{"id":41901,"date":"2022-10-31T13:50:02","date_gmt":"2022-10-31T19:50:02","guid":{"rendered":"https:\/\/webirix.com\/?p=41901"},"modified":"2022-10-31T13:50:02","modified_gmt":"2022-10-31T19:50:02","slug":"malware-y-sus-tipos-mas-comunes","status":"publish","type":"post","link":"https:\/\/webirix.com\/en\/malware-y-sus-tipos-mas-comunes\/","title":{"rendered":"Malware y sus tipos mas comunes"},"content":{"rendered":"<p><b><span data-contrast=\"auto\">\u00bfQu\u00e9 es el Malware?<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">El <\/span><b><span data-contrast=\"auto\">Software malicioso <\/span><\/b><span data-contrast=\"auto\">o<\/span><b><span data-contrast=\"auto\"> Malware <\/span><\/b><span data-contrast=\"auto\">es un software dise\u00f1ado para interrumpir operaciones computacionales o ganar acceso a sistemas, sin el conocimiento o permiso del usuario.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Nota: Malware describe a todo software intrusivo o hostil.<\/span><\/p>\n<p><b><span data-contrast=\"auto\">Virus<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Consiste en <\/span><b><span data-contrast=\"auto\">c\u00f3digo malicioso<\/span><\/b><span data-contrast=\"auto\"> que se adhiere a otro ejecutable (.exe) legitimo, suelen requerir de la inicializaci\u00f3n del usuario, y se pueden activar en alg\u00fan hora o fecha determinada.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\"> Un virus puede ser inofensivo (\u00fanicamente molesto) o destructivo (da\u00f1a, roba o encripta info.), estos mutan para evitar ser detectados.\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Se propagan por:\u00a0<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\">\u00a0<\/span><\/p>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"2\" data-list-defn-props=\"{&quot;335551671&quot;:0,&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"0\" data-aria-level=\"1\"><span data-contrast=\"auto\">Medios removibles (USB).<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\">\u00a0<\/span><\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"2\" data-list-defn-props=\"{&quot;335551671&quot;:0,&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"0\" data-aria-level=\"1\"><span data-contrast=\"auto\">Desde descargas de internet (Anuncios, Sitios pornogr\u00e1ficos, de piratear\u00eda, SPAM).<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\">\u00a0<\/span><\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"2\" data-list-defn-props=\"{&quot;335551671&quot;:0,&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"0\" data-aria-level=\"1\"><span data-contrast=\"auto\">Adjuntos en Emails (C\u00f3digo malicioso, Enlaces, Archivos Adjuntos).<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">Se puede accionar al abrir un archivo, o un sector de arranque o un virus de sistema de archivos infectando medios removibles, otros programas y computadoras en la red.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">Gusanos<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Un <\/span><b><span data-contrast=\"auto\">Gusano<\/span><\/b><span data-contrast=\"auto\"> es c\u00f3digo malicioso que se replica explotando vulnerabilidades en las redes, puede ejecutarse y propagarse sin requerir la participaci\u00f3n activa del usuario, causando ralentizaciones en la red. Tienen una vulnerabilidad que los habilita para propagarse sin control (Payload)<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">Caballos de\u00a0<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\"><b>Troya<\/b>\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Un <\/span><b><span data-contrast=\"auto\">troyano<\/span><\/b><span data-contrast=\"auto\"> es un malware que se disfraza de una operaci\u00f3n deseada (enviar un mail, borrar un archivo, guardar tu clave), usando los privilegios del usuario para causar da\u00f1os, a diferencia del virus este se adjunta a archivos no ejecutables (im\u00e1genes, audios, juegos).<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">Bombas l\u00f3gicas<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Una bomba l\u00f3gica espera a ser accionada (por un evento aleatorio), cuando se activa, implementa c\u00f3digo malicioso para da\u00f1ar al equipo (sabotear BD, borrar archivos, atacar SO o aplicaciones).<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Existen bombas que destruyen el hardware, provocando fallos tecnicos o sobrecalentamiento en los componentes.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">Ransomware<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Un <\/span><b><span data-contrast=\"auto\">ransomware <\/span><\/b><span data-contrast=\"auto\">aprisiona o retiene un sistema o su informaci\u00f3n, encriptando esta ultima con una clave, hasta que se pague un <\/span><b><span data-contrast=\"auto\">rescate (ransom)<\/span><\/b><span data-contrast=\"auto\"> para liberarlo.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Una vez pagada se env\u00eda la clave o un programa que desencripta los archivos (suponiendo que no instalo una puerta trasera).<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">Puertas traseras y rootkits<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Una <\/span><b><span data-contrast=\"auto\">puerta trasera<\/span><\/b><span data-contrast=\"auto\"> es un programa o c\u00f3digo introducido a un sistema comprometido, se saltan la autenticaci\u00f3n del sistema (ejemplos son NetBus y Back Orifice) que permiten accesos remotos, <\/span><span data-contrast=\"auto\">garantizando futuros accesos una vez corregida la vulnerabilidad original.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Un <\/span><b><span data-contrast=\"auto\">rootkit<\/span><\/b><span data-contrast=\"auto\"> modifica el SO para crear una puerta, suelen usar vulnerabilidades de programas para escalar sus privilegios (Privilege Escalation) y modificar archivos del sistema.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">El escalamiento de privilegios consiste en aprovecharse en errores de programaci\u00f3n o defectos en el dise\u00f1o para garantizar accesos elevados a recursos de red, y datos. Tienden a modificar las herramientas forenses (Avira, Windows Defender, etc.), volvi\u00e9ndolos dif\u00edciles de detectar, lo mejor es reinstalar todo el SO.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">Defendi\u00e9ndose del malware (Recomendaciones):<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\">\u00a0<\/span><\/p>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"2\" data-list-defn-props=\"{&quot;335551671&quot;:0,&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"0\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Programa antivirus<\/span><\/b><span data-contrast=\"auto\">: Detectan la mayor\u00eda de formas de malware, una soluci\u00f3n efectiva es mantener las firma (signature) actualizada (es como una lista de huellas propias de cada virus), permite identificar las caracter\u00edsticas de un trozo de c\u00f3digo malicioso.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\">\u00a0<\/span><\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"2\" data-list-defn-props=\"{&quot;335551671&quot;:0,&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"0\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Software actualizado<\/span><\/b><span data-contrast=\"auto\">: Las vulnerabilidades de SW son el foco de muchas formas de malware, en SO y Aplicaciones, ya que nunca faltan aquellos que por ganar tiempo o alcanzar los 99.999% de disponibilidad de sitios y servidores prefieren no actualizar los complementos, parches de seguridad, de estabilidad, etc.<\/span><\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"2\" data-list-defn-props=\"{&quot;335551671&quot;:0,&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"0\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">SPAM\/Junk Mail: <\/span><\/b><span data-contrast=\"auto\">Es correo no solicitado (a veces publicidad), que puede contener enlaces da\u00f1inos, malware o contenido enga\u00f1oso. Muchas veces se requiere abrir el spam para reportarlo, o en el caso de los servidores suelen filtrarlo, pero aun as\u00ed lo procesan o abren para verificarlo.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:200,&quot;335559740&quot;:288}\">\u00a0<\/span><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>\u00bfQu\u00e9 es el Malware?\u00a0 El Software malicioso o Malware es un software dise\u00f1ado para interrumpir operaciones computacionales o ganar acceso a sistemas, sin el conocimiento o permiso del usuario.\u00a0 Nota: Malware describe a todo software intrusivo o hostil. Virus\u00a0 Consiste en c\u00f3digo malicioso que se adhiere a otro ejecutable (.exe) legitimo, suelen requerir de la &#8230;<\/p>","protected":false},"author":4969,"featured_media":41902,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2291],"tags":[2371,2372,2370],"class_list":["post-41901","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tecnologia","tag-malware","tag-riesgo","tag-seguridad"],"jetpack_featured_media_url":"https:\/\/webirix.com\/wp-content\/uploads\/2022\/10\/principales-amenazas-ciberseguridad-2019-644x342-1.png","_links":{"self":[{"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/posts\/41901","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/users\/4969"}],"replies":[{"embeddable":true,"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/comments?post=41901"}],"version-history":[{"count":2,"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/posts\/41901\/revisions"}],"predecessor-version":[{"id":41904,"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/posts\/41901\/revisions\/41904"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/media\/41902"}],"wp:attachment":[{"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/media?parent=41901"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/categories?post=41901"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/webirix.com\/en\/wp-json\/wp\/v2\/tags?post=41901"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}