Recognising the signs you are infected with malware isn’t always easy. Cybercriminals disguise their work and bury malware deep within system files and registries, making it difficult to detect and remove.
There are tell-tale signs that both users and IT teams can look out for that will help recognise a malware infection sooner rather than later and take steps to recovery.
This article provides an overview of malware, describing how a device gets infected. We also reveal 11 common signs that a device is infected and discuss measures you can take to recover a malware-infected device.
- What Is Malware?
- How Do You Get Infected With Malware?
- 11 Signs You Are Infected with Malware
- 1. Popup Ads
- 2. Slow Computer Or Mobile Device
- 3. Computer Will Not Fully Restart or Shut Down
- 4. Regular System Crashes
- 5. Your Antivirus Software Gets Disabled
- 6. Web Browser Gets Redirected
- 7. Your Files Get Encrypted or Deleted
- 8. New or Unusual Web Browser Plugins Appear
- 9. Important Looking Fake Warning Messages
- 10. Spam Emails Sent to All Your Contacts
- 11. Phantom Posts on Your Social Media
- How To Remove Malware From Your Device
- Further Technology Articles
What Is Malware?
Malware is malicious software that quietly invades unprotected user devices such as laptops, desktop computers, tablets or mobile phones with the intention to release additional malicious code such as a virus, ransomware or spyware.
The reason hackers deploy malware may vary. Malware can make money off a single victim or an entire company by deploying ransomware or a destructive virus, sabotaging their ability to get work done. Other times, hackers use malware to make a political statement by stealing data and posting online for public scrutiny.
Although the malware itself tends not to damage physical hardware or network equipment, it is mainly used to deploy ransomware that encrypts, steals, or deletes your data. It can also use spyware or keylogging programs to take over computer functions or spy on your online activity without your knowledge.
How Do You Get Infected With Malware?
Malware can infect a victim’s computer or mobile device when they unknowingly surf hacked websites or view a legitimate site with malicious ads. Other times, users unknowingly download infected files, install malicious programs, or open an email attachment containing malware via a phishing attack.
Often, malware and its malicious payload lurk in what appears to be legitimate applications. When users download a ‘free’ application from a website, this helpful software tool may also contain malware.
Phishing is another primary path of infection, whereby a direct link placed in an email or text message invites a user to download an app, log into their bank, or reset a password. You must pay attention to any warning messages, especially if the messages prompt you to grant permission to access your email or other sensitive information.
11 Signs You Are Infected with Malware
Malware often follows a clicked link in an email or when installing a ‘free’ piece of software. Here are 11 tell-tale signs you are infected with malware to watch out for.
1. Popup Ads
Unwanted popup ads that appear directly on your desktop can be a clear sign of malware infection. Malicious adware is often deployed by malware to target its victims with an avalanche of advertisements.
Often, these ads are legitimate and create revenue by earning an affiliate fee anytime someone clicks on the ad. Sometimes the adware contains links to malicious websites, harbouring more malware waiting for the opportunity to infect the user’s device via malvertising.
2. Slow Computer Or Mobile Device
Once malware starts working and deploys its malicious payload, it reduces the speed of the infected device. If you are surfing the internet with only a few windows open or using simple local applications such as a word processor, your system’s CPU and memory resources may be unusually high.
You may also notice your device’s fan running at full speed (or getting hotter), which indicates that something is using system resources in the background.
Slowness can also be due to a botnet, a network of ‘captive’ computers hackers use to deploy Distributed Denial-of-Service (DDoS) attacks, send spam via email, or mine cryptocurrency via crypto-jacking.
3. Computer Will Not Fully Restart or Shut Down
Once the malware has infiltrated the device or system, it will take CPU and memory processes away from legitimate applications and services. As a result, even the most straightforward tasks may falter.
The user may find that the computer or laptop may not fully shut down or restart when prompted due to high utilisation, or the malware may have damaged critical system files or altered registry settings. Checking logs for issues is one place worth investigating.
4. Regular System Crashes
Most likely, you are familiar with the term “Blue Screen of Death” (BSOD) with Windows. A computer or mobile phone crash can occur as a freeze, where nothing moves unless you force a shutdown, and it can also happen when a Windows system encounters a fatal error.
While a healthy system may crash every once in a while, regular system crashes are a possible sign of malware or its various payload types, such as a virus, spyware, Trojan horse, key logger or ransomware lurking within system memory, causing issues.
5. Your Antivirus Software Gets Disabled
Ironically, malware can disable the antivirus software you have installed to protect your system. If you notice that your antivirus application stops working, you may be infected with malware, especially if you find you cannot turn the antivirus protection back on as its been disabled.
Although standard antivirus (AV) software will not protect you from malware, the latest Endpoint Protection (EPP) applications or Nextgen Antivirus (NGAV) security suites often have malware protection.
6. Web Browser Gets Redirected
Some site redirects are legitimate and used for marketing purposes or when legitimate content is moved to another web server. However, if you attempt to go to Google and your browser goes to an unfamiliar search site, you’ve got a problem.
Sometimes these redirects are less noticeable. For example, a Trojan might divert your browser to a fake website that mirror’s your bank’s website.
The URL will be familiar (but maybe intentionally misspelt), and many people won’t notice since the landing page looks correct. When you log in, you unknowingly hand over your login credentials to cybercriminals gangs.
Malicious web browser extensions often perform redirection attacks. If you experience problems, check your browser settings and disable or delete any unfamiliar browser extensions or plugins. If you didn’t install them yourself, they don’t belong there.
7. Your Files Get Encrypted or Deleted
Ransomware is a devastating type of cyber attack that compromises a user’s device, such as a laptop, desktop, tablet or mobile, and is usually via malware. A ransomware attack encrypts all user data, so it is no longer usable and will typically spread to other computers on your network.
At some point, you will be contacted by your attacker via email or popup message and directed to a dedicated web page to make a ransom payment in return for the digital key to unencrypt your data.
The demand payment is usually in a cryptocurrency such as Bitcoin, as its untraceable. You may elect to pay the ransom, though that’s not a guarantee that you’ll recover your files, as many times, the files are never fully recovered, even if the ransom is paid. There are ways to recover from a ransomware attack.
8. New or Unusual Web Browser Plugins Appear
If you find that your web browser’s default homepage changes or you find unusual icons on your browser’s toolbar, check to see if you have any new web browser extensions, toolbars, or plugins installed. If you do, you likely have a malware infection.
The source of unwanted browser plugins may vary. It usually happens when the users click on a popup that says “winner!” or something similar, triggering the download of the unwanted plugin. Again, check your browser settings and disable or delete any unfamiliar extensions. Run a full antivirus scan.
9. Important Looking Fake Warning Messages
Creating and deploying authentic-looking error warning messages via malware, known as ‘scareware’, is big business. The cybercriminal uses scareware to display fake messages on the victim’s device.
Scareware displays warnings informing the victim of a fake security threat and directs the user to a website for a security software upgrade. This upgrade often triggers a more dangerous cyberattack, such as ransomware.
You may see a fake warning from the FBI or other law enforcement agency stating that your device has been used to browse illegal content and is currently infected with a virus. You will then be directed to an official-looking page to have your device ‘cleaned’.
10. Spam Emails Sent to All Your Contacts
Once a hacker gains access to your system, they may also gain access to several of your user accounts, including email. From there, they will send spam or phishing emails to everyone on your contact list. Since the recipients know you, they won’t suspect that the message contains links or attachments containing malicious malware.
If you receive an unusually worded email, especially with an attachment or link, from someone you know, contact them directly via phone, text, or chat. It could be that they have been infected with malware.
11. Phantom Posts on Your Social Media
Using malware, hackers can also infiltrate your social media accounts and generate fake posts or messages on your behalf. Typically, these posts contain click-worthy statements such as “OMG, did you see what happened to me last night?” or “Look at this crazy picture I took!” What comes next is a malicious link to infect other users.
How To Remove Malware From Your Device
At Securus Communications, we always recommend that you engage first with your IT department or a professional data recovery consultancy regarding malware. However, let’s review the four main steps to malware removal.
Stop Using The Device
If you are experiencing the tell-tale signs of malware, the best practice is to immediately STOP all banking, shopping, and other online activities and inform your IT department or 3rd party support company.
Backup Your Files
If you don’t already have a backup, now is the time to save your user data files (such as documents, photos, databases, etc.) to a cloud drive or USB memory stick. We will discuss performing a virus and malware check on these files in a later step.
Wipe & Re-Install
At this point, we recommend a complete system wipe and performing a fresh install of your operating system (OS) and any essential applications such as a word processor or email client.
Yes, this may seem overkill, but you will be surprised how ‘sticky’ malware can be, even with the latest EPP or NGAV suites performing a post-cleanup exercise.
Ensure all of your newly installed software is up to date, including the Operating system (OS) and security patches for both the OS and any additional apps you installed.
Now is the time to purchase and install security software, such as a Nextgen Antivirus (NGAV) suite or Endpoint Protection (EPP) software. Also, turn on automatic updates so your software stays up to date.
Scan, Clean & Finish
By now, you have a clean install, are running the latest OS security patches, and have either the latest version of a Nextgen Antivirus (NGAV) suite or Endpoint Protection (EPP) software installed.
It’s time to scan the user files you backed up earlier to your cloud drive or USB stick for malware and viruses. If those files come back clean, you can copy them to your local device or leave them in the cloud. Now perform one final full scan of your entire device, and you are all set.
Malware infections pose a significant security threat to an individual user or an entire business network. Once a device has been infected, you’ll see one or more warning signs indicating that a system has been compromised.
Recognising the signs of infection early on can limit the damage to a single device before the malware payload can spread to other users via email contacts or over the same business network, saving valuable time, resources, and, most importantly, critical personal or business data.
If you would like to discuss your network security requirements in more detail with one of our cybersecurity professionals, please don’t hesitate to get in touch.