Sunday, 17 December 2017

How Malware Makers Make Money



Typically where there is crime, there is usually money. The same is true for cyber-crime incidents.

In the early days of computers, malware was created for fun. Playing a practical joke or mischievously damaging someone’s computer was the sole motive behind it. Viruses and worms were more popular in those days, and they were created by curious minds that had a lot of time on their hands.

Today, we have come a long way.

Malware is now developed for profit, for money and for selfish gains.

Each variant of malware has a different way of generating money for the perpetrator, so I will begin by detailing how each of them work.

Ransomware
The newest kind of financial malware that is currently wreaking havoc in cyberspace is called Ransomware. It encrypts your data and displays a message that your files can be decrypted or unlocked only after you pay a certain amount of money.

This is the nastiest kind of malware ever because there is often no other way to gain back access to your private data without giving in to the extortionist’s demands.

If you do not pay the demanded amount of money by a given deadline, you risk losing your data permanently.

Well, this is just one kind of malware attack and it’s still quite new for everyone.
However, malware developers have been making money long before this scheme was created.

Providing your credit card information and paying the attacker directly is not always the case. They can profit off of you in several other ways.

Spyware and Trojan
These are data-stealing malware schemes. They are capable of harvesting personal information from your computer like credit card numbers, banking account details, social security IDs or email passwords.

Once this information reaches the hands of cybercriminals, they can use it to their benefit by making high-priced purchases using your credit card, sending spam emails on a user’s behalf or even emptying bank accounts.

And Trojan viruses may sometimes employ keylogger programs within your system to capture and steal keystroke inputs from a user’s computer and then use them for criminal purposes.

Adware
As the name suggests, Adware is responsible for presenting unwanted advertisements and irritating pop-up messages on a user’s computer.

These ads may or may not lead you to receive genuine discount offers, but they always result in a bad browsing experience. In this case, the attacker gets paid by the company whose ads are being shown.

In addition to ads, pop-ups may also display some alarming messages like claiming a user’s computer is damaged or infected, and then asking you to buy a software product to fix it. It may also ask users to call a fake tech support center, which in turn demands money to pay for their professional fee to fix the problem (which doesn’t exist in reality).

Malvertising and Browser Hijacker
The injection of malware scripts into advertisements on legitimate webpages is called Malvertising. Advertisements are widespread on the web as they form a source of income for webmasters. Cybercriminals use these genuine advertising platforms to spread malware.

This kind of malware injection leads to automatic clicks and unintentional downloads of unknown software programs on a user’s computer.

It may even lead to the installation of Browser Hijacker programs that control a user’s web browser. A change of your default search engine to a sponsored network or homepage redirection to an unsolicited webpage are signs of a browser hijack.

Malware developers are paid by companies to which they drive clicks and visits.
You can remove them by using tools to fix a malware-infected browser.

Potentially Unwanted Programs
Programs sometimes referred to as Potentially Unwanted Program or PUP Malware get installed in a user’s computer without their consent. Often they come as part of a package bundled with a legit software product and get installed automatically.

This PUP can be in the form of adware, spyware or simply scareware.

Scareware programs try to scare users by giving a fake warning message and then scam them. You should avoid online scams that trick you out of money.

Phishing and Social Engineering
It’s not just Malware that makes money. Phishing and Social engineering scams are also a huge threat.

To explain it with an example: You might receive an email claiming to be from PayPal. It will ask you to verify your account details on a fake webpage designed to look like PayPal’s site.

Your username and password entered on this page are then recorded by the hacker behind it and then misused.

Social engineering involves psychological manipulation. They exploit people, not their software.

You can avoid it by using common sense - by avoiding giving personal details over email, and by ensuring the correct URL address of the service you are using.

No comments:

Post a Comment

what is Juice Jacking SCAM

  Juice Jacking is a cybersecurity threat that occurs when cybercriminals manipulate public charging stations, such as USB charging ports in...