by Other Malware

Certain malware types can connect back to a command and control server using standard internet protocols. This enables the malware to download updates or additional malware onto the infected network from an external source, allowing the infection to spread or become more entrenched within the affected systems.

7. Bluetooth and Wireless Networks

Attackers can exploit open Bluetooth and Wi-Fi connections to lure users into connecting to malicious networks. They may set up rogue software or devices at the router level to intercept network traffic and data packets, which can be used to intercept sensitive information such as usernames and passwords from unsuspecting users.

Different Techniques Attackers Use to Distribute Malware on the Web

  • Black Hat SEO: Attackers use malicious tricks to make their harmful websites appear at the top of your search results. So, when you think you’re clicking on a genuine site, you might end up on a harmful one.
  • Click-jacking: It’s like being tricked into clicking on what looks like a harmless link or button on a website, but actually, it’s a trap that could do something sneaky, like stealing your information.
  • Compromised Legitimate Websites: Even websites that look legitimate can be dangerous if attackers have secretly placed malware on them. When you visit, that malware distributes to your device.
  • Drive-by Downloads: Just by visiting a website, you might accidentally download malware without even realizing it, all because of hidden vulnerabilities in your web browser.
  • Spear-phishing Sites: These are fake websites that look like real ones to trick you into giving away your login details, like your username and password.
  • Spam Emails: These are those annoying junk emails that come with attachments; opening them can unleash malware on your computer.
  • Malvertising: This is when ads contain hidden malware. You see these ads on popular websites, and they can spread malware without you even clicking on them.
  • RTF Injection: Hackers can sneak harmful code into RTF (Rich Text Format) documents (a text file type). When you open it, the code triggers your computer to download malware.

Components of Malware

  • Crypter: Hides malware to avoid reverse engineering, making detection challenging.
  • Downloader: Initial system breach tool that retrieves further malware from the internet.
  • Dropper: Stealthily introduces more malware files into the system.
  • Exploit: Code that leverages vulnerabilities to undermine system security.
  • Injector: Alters other process executions to evade or prevent malware removal.
  • Obfuscator: Masks malware’s code and purpose, thwarting detection efforts.
  • Packer: Compresses files together to dodge security detection.
  • Payload: Executes control over systems post-exploitation.
  • Malicious Code: Executes harmful actions like data theft and backdoor creation.

How to Protect Yourself from Malware Attacks?

Tips to protect yourself from malware attacks:

  • Regularly update your operating system, browsers, and all software to patch vulnerabilities.
  • Install antivirus and keep it updated.
  • Use a firewall to block unauthorized access.
  • Don’t open email attachments or click on links from unknown sources.
  • Create complex passwords and change them regularly.
  • Keep frequent backups of your data in case of a malware infection.
  • Don’t click on links from untrusted websites or pop-ups.
  • Avoid using unsecured public Wi-Fi networks for sensitive transactions.
  • Stay informed about the latest malware threats and how to avoid them.
  • Consider using ad blockers to prevent malvertising attacks.
  • Turn off auto-run features for USB drives and CDs.

Master CEH with InfosecTrain

Ethical hacking is a detailed and challenging field that requires a deep understanding of cybersecurity. By taking courses like the Certified Ethical Hacker at InfosecTrain, learners can improve their skills in checking security and improving network systems. This training is designed to give learners the skills and knowledge to help organizations strengthen their security properly. Sign up for InfosecTrain’s CEH training to become a top expert in keeping information safe.

CEH v13 AI Certification Training

TRAINING CALENDAR of Upcoming Batches For CEH v13

Start Date End Date Start - End Time Batch Type Training Mode Batch Status
24-Feb-2025 27-Mar-2025 20:00 - 22:00 IST Weekday Online [ Close ]
02-Mar-2025 12-Apr-2025 19:00 - 23:00 IST Weekend Online [ Open ]
23-Mar-2025 03-May-2025 09:00 - 13:00 IST Weekend Online [ Open ]
06-Apr-2025 24-May-2025 09:00 - 13:00 IST Weekend Online [ Open ]
AI-Powered Cybersecurity: Securing the Future with Next-Gen Tech
TOP