Malicious Code

What is malicious code and what can it do?

Malicious code usually performs actions against the user’s interest. This might be for example extracting sensitive information from the user’s computer and using it against him or his organization, breaking the information’s confidentiality and providing an advantage for the author of the malicious code.

What is an example of a malicious code?

Malicious code is hard to typify since technically any program can do an undefined amount of malicious or unwanted actions depending on the expected actions of the user who executes it, the environment the code executes in and the interest of the threat actor.

What are the types of malicious code?

Some definitions are:

• Viruses that tend to modify and spread malicious code to other programs
• Trojan Horses which appear to perform only wanted actions, but perform malicious actions in the background
• Worms which spread over the network, without any requirement of user interaction
• Backdoors which reside in the program, allowing the attacker to connect to, gain control over and compromise the system after execution of the program

How can you avoid downloading malicious code?

While having an Antivirus in addition to a Network Intrusion Detection System in place might help prevent or identify compromises, it is usually not enough to protect against a determined and skilled attacker. Good active mitigation practices include using automated online virus scanners before downloading the program, downloading programs from a trusted source, using programs open-source (while analyzing the code before execution) or executing the unknown program in a safe environment such as a virtual machine.

If you like this blog post, find more content in our Glossary.