Spyware, Trojans, Ransomware Oh My! What Are The Differences And How To Protect Yourself

MALWARE 101: HOW TO PROTECT YOURSELF FROM DIFFERENT KINDS OF MALWARE

Published in

Rubica

4 min readDec 4, 2018

When it comes to technology and specifically cybersecurity, it can be overwhelming to keep all the tech terminology straight. Consider the various terms and acronyms that can be found in recent headlines: VPN, DDoS, Bitcoin, Zero-Day, and Data Breach. If you aren’t a cybersecurity expert, it can be easy to get confused with so many technical terms. Rather than try to explain every single term related to cybersecurity, let’s focus on defining one category — Malware.

The word malware has become synonymous with viruses and ransomware as a way to define some type of software that can infect and compromise a computer/digital device.However, it is important to understand all of the differences, so you can defend yourself against different malware variants.

Spyware — how it spies on you, and what to do:

Spyware is probably the easiest term to define because it does exactly what its name states — it spies on you. The ultimate goal of spyware is to gather information about users or devices. This can be done by tracking activity on your browser or computer or logging information (e.g. keylogger).

One of the most common forms of disseminating spyware to devices is via browser extensions, such as Chrome Extensions. Recent discoveries by security researchers have found various Chrome extensions that spy on user browsing and social media habits. Other ways spyware is disseminated is via rogue/malicious apps.

At the bare minimum, the best way to combat spyware on a computer is to ensure you have an up to date Antivirus program running on your computer. In terms of combatting spyware on mobile devices, it is highly recommended that you don’t jailbreak your devices and only download apps from official channels such as the iTunes Store or the Google Play Store. While there have been instances where apps with spyware have circumvented Apple and Google’s security controls, it is still the best recommended practice to avoid 3rd party app stores because malicious attackers actively put compromised apps in these stores.

Trojan –how it takes over your devices and what to do

A Trojan, or Trojan Horse, is malicious software/code that can be used to gain control over a device. One key difference with Trojans is that it can’t replicate, as other viruses can. Some common types of Trojans include: Backdoor, Exploit, Banker, and Remote Access. Trojans go a step beyond spyware with the end game of gaining access to your device for various reasons (e.g. exfiltrating data, remote access, etc.).

One of the most popular ways of disseminating Trojans is via e-mail. We have all seen e-mails that contain a seemingly innocuous attachment such as a picture or video file. If the attachment is opened, it can allow a Trojan to be installed on your computer or smartphone.

As with Spyware, an up to date Antivirus program will help keep you protected from Trojans on a computer. In addition, being vigilant with what you are downloading or installing on your devices goes a long way to combatting accidental Trojan installation. It’s also better to download software directly from a company’s website (e.g. downloading a program from the actual website such as Slack from Slack’s website, Dropbox from Dropbox’s website, etc.)

Ransomware — how it tries to hold you hostage, and what you can do:

The most destructive form of malware is called Ransomware. As the name implies, ransomware attempts to hold your devices/data hostage in hopes of scoring a ransom. Common forms of Ransomware encrypt your computer and display a notification that your files have been encrypted and in order for you to get the decryption key, you need to pay a sum of money, typically in Bitcoin, in order to protect the attackers from being tracked. Ransomware can be transmitted via a phishing link, an attachment in an e-mail, or a malicious program.

Luckily, several Antivirus companies have decryption tools for various ransomware variants that are free to download and use. The best ways to combat being infected with ransomware is to ensure you have up to date backups of your computer/devices and exercise strong cyber.

But wait, it can get worse?

Now that a basic baseline has been established for what’s the difference between Malware, Spyware, Trojans, and Ransomware, the real monkey wrench in all of this is that they can all be combined. For example, you may see a tip calculator app on a 3rd party Google Play Store that seems to have all of the functionality you are looking for, so you download it and install it on your Droid smartphone. What you have actually done is install an app that contains both Spyware and Trojan payloads within the app. The spyware component may monitor your GPS location and browsing habits. The trojan component may create a backdoor that could allow an attacker to gain remote access over your smartphone. This is where being vigilant with what you install on your devices comes into play and could have prevented the infection in the first place.

It can be overwhelming to navigate around all forms of malware that could compromise your computer or mobile device. Thankfully, there is a better solution that can act as a safety net for times when you may have a lapse in judgment and accidentally click on a malicious attachment or download a rogue app on your smartphone.

Rubica provides an additional layer of security that can detect malicious malware like activity on devices (e.g. spyware behavior and data exfiltration). When it comes to your digital devices, these devices are essentially an extension of ourselves. Rubica provides peace of mind in knowing that you are protected from numerous digital attacks for a nominal price.