7 Examples of Malicious Code to Keep in Mind
Malicious Code Comes in Many Shapes and Sizes. Here’s What You Should Know About It.
Believe it or not, malicious code has been around for half a century already. What started as an education lab experiment made its way into the wild, wreaking havoc on companies and home users alike.
Famous examples of malicious code criminal activity in recent history include the 2019 Texas ransomware attack or the 2018 Trojan incident in the Pennsylvania city of Allentown caused by Emotet malware. Becoming familiar with the cyber-threats that lurk on the Internet is thus the first step you can take in keeping your devices and information safe.
In the following lines, I will briefly explain what malicious code is, then go over the seven most common examples of malicious code.
What is Malicious Code?
Malicious code is a self-executable computer program that assumes various forms. What that means, in simpler terms, is that the malicious code is packaged in a format that is familiar to either the victims or their devices, and activates itself once it gets in.
Examples of malicious code computer program types include, but are not limited to:
- scripting languages,
- pushed content,
- ActiveX controls,
- and Java Applets.
Malicious code is designed to grant cybercriminals unlawful remote access to the targeted system, thus creating an application backdoor. In doing so, hackers gain access to private data stored on the network and can go as far as to steal, leak, encrypt, or completely wipe it.
7 Examples of Malicious Code
The most common examples of malicious code out there include computer viruses, Trojan horses, worms, bots, spyware, ransomware, and logic bombs. I will go over the mechanics behind each one in the following subsections.
#1 Computer Viruses
A computer virus is a type of malicious application that executes and replicates itself by injecting its code into other computer programs. Once the code injection is successful and the reproduction process is complete, the targeted areas of the system become infected.
Viruses are one of the most common examples of malicious code thanks to popular media. One famous illustration of the concept is represented by Agent Smith in the Matrix film trilogy, where Hugo Weaving plays a renegade program that manifests similarly to a self-replicating computer virus.
The earliest known virus dates back to the ARPANET of the 1970s, the Internet’s predecessor. Known under the name Creeper, it was not designed as malicious software, but rather as part of research into the topic of self-replicating code.
Unfortunately, that soon changed for the worse and in 1982 the first computer virus appeared in the wild. Nevertheless, the antivirus software industry was developed in response to the threat. Nowadays, advanced solutions such as our very own Heimdal™ Next-gen Endpoint Antivirus are fighting the good fight and keeping devices safe.
#2 Computer Worms
A computer worm is a kind of malicious program that replicates itself to spread to as many devices as possible. Its behavior is very similar to that of a virus, which is why worms are considered a subtype of virus. It is designed to deal maximum damage and often spreads itself across a network. For this reason, this type of threat is also known as a network worm.
What sets viruses and worms apart is their propagation method. While the former requires some sort of human action to travel, the former is built to proliferate independently. Simply put, a virus requires victims to unknowingly share infected websites or files, while a worm uses a system’s information transport features.
#3 Trojan Horses
A Trojan horse, or simply Trojan, is an example of malicious code that is heavily reliant on social engineering to mislead its targets. Due to the deceptive practices associated with it, the threat was named after the Trojan Horse that the Greeks used to sneak their way into the independent city of Troy and subsequently conquer it.
Unlike a self-replicating computer virus, the Trojan horse requires users to execute an infected file on the targeted device. This is where social engineering tactics come in, which see hackers attempting to trick victims by feigning authority or legitimacy.
Trojans do not try to inject their code into that of other files and do not propagate across a device. Their main purpose is to create an application backdoor that can then be further exploited by cybercriminals to acquire banking details, login credentials, or other personally identifiable information.
#4 Internet Bots
Also known as web robots, Internet bots are software applications created to run automated scripts. They are often used to perform simple and repetitive tasks, such as send instant messages or crawl websites. Facebook and Google notoriously use these ‘good bots’ to facilitate certain everyday jobs instead of wasting the time of their human employees.
Nonetheless, such a thing as ‘bad bots’ exists as well. To create them, cybercriminals infect entire networks of computers with viruses, worms, or Trojans, turning the devices into so-called zombies. This malicious system is called a botnet and is at the beck and call of the hacker that created it with the help of a command and control server.
Both mobile and desktop devices are targeted by this practice, as are IoT devices and Internet infrastructure hardware. Botnets are then used to enable bot attacks such as brute force attacks and distributed denial of service (DDoS) attacks.
As its name might suggest, spyware is a type of malicious software designed to pry into targeted devices and gather sensitive information about a person or organization. This data is then relayed to the third party behind the attack that can use it for various nefarious purposes.
Spyware is often associated with advertising-supported software, which is why it falls into the same category as malicious adware. However, both spyware and adware can have non-damaging uses. For example, websites might use spyware to track page activity or adware to advertise certain products. For this reason, establishing the boundary between harmful and harmless is particularly difficult in this case.
Ransomware is a type of malicious software that encrypts files upon infection and holds them hostage in return for a ransom. Attacks are often preceded by the use of a Trojan to create a vulnerable entry point for the payload. MegaCortex ransomware is a well-known example of this tactic applied, pairing up with infamous Trojans such as Emotet and Qakbot to gain unlawful entry into corporate networks.
What sets ransomware apart from other examples of malicious code is its profitable nature, which leads to its prevalent use as a moneymaking scheme. More and more operators are starting to practice big game hunting, targeting corporations instead of individual home users in hopes of reaping higher ransom payouts.
In addition to this, quite a few operators have entered the ransomware-as-a-service (RaaS) business. Hackers often provide the necessary infrastructure to cybercriminals without the technical skill to create their own, all for a cost of course. Fortunately, advanced threat hunting solutions such as our Heimdal™ Threat Prevention are capable to prevent, detect, and block ransomware attacks in the blink of an eye.
Heimdal™ Threat Prevention
Heimdal™ Threat Prevention is a DNS, HTTP, and HTTPS filtering solution with modules for your online network perimeter and endpoints alike. Machine-learning neural AI keeps track of malicious domains and thwarts the spread of ransomware, as well as other advanced cyber-threats.
#7 Logic Bombs
A logic bomb is a malicious string of code that is intentionally inserted into software and programmed to set off when certain requirements are met. Inherently ill-intentioned computer applications such as viruses and worms often contain logic bombs within their makeup that allow them to execute payloads and predetermined moments.
One recent instance of a famous logic bomb incident occurred between 2014 and 2016. David Tinley, a contractor for the Siemens Corporation, laced the software he designed for the company with a logic bomb that caused it to malfunction after a certain amount of time. As a result, he was paid by the organization to repair the damages. Tinley pleaded guilty to the charges in July 2019.
While viruses, worms, and Trojans might be the most commonly discussed examples of malicious code, newer offenders such as ransomware are quickly gaining a footing in the cyber-threat hall of fame. Knowing what you might have to deal with is the first step of a solid prevention strategy.
A natural continuation of this approach is represented by investing in state-of-the-art tools. Don’t hesitate to reach out to us at email@example.com and find out which of our top-tier cybersecurity solutions suit your needs best.
Do you know of any other famous examples of malicious code? Let me know in the comments below!