Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Malware‑Based Attacks

Malware (malicious software) refers to any software intentionally created to damage systems, disrupt operations, steal data, or gain unauthorized access. Malware attacks remain one of the most common and destructive cybersecurity threats.

Types of Malware

• Viruses

Malicious code that attaches to legitimate files and spreads when they are executed.

• Worms

Self‑replicating malware that spreads automatically across networks without user action.

• Trojans

Malware disguised as a legitimate file or application to trick users into installing it.

• Ransomware

Malware that encrypts files or systems and demands payment for decryption.

• Spyware / Keyloggers

Software that covertly monitors user activity, capturing keystrokes or sensitive data.

• Adware

Software that displays unwanted ads or redirects users; sometimes used to track users or degrade system performance.

🏆 Top 10 Most Significant Malware Attacks (All‑Time)

1. WannaCry (2017)

A global ransomware worm that infected 200,000+ systems in 150 countries, crippling hospitals, telecoms, and manufacturing.

2. NotPetya (2017)

A destructive wiper disguised as ransomware, causing over $10 billion in damages worldwide. Spread through poisoned software updates.

3. Stuxnet (2010)

A sophisticated worm targeting industrial systems (ICS/SCADA). It physically damaged Iran’s nuclear centrifuges—considered a landmark cyber‑physical attack.

4. ILoveYou Virus (2000)

One of the fastest‑spreading viruses ever, spreading via email and causing billions in losses.

5. SQL Slammer Worm (2003)

A tiny worm (376 bytes!) that spread across the internet in minutes, knocking out ATMs, airlines, and emergency services.

6. Code Red (2001)

A worm targeting Windows servers, defacing websites and launching major DDoS attacks.

7. Zeus Trojan (2007–present)

A banking trojan used for massive credential theft and online fraud. Spawned numerous variants.

8. Conficker (2008)

Infected millions of systems through Windows vulnerabilities and weak passwords. A major wake‑up call for patching.

9. CryptoLocker (2013)

One of the first successful modern ransomware campaigns—popularized the “pay to decrypt” model still common today.

10. Emotet (2014–2021, revived 2021)

A modular trojan and botnet used to deliver other malware (including ransomware) at global scale.

Must‑Know Malware Families, Tools, and Strains (Awareness Only)

Listed to help defenders recognize threats — not for misuse.

Major Ransomware Families

  • WannaCry
  • Maze
  • Ryuk
  • LockerGoga
  • Conti
  • LockBit

Banking Trojans

  • Zeus
  • Emotet
  • Dridex
  • TrickBot

High‑Impact Worms

  • Stuxnet
  • SQL Slammer
  • Conficker
  • Blaster

Spyware / Surveillance Tools

  • Pegasus
  • FinSpy
  • DarkComet

Adware & Large‑Scale PUP Campaigns

  • Fireball
  • Gator/Claria

IoT & Botnet Malware

  • Mirai (used for massive DDoS attacks)
  • Emotet (as a loader/botnet)
  • Necurs

🔍 Mirai Attack Overview (Short Presentation Section)

• What is Mirai?

Mirai is a malware strain that infects Internet‑of‑Things (IoT) devices such as cameras, DVRs, and routers.

• How it Works

It scans the internet for devices protected by default or weak credentials, infects them, and recruits them into a large botnet.

• Impact (2016)

Mirai executed one of the largest DDoS attacks in history against DNS provider Dyn, which caused outages for: Twitter • Netflix • Reddit • GitHub • Spotify • Airbnb and more.

• Why It Matters Today

Mirai source code was publicly leaked, leading to many copycat botnets and highlighting the dangers of insecure IoT devices.

🧩 Advanced Malware Concepts

• Fileless Malware

Operates in memory without writing files to disk, making it difficult to detect.

• Polymorphic Malware

Regularly changes its code signature to evade antivirus tools.

• Rootkits

Hide malicious activity by modifying system-level components.

• Supply‑Chain Malware

Targets trusted providers or software updates to infiltrate many organizations at once.

🛡️ Defensive Mindset: Key Malware Mitigation Concepts

  • Keep operating systems and software fully patched
  • Use endpoint protection and behavioral monitoring
  • Apply least‑privilege principles
  • Maintain tested offline backups
  • Filter email attachments and block macros
  • Segment networks to prevent broad infection spread