Lab - Anatomy of Malware

Objectives
Research and analyze malware.

Background / Scenario
Malware, or malicious software, refers to a variety of malicious software programs that can be used to cause
harm to computer systems, steal data, and bypass security measures. Malware can also attack critical
infrastructure, disable emergency services, cause assembly lines to make defective products, disable electric
generators, and disrupt transportation services. Security experts estimate that more than one million new
malware threats are released each day. McAfee Labs Threats Report 2019 indicates the discovery of new
ransomware techniques, the exposing of billions of accounts through high profile data dumps, significant
HTTP web exploitation, defects in Windows, Microsoft Office, and Apple iOS, and continued attacks on IoT
personal devices. Find the most current version of the report by doing a web search for McAfee Labs Threats
Report.
Note: You can use the web browser in virtual machine installed in a previous lab to research security related
issues. By using the virtual machine, you may prevent malware from being installed on your computer.

Required Resources
• PC or mobile device with internet access

Instructions

Conduct a Search of Recent Malware

a. Using your favorite search engine, conduct a search for recent malware. During your search, choose four
examples of malware, each one from a different malware type, and be prepared to discuss details on
what each does, how it each is transmitted and the impact each cause.
Examples of malware types include: Ransomware, Trojan, Hoax, Adware, Malware, PUP, Exploit, Exploit
Kit and Vulnerability. Search for malware by visiting the following websites using the following search
terms:
• McAfee Threat Center Threat Landscape Dashboard
• Malwarebytes Labs Threat Center (Top 10 Malware)
• Securityweek.com > virus-threats > virus-malware
• Technewsworld.com > security > malware
b. Read the information about the malware found from your search in the previous step, choose one and
write a short summary that explains what the malware does, how it is transmitted, and the impact it
causes.
Type your answers here.

End of document

© 2018 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 1 of 1 www.netacad.com
Malware Type: Ransomware

Description:
Ransomware is a type of malicious software that encrypts a victim's files or locks them out of their own computer system until
a ransom is paid to the attacker. It is typically spread through various means, including malicious email attachments, infected
websites, and compromised software.

Transmission:
Ransomware is often distributed through phishing emails, where victims are tricked into opening an attachment or clicking on
a link that contains the malware. It can also be spread through malicious downloads, software vulnerabilities, or via exploit kits.

Impact:
Once a device is infected with ransomware, it encrypts the user's files, making them inaccessible.
Victims are presented with a ransom note demanding payment (usually in cryptocurrency) in exchange for a decryption key.
If the ransom is not paid, the victim may permanently lose access to their files.
Ransomware attacks can have severe consequences for individuals, businesses,
and even critical infrastructure, causing financial losses, data breaches, and significant disruptions to operations.

Malware Type: Trojan

Description:
A Trojan horse, often referred to as a Trojan, is a type of malware that disguises itself as a legitimate or benign program or file
but contains malicious code. Unlike viruses and worms, Trojans do not self-replicate but rely on tricking users into executing
them.

Transmission:
Trojans are typically spread through social engineering tactics. They may be hidden in seemingly harmless downloads,
email attachments, or software bundles. Attackers use various methods to entice victims into executing the Trojan,
such as promising free software, fake software updates, or posing as a trusted source.

Impact:
Once a Trojan is executed on a victim's system, it can perform a range of malicious activities,
depending on its specific purpose. Trojans can steal sensitive data, such as login credentials, credit card information,
or personal files. They can also create backdoors in the infected system,
allowing attackers to gain remote control and perform various actions without the user's knowledge.
Trojans can be used as a means to deliver other types of malware, including ransomware or spyware,
further compromising the victim's security.

Malware Type: Adware

Description:
Adware, short for advertising-supported software, is a type of malware that displays intrusive and unwanted advertisements
on a user's device. While not as malicious as some other types of malware, it can be highly annoying and disruptive.

Transmission:
Adware often comes bundled with freeware or shareware applications. Users may unknowingly install adware when
downloading and installing legitimate software. It can also be distributed through malicious ads or deceptive pop-ups on
websites.

Impact:
The primary impact of adware is the constant display of unwanted advertisements, which can slow down a computer,
consume bandwidth, and disrupt the user's browsing experience.
Some adware may also track users' online behavior to deliver targeted ads or gather personal information.
While
adware is typically more of a nuisance than a serious threat,
it can still compromise user privacy and system performance.

Malware Type: Exploit Kit

Description:
An exploit kit is a type of malware that is used to automate the exploitation of vulnerabilities in software and deliver other forms
of malware, such as ransomware or Trojans.
Exploit kits are typically hosted on malicious websites and target known vulnerabilities in popular software applications.

Transmission:
Users can become victims of exploit kits by visiting compromised or malicious websites.
These websites can exploit vulnerabilities in the user's web browser or plugins to
deliver malware payloads to the victim's device.
Exploit kits often take advantage of outdated software with known vulnerabilities.

Impact:
The impact of exploit kits can be severe. Once a user's system is compromised,
the exploit kit can deliver various types of malware, potentially leading to data breaches, financial losses,
or unauthorized access to the compromised system. Exploit kits are a significant concern
in the realm of cyberattacks and are often used by cybercriminals to distribute more destructive malware payloads.