What is a Virus? - Towards Cybersecurity

In this article, I am discussing what is a virus and its types. So, Let's begin.
Viruses are the most common types of malware and potentially the most destructive.

What is a Virus? - Towards Cybersecurity

A virus is a type of malware that is capable of copying itself and spreading to other computers. Viruses often spread to other computers by attaching themselves to various programs/software and executing malicious code when a user launches one of those infected programs/software. Viruses can also spread through script files, documents, and cross-site scripting (XSS) vulnerabilities in web apps. Viruses can do anything from hijacking your computer to attack other systems to erase the data on your computer, send spam, or host and share illegal content. Viruses can also be used to steal information, harm host computers and networks, create botnets, steal money, make advertisements, and more. They usually appear as an executable (.exe) file.

Viruses can enter into your computer as an attachment of images, greeting, or audio/video files. Viruses also spread to other machines when infected files are sent via email or when carried by users on physical media, such as USB drives or (in the early days) floppy disks. Viruses also enter through downloads on the Internet. They can be hidden in a free/trial software or other files that you download. So, be sure about it first before you download anything from the internet. Almost all viruses are attached to an executable(.exe) file, which means the virus may exist on your computer but it actually cannot infect your computer unless you run or open the malicious program/software. It is important to note that a virus cannot be spread without a human action, such as running an infected program or infected software to keep it going.

According to the National Institute of Standards and Technology (NIST), the first computer virus, called "Brain" was developed in 1986.

A Virus is more harmful than a Worm as it makes changes or deletes your files while Worms only replicate itself without making changes to your files.

Now, Let's discuss the common types of Viruses.

Common types of Viruses :-
    1. File virus
    2. Macro virus
    3. Master boot record virus (MBR virus)
    4. Boot sector virus
    5. Multipartite virus
    6. Polymorphic virus
    7. Stealth virus

So, Let's talk about these common types of Viruses in-detail.

1. File virus

Infected executable files which will infect other files when opened. File virus normally infected program files such as .exe, .com, .bat. Once this virus stays in memory it tries to infect all other programs that load on to the memory.

2. Macro virus

Excel files that have malware written in VBS (VBScript), once the file is opened, a macro virus will get executed and infect other files. These type of virus infects Word, Excel, PowerPoint and other data files. Once infected after that repairing of these files is very difficult.

3. Master boot record virus (MBR virus)

It changes or deletes the boot records. This might make the system useless. MBR viruses are memory-resident (RAM-resident) viruses and copy itself to the first sector of a storage device that is used for partition tables or OS loading programs. An MBR virus will infect this particular area of storage device instead of normal files. The easiest way to remove an MBR virus is to clean the MBR area. 

4. Boot sector virus

Boot sector virus infects the boot sector of an HDD ( Hard Disk Drive) or FDD ( Floppy Disk Drive). These are also memory resident ( RAM-resident) in nature. When the computer starts it gets infected from the boot sector. Cleaning this type of virus is very difficult.

5. Multipartite virus

This virus is a hybrid of Boot sector and File viruses. They infect program files when an infected program is executed, these viruses infect the boot record. As soon as you boot the computer next time the virus from the boot record loads in memory and then starts infecting other program files on disk.

6. Polymorphic  virus

It changes its form frequently to avoid detection. A polymorphic virus can encrypt its code in different ways so that it appears differently in each infection. These viruses are more difficult to detect and remove.

7. Stealth  virus

A stealth virus hides in legitimate files or software. These types of viruses use different kinds of techniques to avoid detection. Stealth viruses either redirect the disk head to read another sector instead of the one in which they live in or they may alter the reading of the infected file's size shown in the directory listing. For example, the Whale virus adds 4608 bytes to an infected file then the virus subtracts the same number of bytes (4608) from the size given in the directory.

So, These are the common types of Viruses.

I hope you find useful information in this article. If you have any questions related to a virus and their types then please mention in the comments section and I will get back to you and stay tuned with my blog to learn interesting things related to cybersecurity and hacking.

No comments:

Powered by Blogger.