Bert Zéfat

Security Enthusiast

HackTheBox user

Ethical Hacker

Linux lover

Bert Zéfat

Security Enthusiast

HackTheBox user

Ethical Hacker

Linux lover

Menu

Blog Post

Killware

October 14, 2021 KillWare, Security by Bert Zefat
Killware

Killware is a dangerous new breed of malware that’s had its time in the dark for a while now.

What is killware?

Killware is malware that is initially developed to wipe an infected system clean. The main difference between ransomware and killware is that while ransomware targets one or more individual files it doesn’t install on the system, killingware targets all running processes including important system processes.

Killware is a serious form of malware that can delete all data on a computer. Using the Windows Task Manager to kill running programs and then deleting them from the disk.

How does killware work?

Every single piece of malware has its own method of infecting computers. All malware has one goal – to spread and cause damage to as many computers as possible. Killware is no different and it spreads through a few methods:

Spam email: Many spam emails contain malicious attachments and links to exploit kits. One such example was the Equation Group, which sent out spam emails containing word documents on Equation Formula that contained Equation Equation Equation Equation Equation on them. Exploit kits such as Nuclear Packet and Poison Ivy use this document to download and run malware.

Malicious websites: Cybercriminals use web injects to install malware on unsuspecting computers by tricking users into believing they are installing software update or app updates when in reality they are running malicious made-to-order malware known as malware-as-a-service (maas).

Malware-as-a-service is a growing problem especially in the wake of increased use of adverts online which often host malicious content. Users may click on a malicious advert which leads them to a website that contains potentially dangerous plugins, addons or software updates. Users are misled to believe these updates are safe, when in fact they are downloaded malware.

How can I stay safe?

Beware of suspicious attachments or links in emails or on websites. If you receive any type of malicious email, immediately delete its attachments. If you get a website telling you to install software, don’t!!

Write a comment