Have you heard of the Trojan horse? Not the one from Greek mythology, but the one that harms your device. It is a type of malicious software. In this article, we'll tell you how to avoid getting infected, spot the signs, and get rid of the malware. This is the second text in the Cybersecurity Practices series aimed at protecting Ukrainians in the digital space.

‍

WHAT IS MALWARE

Malware is any type of software designed to damage a device, steal information, or take control of a system without the user's consent. It can infect computers, smartphones, servers, and other devices through a variety of routes: fake links, infected files, unsecured networks, etc.

The main types of malware are:

1. Viruses that replicate themselves and infect other files or programs. They are activated when infected programs are launched.

 2. Trojans (Trojan horses) disguise themselves as legitimate programs, but once installed, give the attacker control over the device.

3. Spyware collects personal data: passwords, messages, browsing history, banking information.

4. Adware displays intrusive advertisements and can monitor user behaviour on the Internet.

5. Ransomware is one of the most dangerous types of malware. It encrypts data on the device and demands a ransom to unlock it.

6. Worms spread over the network without the user's involvement and can quickly infect many devices.

7. Rootkit hides other malware in the system, allowing the attacker to go undetected.

8. Backdoors create a ‘back door’ into a system, allowing an attacker to enter the system by bypassing security measures.

Malware is a real threat to every user. It can lead to:

• theft of personal data;
• financial losses due to access to bank accounts;
• loss or encryption of important files;
• external control of a device or connection to a botnet (a network of computers infected with malware);
• data destruction or system failure;
• compromise of personal information and damage to reputation.

‍

HOW TO AVOID MALWARE INFECTION

1. Install a reliable antivirus

• Use a licensed antivirus with automatic updates.
• Enable real-time protection.
• Do not ignore antivirus warnings.

2. Keep your operating system and applications up to date

• Regularly install updates for Windows, macOS, Linux, or other operating systems.
• Update browsers, plug-ins (Java, Flash), and other applications.

3. Be careful with emails

• Do not open attachments or links from unfamiliar or suspicious senders.
• Check the sender's address — fraudsters often disguise themselves as familiar services.
• Do not enter personal data on suspicious pages.

4. Download software only from official sources

• Avoid torrents and cracked software, which often contain malware.
• Download software only from the official websites of manufacturers or trusted stores (App Store, Google Play).

5. Do not ignore browser warnings

• If you see a security warning, it is better to close the site.

6. Use complex passwords and two-factor authentication

• Create unique passwords for each service.
• Enable 2FA (two-step verification) for accounts where possible.

7. Do not connect unknown USB devices

• External storage devices may contain viruses. Always scan them with an antivirus program before opening them.

8. Make backup copies of files

• Regularly create copies of important documents to an external medium or the cloud. This way, in the event of an infection, you can recover your data without ransom.

9. Be careful on social media

• Do not click on suspicious links (even from friends: their accounts may have been hacked).
• Do not enter your logins/passwords on pages that look like fake copies of well-known websites.

‍

SIGNS OF A DEVICE INFECTED WITH MALWARE

You can tell if your computer or smartphone is infected with malware. Here is a list of signs to look out for:

1. Reduced performance

• Your device is significantly slower than usual.
• Programs freeze or take a long time to start.

2. Suspicious activity on the Internet

• New tabs or sites open without your permission.
• Your browser's home page changes automatically.
• Unwanted toolbars or extensions appear.

3. Unusual email behaviour

• Your account sends emails that you did not write.
• You receive notifications about login attempts or password changes.

4. Pop-ups with advertisements or extortion

• Constant pop-up banners or messages about ‘winnings’.
• Demands to pay to unlock the device, which is a sign of ransomware.

5. Antivirus or system tools cannot be launched

• Antivirus is disabled or cannot be updated.
• Task Manager, Registry Editor, or other utilities do not work.

6. Files disappear or are encrypted

• Your files suddenly become inaccessible or have strange extensions.
• Folders are empty, even though you know exactly what was in them.

7. Unusual bills or increased traffic

• On your smartphone, a rapidly decreasing charge or an unusually high amount of data transferred.
• SMS are sent without your participation.
• Suspicious paid services appear.

8. Account hacking

• You cannot log in to your accounts, passwords have been changed.
• Someone is communicating with your friends on your behalf.

‍

HOW TO ACT IF YOUR DEVICE IS INFECTED WITH MALWARE

If you suspect that your device is infected with malware, follow these steps:

1. Immediately disconnect your device from the internet

• Switch off Wi-Fi and mobile internet. This prevents data from being transmitted to the attackers or further infection.

2. Run a full antivirus scan

• If possible, in Safe Mode.
• Use the antivirus you have installed or download a trusted utility (e.g. Malwarebytes, ESET Online Scanner).
• If the antivirus does not start, try a rescue disc from a USB flash drive or disc.

3. Do not open suspicious files or programs

• Do not interact with banners, suspicious windows, or ‘virus’ messages.

4. Change passwords to important accounts

• Do this from another, secure device. 
• Be sure to change passwords to email, banking, and social media.

5. Check autostart and installed apps

• Remove unknown or recently installed apps.
• Check what starts automatically when the system starts.

6. Create a backup of important files (if you don't have one)

• If the system is still working, copy documents, photos, etc. to an external storage device.
• Do not copy suspicious files.

7. Reinstall the system if you can't clean it

• This is a radical but effective way.
• Before reinstalling the OS, make sure you have backups.

8. Get help from a specialist

• If you are unsure of what to do, contact an IT professional.

After the threat is eliminated:

• Fully update your system and all applications.
• Install a reliable antivirus.
• Enable two-factor authentication for important accounts.
• Analyse how the infection occurred to avoid a recurrence.