Virtual Machines and Malware

Malware

So what is malware and how can it affect my system? Most of today’s malware are delivered by two common methods, by email or by an infected web page. Malware is a short form of malicious software. Malicious software is software that is installed, usually without your consent, and can affect your system in a variety of ways. Most commonly, malware infects your web browser in order to serve you ads, or direct you to links or search pages where the malware generates revenue for the person or organization who wrote the malware. Malware is not really that difficult to generate and there are malware ‘kits’ available where a person only needs to setup the configuration and the kit will generate a custom malware script for them to infect others with. Malware can be delivered by what’s known as a ‘drive by’ install. If you visit a website that is serving an infected ad, the malware can install itself silently in the background as you browse the sites pages.

Bacteria  Malware Protection

One thing you can do to prevent malware infection is to install an ad blocker into your web browser, or a script blocker, or a combination of the two. Note though that an ad blocker can affect the way a page looks. If you use a script blocker, it will prevent a lot of pages from functioning properly but each site can be ‘whitelisted’ which allows all scripts to run, such as your online banking site. You just need to ensure that you trust the site before adding it to your whitelist.

Virtual Machine

A virtual machine is basically a computer within a computer. So what this does is allow you to use multiple operating systems on your computer. Myself, I currently run 3 separate operating systems on my MacBook Pro. I run a version of Mint Linux, Kali Linux, and Whonix. The reason I run virtual machines is I will purposely download malware to my system. As most malware is written for Windows, rarely do I have to worry about my system becoming infected. But, there is still a possibility that I could download some malware that does target Apple. In this case, this is where the virtual machine comes into play. As mentioned, the virtual machine is like a computer within a computer so if my virtual machine becomes infected, I just simply wipe it and start over. The virtual machine protects my main operating system from becoming infected. Your probably wondering why I would purposely infect my system, but I do this so I can analyze the malware and see what it is attempting to do to my system. By learning what the malware is trying to do, I can better protect my systems, and my clients systems, from becoming infected. Note though that not all methods are fool proof. Malware authors tend to exploit what are called ‘zero day’ exploits. This means that someone has found a flaw in the web browser, or operating system that no one has discovered yet, and therefore, not patched with a security update. Because of these zero day exploits, some infections will get through no matter what you do. So how do the browser author’s protect themselves from these exploits? Some companies offer what’s known as a ‘bug bounty’ which is basically a reward if you happen to find an exploit that has not been discovered before. Depending on the severity of the bug, the reward can be upwards of $10,000. Just ensure that if you do try to discover these exploits, you do within a controlled environment and not on a live site, or you could potentially be accused of illegally trying to access a site, and this could result in possible fines and/or imprisonment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s