In this post we want to share with you a question that arose from the first post in this series: whether exploits are the same as malware. What are we talking about? The best way to debunk any myth is to start by understanding what it is we are talking about.
Continuing with our support to the European Cyber Security Month, we are publishing now about a interesting myth in Computer Security: Is an exploit the same as malware? In this post we want to share with you some thoughts about this question.
What are we talking about?
The best way to debunk any myth is to start by understanding what it is we are talking about. We have already written quite a lot about malware and I’m sure our regular readers are clear about it, but for those with shorter memories, just try to remember that when we talk about malicious code, we’re referring to any kind of program or application designed to cause any type of damage to a machine belonging to a user who, either by error, carelessness, or lack of knowledge, runs it on their system.
On the other hand, we have exploits, which can be defined as programs created specifically to exploit a vulnerability, in other words—simply trying to take advantage of an error in the design or programming of a system or application. For example, when someone manages to take advantage of an error, the person using the exploit tries to obtain administrator privileges for the operating system, and thus gain control of it.
Categorizing malware and exploits
Malicious code is classified according to the payload or malicious action it performs, hence the different categories or types such as viruses, worms, Trojans and botnets, among many other types, which are described in our Glossary.
As for exploits, we can divide them into different categories according to the vulnerability they exploit to gain access to the system. Among these categories we can mention buffer overflow, Cross Site Scripting (XSS), SQL injection, and character injection, to name just a few.
Similarities and differences… but both malicious
As we can see, there are differences between malicious code and exploits, but undoubtedly the similarities between them are greater. While an exploit on its own is not malicious, cybercriminals tend to use them as a component within their malicious code to gain access to a system illegally.
A lot of malicious code makes use of exploits to achieve its goal and take control of a system, but it doesn’t all exploit vulnerabilities in the same way. We have to keep in mind that attackers do not only exploit vulnerabilities in systems, but they may also use Social Engineering to gain the trust of a user and steal their information, as very often this is the fastest way to achieve their malicious objective.
Identifying the threats we might face, as users of technology, will inevitably help us to maintain a good level of information security. We must remember that lots of cybercriminals exploit the lack of knowledge of many users about how technology functions in order to launch their attacks. To the extent that we know about these threats and share what we know with those who are close to us, we will reduce the options open to attackers.
Finally, we encourage you to tell us about any other malware myths you would like clearing up or any questions that come to mind!
Image credits: ©gnislew/Flickr