The difference between computer viruses and malware
There are many types of computer viruses and malware, but what’s the difference between them?
A computer virus is a program that is designed to alter the way a computer operates, without the user’s permission or knowledge. In most cases, a virus will cause some type of harm to the victim’s computer, such as deleting files, stealing personal information, or slowing down the performance of the machine.
Malware, on the other hand, is a general term used to describe any type of malicious software, regardless of its intended purpose or functionality. This includes viruses, spyware, adware, Trojans, ransomware, and any other type of malicious code that can be used to wreak havoc on a victim’s computer or steal their personal information.
So, to summarise, the main difference between viruses and malware is that viruses are designed to cause harm to a computer, while malware is simply any type of malicious software.Site link
The Top 10 most dangerous computer viruses of 2020
The Top 10 Most Dangerous Computer Viruses of 2020
The year 2020 has been a tough one for everyone, and that includes the cybersecurity world. While there have been some amazing successes in thwarting cyberthreats, the truth is that the bad guys are always coming up with new ways to exploit vulnerabilities.
As we look ahead to the new year, we wanted to take a moment to look back at the top 10 most dangerous computer viruses of 2020. These are the malware threats that caused the most damage and disruption this year, and that we believe will continue to pose a serious threat in 2021.
1. WannaCry
WannaCry is a ransomware strain that first emerged in May of 2017. It quickly spread across the globe, causing billions of dollars in damage. The virus encrypts files on an infected system and then demands a ransom payment in order to decrypt them.
While WannaCry has largely been overshadowed by more recent ransomware threats, it’s still active and continues to cause damage. In 2020, there were several high-profile WannaCry attacks, including ones against the City of Busan in South Korea and the Nigeria Immigration Service.
2. Emotet
Emotet is a trojan horse that first appeared in 2014 as a banking trojan. Since then, it has evolved into a much more sophisticated and dangerous tool that is primarily used to deliver other malware, like ransomware.
Emotet is primarily spread through spam emails that contain malicious attachments or links. When a user clicks on the attachment or link, they unknowingly install the Emotet malware on their system.
While Emotet has been active for several years, it became a particularly serious threat in 2020. This is due in part to the fact that the malware began being used to deliver the Trickbot malware, which is often used to facilitate large-scale ransomware attacks.
3. Maze
Maze is a ransomware virus that was first seen in early 2019. It quickly gained notoriety for its use of “double extortion,” which involves not only encrypting a victim’s files but also stealing and exfiltrating their data.
The Maze ransomware operators would then threaten to release the stolen data publicly if the ransom wasn’t paid. This put immense pressure on victims to comply with the attackers’ demands.
In 2020, Maze was responsible for a number of high-profile attacks, including against the City of Bryan, Texas and Israel’s Ministry of Foreign Affairs. The operators behind the Maze ransomware have since retired, but the malware itself is still out there and continues to be used by other cybercriminals.
4. Sunburst/Solarisure
SolarWinds’ Orion network monitoring software had a vulnerability that was exploited by a sophisticated cyber espionage group that has been dubbed “UNC2452” or “Dark Halo” by researchers. The group used a backdoor called SolarWinds.Orion.Core.BusinessLayer.dll, which was signed with a valid SolarWinds certificate, to infect customer systems with a malware dropper called SUNBURST.
SUNBURST then deployed a second stage payload called TEARDROP, which gave the attackers full control over the infected system. This backdoor was used in a number of targeted attacks against high-value organizations, including the US Department of Defense, the US Department of Homeland Security, and major US tech companies.
5. Sodinokibi/REvil
Sodinokibi, also known as REvil, is a ransomware virus that was first seen in April of 2019. It’s notable for its use of a technique called “web server infiltration,” which allows it to spread laterally through an organization once it has gained initial access.
Sodinokibi has been used in a number of high-profile attacks, including against the City of Turin, Italy and the Canadian branch of candy company Ferrero. In 2020, the operators behind Sodinokibi launched a new campaign called “BigGame Hunting,” which targeted high-value organizations with tailored attacks.
6. Nefilim
Nefilim is a ransomware virus that emerged in February of 2020. It’s notable for its use of the ChaCha20 encryption algorithm, which is considered to be very strong and difficult to break.
Nefilim has been used in a number of high-profile attacks, including against the City of Knoxville, Tennessee and the Florida-based law firm GrayRobinson. In June of 2020, the operators behind Nefilim launched a new campaign called “Operation Nightmare,” which targeted healthcare organizations.
7. Lockbit
Lockbit is a ransomware virus that first emerged in May of 2020. It quickly gained notoriety for its use of “double extortion,” which involves not only encrypting a victim’s files but also stealing and exfiltrating their data.
The Lockbit operators would then threaten to release the stolen data publicly if the ransom wasn’t paid. This put immense pressure on victims to comply with the attackers’ demands.
In June of 2020, the operators behind Lockbit launched a new campaign called “Operation Sweaty Crocodile,” which targeted healthcare organizations.
8. Conti
Conti is a ransomware virus that first emerged in December of 2019. It’s notable for its use of the ChaCha20 encryption algorithm, which is considered to be very strong and difficult to break.
Conti has been used in a number of high-profile attacks, including against the City of Detroit, Michigan and the financial services firm First American. In May of 2020, the operators behind Conti launched a new campaign called “Operation Knightfall,” which targeted healthcare organizations.
9. NetWalker
NetWalker is a ransomware virus that first emerged in August of 2019. It’s notable for its use of “double extortion,” which involves not only encrypting a victim’s files but also stealing and exfiltrating their data.
The NetWalker operators would then threaten to release the stolen data publicly if the ransom wasn’t paid. This put immense pressure on victims to comply with the attackers’ demands.
In 2020, NetWalker was responsible for a number of high-profile attacks, including against the City of San Francisco, California and the Canadian company Cognizant.
10. REvil
REvil, also known as Sodinokibi, is a ransomware virus that first emerged in April of 2019. It’s notable for its use of a technique called “web server infiltration,” which allows it to spread laterally through an organization once it has gained initial access.
REvil has been used in a number of high-profile attacks, including against the City of Turin, Italy and the Canadian branch of candy company Ferrero. In 2020, the operators behind REvil launched a new campaign called “BigGame Hunting,” which targeted high-value organizations with tailored attacks.
All material on this site was made with malwarezero.org as the authority reference. Visit Here.