What is Malware? Does a VPN Protect Against Malware?

What Is Malware and How Can We Prevent It?

There are many things you can do to try and prevent malware infections, but the best place to start is understanding what malware is, and what types of malware cybercriminals like to use the most.

What Is Malware?

Malware is malicious software that has been configured to infect and gain unauthorized access to computers, mobile phones, laptops, and other devices. Cybercriminals generally use malware to steal personal and financial information from online users and businesses. More advanced types of malware can also be used to monitor someone’s activity on a device, block access to the operating system or hard drive, and damage the device itself.

Malware vs. Viruses – What’s the Difference?

Many people get the two confused, usually because security software is either called “antivirus” or “antimalware” software. So, we figured we might as well address this since we’re discussing malware.

Basically, a virus is a type of malware that can self-replicate, spread to other systems, and harm users’ operating systems. Malware, on the other hand, refers to any type of malicious software that can be used by hackers to target Internet users.

The Most Common Types of Malware

1. Adware

Adware (stands for advertising-supported software) is malware that infects your device and/or browser, and exposes you to tons of unwanted ads. Examples normally include pop-up ads on your desktop or browser which you can’t get rid of.

Adware is not usually considered very dangerous, just annoying. However, many of the ads you’re spammed with can contain malicious files and links. Interacting with them will further infect your device with malware.

Generally, adware is just used by advertisers and cybercriminals as a way to make quick money. However, adware can also be paired up with spyware in order to also track your activity, and steal your personal information.

2. Spyware

Like the name implies, spyware is malware that spies on you. It infects your device, and steals sensitive personal data by:

• Monitoring what you do on your device.
• Collecting your keystrokes by using keyloggers.
• Collecting any available financial and personal data on your device.

Sometimes, cybercriminals can use advanced types of spyware to alter your network connections and traffic, and to change the security settings of the various applications you have installed on your device.

Spyware is often bundled with other malware, and can even be found in legitimate software.

3. Ransomware

Ransomware is malware that holds your computer or personal and financial data “hostage” for a ransom. Basically, the malware will either encrypt all your hard drive data, or it will lock you out of your operating system. In both situations, you will be met with a message telling you to pay a big ransom (a few hundred dollars or more) to regain access. There will generally be a time limit, and the message will claim all the data will be deleted if you don’t follow through with the payment.

This type of malware is usually financially-motivated, but some cybercriminals might use it just to wreak havoc and harm businesses. Some well-known examples of ransomware include WannaCry, NotPetya, and Locky.

Ransomware is usually spread through malicious files and links. Sometimes, operating system and network vulnerabilities might be exploited to expose your device to ransomware as well.

4. Viruses

Viruses are a dangerous type of malware since they can self-replicate and spread to other computers. They can attach themselves to legit or malicious programs, and start up when the user launches them.

More creative hackers can use other methods to spread viruses, such as website and app vulnerabilities, doc files, and script files.

Viruses have all manner of uses. Cybercriminals can use them to:

• Steal persona and financial information.
• Harm your computer or network.
• Create a botnet.
• Spam you with ads.

5. Worms

Worms are a very common type of malware, and they are often used to harm networks by consuming a lot of bandwidth and overloading servers. Some worms can even be programmed to harm computers. Essentially, they contain what is known as a “payload” – code that directs the worm to perform various actions once it infects a computer, actions like:

• Stealing personal and financial data.
• Setting up botnets.
• Deleting files.

Hackers usually manage to expose online users to worms by sending them spam or phishing emails which contain malicious attachments.

While worms are similar to viruses, they are a much more dangerous type of malware because they can self-replicate and spread without having to rely on user activity (like you running an executable file, for example). Worms generally take advantage of operating system vulnerabilities (usually the case with out-of-date OSs) to spread throughout multiple computer networks. Sometimes, they can even hijack a victim’s email account, and send out infected emails to their contacts list.

6. Trojans

A Trojan is a type of malware that disguises itself as legitimate software and files. The cybercriminal tries to trick the victim (usually through phishing) to install and run the Trojan. Once that is done, the Trojan will normally give the hacker remote access to your device. They’ll then be able to do any of the following:

• Collect and delete sensitive information.
• Install more malware on your device.
• Monitor your activity through keyloggers and screen sharing.
• Add your computer to a botnet.

7. Bots

Bots aren’t as widely used by cybercriminals – mostly because they aren’t normally malicious. Bots are software programmed to perform normal tasks (like engaging in video game matches or bidding on online auctions). However, some bots can be programmed to act like malware.

More often than not, hackers who do use bots rely on them to infect devices, and add them to a botnet. Once that happens, said device will be used to perform DoS/DDoS attacks.

Other than that, cybercriminals can also use bots to deliver spam and ads, collect server data, and distribute malware on download websites.

8. Rootkits

A rootkit is malware that’s programmed to give a third party remote access to your device. Cybercriminals love to use rootkits because they are very hard to detect. They will normally use phishing tactics to trick users into installing the rootkit on their device.

Once the hacker has remote control of the device, they will usually start stealing personal and financial information without the victim being aware of it. They might also alter the security software that’s installed on the device to make detection even harder.

Once the cybercriminal has all the data they need, they will likely add the device to a botnet or further infect it with more malware.

9. Keylogging Malware

Keylogging malware serves one purpose – logging users’ keystrokes on their devices and public computers. The malware will log all the keystrokes into a file which the hacker will retrieve. With that information, they can try to collect valuable info, such as:

• Login credentials
• Bank account numbers
• Credit card details
• Social Security Numbers

Keylogging malware is usually spread through phishing emails, but it can also be directly placed on a computer if a hacker has direct access to it. Many cybercriminals place keyloggers on public computers.

How to Spot Malware

It’s not always extremely easy to tell if your computer has been infected with malware. Sometimes, malware doesn’t act immediately after infection, and might lay dormant for a while.

Still, if you notice any of the following signs, you’re likely dealing with some type of malware infection:

• Your device starts loading and running very slowly all of a sudden – the OS takes much longer to lead up, applications run slower, and mouse movements on your screen are laggy. Malware often tends to slow down your operating system, and eat up CPU/RAM memory.
• Random messages start popping up on your screen, usually saying you won a prize and need to redeem it, or just promoting pronography. The pop-up messages can’t be closed, or they just keep reopening whenever you close them. This is generally a clear sign of spyware or adware, so make sure you don’t click on any messages.
• New, shady toolbars show up in all your browsers – toolbars you never installed. It can be just one, but – most of the time – it will be multiple toolbars which will take up a lot of your browser screen. When you remove them, they just reappear after you restart your device or browser.
• Your system crashes at random intervals – especially when you browse the web. Windows users will get the “popular” BSoD (Blue Screen of Death).
• Your operating system is no longer accessible. You try to log in, but are unable to do that, and see a message telling you to send a certain amount of money (usually a few hundred of dollars) to a PayPal address or cryptocurrency wallet to regain access.
• There is a pretty big spike in Internet traffic when you first run a browser after booting up your device. That can be caused by malicious application connecting to multiple online servers to upload or download data.
• Your browser homepage has been changed to a spammy-looking page, and you don’t remember doing or approving that.
• New, weird icons start showing up on your desktop. Those are usually PUPs (Potentially Unwanted Programs), and they can contain malware.
• Applications start running and closing automatically without you doing anything. Checking the OS’ task manager reveals weirdly-named applications that consume a lot of system memory.
• Your device starts running out of storage space randomly. For example, your hard drive might have 100 GB of space free one day, and only 30 GB free the next day. That can be caused by malicious files and programs that keep installing and downloading other files and programs.
• People start telling you they’re getting random spammy messages from you on their social media accounts and email addresses.

Please keep in mind that all these signs might not always point to a malware infection. For example, if your computer suddenly starts operating much slower, it could either be because your hard drive is acting up or is full, or because your RAM is too low to handle all the apps you’ve installed on your device. At the same time, random crashes can be caused by technical issues.

Of course, if you can no longer access your computer, and get a message asking you for a ransom, there’s no denying that’s a ransomware attack.

How to Prevent Malware Infections

Install Reliable Antivirus/Antimalware Programs

One of the best ways to prevent malware infections is to install a decent antivirus/antimalware program on your device. Don’t be confused by the names. Whether you have an antivirus program or antimalware software doesn’t matter – both of them are equally capable of keeping your computer safe from malware.

There are plenty of antivirus/antimalware software providers to choose from, but our recommendations are Malwarebytes and ESET.

Also, make sure you keep your operating system’s firewall on as well. It never hurts to have an extra layer of security on top of the antivirus/antimalware program.

Keep Your System Up-to-Date

Like we already mentioned, a lot of malware uses operating system vulnerabilities to infect devices and spread through them and the network. Those vulnerabilities are usually there because the system hasn’t been updated with the latest security patches.

For example, if you are a Windows user, and don’t have the MS17-010 update, you’re exposed to the EternalBlue exploit, which has been used by cybercriminals to facilitate WannaCry, NotPetya, and Retefe malware attacks.

And the updates aren’t just limited to your OS. Make sure all the software on your device (especially your antivirus/antimalware program) is up-to-date.

Run Regular Scans

Once you have installed a strong antivirus/antimalware program on your device, you should schedule daily security scans to make sure everything is in order. It might seem like a hassle, but if you schedule them an hour or so before going to bed, or when you know you aren’t using the device, it will be more convenient.

We also recommend scanning any files you download or programs you install before opening them – just to be safe.

Don’t Interact With Phishing Emails

Phishing involves a hacker trying to trick you into performing an action that could expose you to malware infections. Phishing can be used in other ways too (like tricking you into revealing sensitive financial information), but we’ll only focus on the malware bit in this article. If you’d like to learn more about it, check out this article we wrote

So, how does phishing generally work with malware? Well, most of the time, a cybercriminal will send you a phishing email or message which will try to convince you to either click on a malicious link, or download malware-infected attachments. If you do any of that, your device will likely get infected with ransomware, spyware, rootkits, or worms.

Spotting a phishing message isn’t too hard, but some scammers can be very creative and thorough, and might make their messages seem very convincing. Usually, these are the signs you need to watch out for:

• Poor grammar
• Shortened links
• Shady attachments
• No signatures
• An aggressive, pressuring tone
• Unsecured URLs (start with “http” instead of “https”)

More experienced cybercriminals can even hack legitimate websites, and have malicious pop-up ads show up on the page. If you interact with them, your device will be exposed to malware.

Overall, you should never engage with any phishing attempts. Ignore them, delete the messages/emails, and contact the authorities if necessary. Also, consider using Stanford’s anti-phishing extensions.

Enable Click-to-Play Plugins + Use Script Blockers

Malware-infected ads can be pretty dangerous – especially since some of them can infect your device even if you don’t interact with them. It’s just enough for them to be displayed on a website – and sometimes it’s on legitimate websites too.

Luckily, if you enable click-to-play plugins, Flash and Java scripts won’t start running unless you click on the ad. Here’s how to enable them on most browsers.

As for script blockers, they are browser extensions you can install which will prevent any background scripts from starting up without your permission. So, if you were to visit a website that contains malware-infected ads, they won’t be displayed unless you tell the script blocker to allow them through.

The best script blockers right now are uMatrix and uBlock Origin. We recommend using them together to get the best results.

Uninstall Outdated Programs You Don’t Use

It doesn’t matter how insignificant the program might seem. It could even be a lesser-known image editor nobody has used in years – as long as the program no longer received security updates from its developers, it becomes a security threat.

While this doesn’t happen too often, cybercriminals could find a method to exploit outdated programs (especially if your OS is outdated too), and use them to further infect your device or network with malware.

So, make sure you uninstall any applications that no longer receive support – especially if you don’t use them too often.

How to Get Rid of Malware

If your device or computer is infected with malware, there is something you can do to try and fix the situation:

• First, make sure you have antivirus/antimalware software installation files available on a memory stick or CD. This will come in handy in the next steps if you won’t have access to the web, and don’t have any antivirus/antimalware programs installed.
• Next, make sure your computer is disconnected from the Internet.
• Now, restart your device, and boot it up in its operating system’s Safe Mode.
• When you’re in Safe Mode, delete any temporary files you find – that will speed up the next step.
• When you’re done, run a scan with your antivirus/antimalware program.
• If the scan has been successful, all that’s left is to check your browser and make sure it doesn’t redirect you to a malicious website. If it does, just change the browser’s Startup settings.

Please keep in mind that method isn’t guaranteed to work 100% of the time. For example, if your system is infected with a rootkit, you might not be able to run a scan because the hacker will close the program. In that case, it’s best to reinstall your operating system. If you continue experiencing problems, you should consider taking your device to a qualified technician.

If you’re dealing with ransomware, it’s best to shut off your device and unplug it, and contact the authorities. While you could pay the ransom, you have no guarantee the cybercriminal will give you access to your data. They might actually just delete everything or ask for more money. Also, you should consider backing up all sensitive data on a secure memory stick or external hard drive. It won’t help you get rid of the ransomware, but it will help you protect your data to a certain extent.

Does a VPN Protect Against Malware?

A VPN can secure your online connections and data, yes, but it can’t prevent malware from infecting your device. Why? Well, let’s take a brief look at how a VPN connection works:

Basically, the client and VPN server will encrypt the traffic that’s passed between them to make sure it’s safe and surveillance-free. Your connection requests will be decrypted and passed on by the server to the web, and the requested content will be encrypted by the VPN server, and decrypted by the VPN client once it reaches your device. VPN encryption is strong, but it’s not configured to deal with software-level malicious programs – it’s only built to make sure your web traffic can’t be exploited by malicious parties

What’s more, keep in mind that malware can infect and damage your device even when you’re offline. In order for a VPN connection to run, you need to be connected to the Internet. So, that’s another reason why a VPN can’t protect against malware. That kind of protection can only be offered by antivirus/antimalware programs – like the ones we mentioned above.

Despite that, it’s still a good idea to use a VPN every time you go online. In fact, using a VPN alongside a reliable antivirus/antimalware program is one of the best ways to protect your privacy and data when you’re on the Internet.

Conclusion

So, does a VPN protect against malware?

Long story short – no, it doesn’t. A VPN is designed to secure your online connections and data, yes, but the way it works doesn’t allow it to protect your system from malicious software. Of course, that doesn’t mean you shouldn’t use a VPN when you’re online – just that you should use it alongside antivirus/antimalware programs.

“So Then What Is Malware and How Can We Prevent It?”

Malware is malicious software that can be used to harm your device, or steal sensitive information from you. It comes in many types (spyware, ransomware, adware, viruses, keyloggers, rootkits, etc.), and cybercriminals often spread it through phishing attacks.

That’s why one of the best ways to protect yourself from malware is to not interact with any phishing messages. Besides that, you should also use reliable antivirus/antimalware software, enable click-to-play plugins in your browsers, use script blockers, and keep all your system up-to-date.