Description of viruses and how they work

Giteqa

A virus is a type of malware that affects the operation of a computer/server due to the fact that it is embedded in the system code.
Some viruses are simply incomplete programs that cause an error due to incompatibility with the system.

History

Initially, viruses appeared in 1961 and are actively developing to this day, and if the first viruses that existed could simply slow down the system or delete running programs, now viruses have developed so much that they can use the resources of your system for their own personal purposes. Example of known viruses: "Network worms” “Trojan Horses" "Stealth viruses", these viruses made a splash in their time and are still very dangerous. Initially, viruses were not embedded in files because there was no need for this, because a normal antivirus has not yet been invented, but at the present time viruses are recorded in the system as important files of the system itself, which is why often even an antivirus cannot detect them.

Categories:

At the moment, there are an incredible number of viruses, but we will highlight the main types of viruses and tell you a little more about each of them.
Viruses are divided into different categories:

  • Damaging objects (File, boot, etc.)
  • Damaging OS and platforms (Windows, Linux, Android, etc.)
  • Technologies used (Polymorphic, stealth viruses, rootkits)
  • The programming language in which the virus is written (Script language, assembler, etc)
  • Additional. Malicious functionality (Spies, backdoors, miners, botnets, etc.)

File/boot viruses

These are types of viruses that write themselves into system/boot files and affect the operation of the computer due to this.

File viruses write themselves directly into the system file and are embedded in the operability of RAM by performing various destructive actions against the user. An example of such an action may be a slow PC performance.

Boot viruses write themselves into the sectors of the hard disk and perform their boot simultaneously with the boot of the PC system, it is this type of virus that can affect whether the computer system will turn on or not. If this virus is prescribed so that when the system starts, the user's computer immediately turns off, then this is exactly what will happen, and the user will not have time to do anything.

Viruses affecting the OS

This type of virus affects only certain systems, for example, a virus can infect Linux, but it will be useless in the Windows OS family because completely different processes operate there.

Technologies used

Virus polymorphism - Used to reduce the level of detection by antivirus programs. Polymorphism itself consists in writing a program on-the-go from the moment of launch, and every time the program is started, a new code is written that does not allow the program to be detected.

Stealth viruses - partially or completely hides its presence in the system by intercepting OS functions / read-install and other things. For example, file-stealth viruses intercept the read/install function in order to hide the increase in infected programs.

Rootkits are a set of tools that provide: masking, management and data collection. These utilities are installed by the hacker as soon as he gets administrator rights, this set includes various programs that help to cover up any user actions, as well as the very presence of a rootkit in the system. A rootkit can be installed into the system in various ways, but the main one is downloading an exploit or getting shell access.
Rootkits are divided by the level of action and privileges, and the main type of implementation in Windows is interception of call tables/functions, etc. Implementation in Linux – substitution of the main system utilities, modification of the physical memory of the kernel, etc.

Add. Malicious functionality

Backdoors - Allows a hacker to gain remote access to files and control of the OS system itself. Backdoors can be installed in various ways: downloading programs, photos, and there are also hardware backdoors. Their very function is that at any moment an attacker can gain access to your files, OS or something else, and the backdoors themselves can be registered as an error in the program code, which is why the developer of this program can say that he did not know about this function and will fix it in the next update, but before that your computer will be available to the hacker. Sometimes even deleting the program itself, because of which you have a backdoor installed, does not help to get rid of it.

Spies – This type of program is dangerous because it collects and sends information to an attacker without the user's consent.

Miners – This type of virus appeared not so long ago, but it is very dangerous. Thanks to these viruses, the computer's performance will fall because it will use all available resources to extract crypto currency. This type of virus can work on different devices: PC, phone, tablets, etc. The miner virus can heat/overheat computer resources, which will cause them to fail faster, and any user can become a victim of this virus.

Botnets are a computer network consisting of the nth number of hosts with bots that allows an attacker to use the resources of the user's computer/network to send spam messages or receive data, as well as Ddos attacks or brute force passwords. By the way mivocloud.com provides protection against Ddos attacks and Spam protection.

The spread of viruses

Some ways of spreading virus programs have already been indicated above, but now we will analyze a couple more ways.

Downloading programs from unreliable sources – When you download programs from various sites, you always put yourself in danger because every new site that you visit is a potential danger to your PC.For example, you want to download a computer game and use the same site all the time, but now there is no way to use it and you decide to look for a new download site. So you found the site and downloaded the torrent file and everything seems to be fine, but a couple of days after launching this torrent file, the system started working slowly and in the task manager you see the load of the processor and RAM or disk at the maximum. This means that you most likely acquired the virus using your download.

Downloading a photo - can also be a source of viruses. From personal experience, I will tell you that there was a moment when downloading a photo led to the fact that I lost my account passwords and was hacked. You need to be careful when downloading photos from unreliable sources or by e-mail (especially by it).

Removable media – A regular USB flash drive can also be a hotbed of computer viruses. You may have photos or something else stored on a USB flash drive and you decided to check them using a new computer. It was after connecting to it that your flash drive was infected and when connected to a personal computer, you can get various kinds of viruses. So be careful with removable media and the computers you use.

Internet and local networks - To get a virus, sometimes it's enough just to go to the wrong link either in an email or through a direct message from the user. A normal click on a link is also dangerous because you can catch a virus on your devices and not even suspect it.

Antiviruses

At the moment, there are many ways to protect yourself from infection with the virus. Many companies are developing their own virus protection software. You can get acquainted with a large number of antivirus programs on the Internet on official websites and see how many of them exist. Among the antivirus programs there are paid antiviruses, for example, Eset and free ones such as Kaspersky free. Which program is better to choose, you can find out in the article "Antiviruses and their comparison".
A couple of ways to protect yourself

1. Work under the guest profile – So some types of viruses will not be scary to you even if they get on the computer because they will need administrator rights to perform any actions.
2. Do not run programs from questionable sources – This has already been discussed earlier, but it will not hurt to repeat. Do not download or work in programs that you downloaded from an unreliable/unverified source.
3. Do not go to suspicious sites and always pay attention to the links that you click on - Sometimes friends or family members may send you a link and ask you to click on it, this may be a hastily built page so that you can steal user data. For example, there may be a page mivocloud.com and you will be asked to go to the page mivocl0ud.com you may not notice initially that something is wrong with the link and personally give your personal data to the attacker.
4. Perform regular archiving of important files and even the system itself - This is necessary so that in the future it will be possible to restore data if something goes wrong. It is also better to store the system images themselves and the data archive on removable drives.
5. Regularly update the data of your antiviruses and programs that ensure the security of your system – This will allow these programs to maintain up-to-date data on new viruses and prevent their appearance on your device.

Conclusion

In this article, you got acquainted with various types of viruses and learned what to do in order to avoid infection in the future. Computer viruses are a very serious problem for both ordinary users and corporations, because it is viruses that can completely ruin the operation of a computer and even disable it. To prevent such an oversight, antiviruses are used, but even they sometimes cannot help because the virus may be the newest, and in this case other tips that are listed above will help you. Remember that computer viruses are very dangerous not only for the system but also for you, because with their help, attackers can take possession of your data and use it as they wish. Be careful and do not forget to scan your computer regularly for the presence of viruses.
Share this article with your colleagues, friends or with those to whom it may be useful and take care of your data and devices.