Infection techniques

By infection techniques we are referring to malware distributed via compromised websites.

Infection techniques: definition

Cybercriminals aim to cause as much damage as possible on as many computers as possible with their attacks, and to achieve that objective they must introduce malware on the victim's computer, generally in the form of executable code, scripts, active content or software.

Over the last few years, malware distribution via compromised websites has become one of the most popular ways to implant malicious code on computers. Hence the use of antivirus solutions, firewalls, and other protection strategies to defend systems from this threat.

 

Infection methods

Software flaws.

Many viruses aim to exploit security holes, that is, design flaws in systems or application software, in order to spread and infect all computers with the same characteristics. Most software programs incorporate security features to prevent unauthorized use of system resources, hence the importance of using trusted software. However, sometimes unprofessional development techniques are employed that may cause errors and bugs leading to potentially dangerous security holes.


Social engineering and user mistakes.

To infect a computer, the malware's code must be executed. That's why many malware specimens are included in executable files bundled with legitimate programs, so that, when the user opens the program, the malware is executed resulting in the computer becoming infected. Thus, on operating systems where file extensions are used to associate a file with the program to use it, hackers usually try to hide the extension of their malicious creations to trick users.


Operating system vulnerabilities.

Most viruses are designed to take advantage of vulnerabilities found on the most popular operating systems on the market, as this may allow them to simultaneously infect the millions of computers that run a vulnerable application around the globe. That's why widely-used operating systems and platforms such Windows or Google Store are normally in the crosshairs of cybercriminals.

 

Distribution strategies

Social networks.

The appearance of social networks has given cybercriminals a massive platform to spread their creations. Before, email was the primary tool for sending spam, but the appearance of Facebook, Twitter and WhatsApp has opened new opportunities for this type of malware. Fake accounts are created to forward chain-letter emails and malicious links, share inappropriate content, or spoof user identities for malicious purposes. One of the most popular threats today is the use of phishing scams to trick users into clicking infected links.


Fake websites.

This is one of the most widely used techniques over the last decades. It consists in creating a website using platforms such as WordPress, and designing it to download and install malicious scripts on visitors. This strategy includes the use of advertising and Black Hat SEO techniques to promote the site and affect as many users as possible.


Online games.

Online gaming platforms are sometimes used to spread malware via games, particularly those for young children. The idea is to induce the user to click and accept any condition in order to continue. Free mobile apps are also a weapon of choice for cybercriminals. In this case, they use files with malicious code which, once downloaded and installed, infect computers and compromise information.


Online advertisements.

Some malicious programs are capable of infecting users simply by visiting a website, even a legitimate one. This technique has been used over the last few years with cryptocurrency mining malware, for example. It has also been used in malicious advertisements: ads with hidden code that gets run upon being clicked or via popup messages.