The Methods of Spreading Malware

Malware can spread in many different ways. This blog will explain most of the different methods and how they are used.

The World Wide Web

The World Wide Web is used in a number of ways to spread malware and infect vulnerable people. One of the most common techniques is to trick the user into downloading and running a piece of software that appears to be from a legitimate source/company, but is actually rigged with malware. This type of malware is known as a trojan horse, but the techniques used to encourage the user to actually download and run the malware is called phishing. Websites that offer pirated software/files such as The Pirate Bay often host these trojan horses, because criminals will upload their malware onto the site, bundled with other pirated content, making it easy for criminals to infect those who download illegal / pirated content.
Another method of spreading malware via the World Wide Web is through comprising websites. This is where hackers modify a webpage to contain malicious resources by exploiting vulnerabilities in the website. Usually the malicious resources / content is hosted on an external site owned and controlled by the hackers. They comprimise iFrames to display their malicious resources onto the webpage, resulting in the victim being infected by the malware.

USB / Removable Devices

Some devices require your computer to boot off them in order to function properly and unfortunately malware authors use this to their advantage. Malware uses your USB as a way to transfer itself onto other computers. Weirdly enough, if you have the correct knowledge on how to find hidden / protected files, then it should be pretty easy to find USB infections. Files like ‘autorun.inf’ or ‘konboot.gz’ are often used by malware to spread themselves onto other machines. Such methods of spreading are only really utilised by viruses or worms, but occasionally you may see a piece of ransomware use this aswell.

Network / Internet Connections

Network worms, rootkits and even sometimes ransomware will arrive and infect your computer via internet connections. The malware is sent to you through packets that evade Firewalls and network protection. They can also spread via local connections and wireless connections making them sneaky and hidden to the user. Malware can also be spread to systems via shared / public folders on the network.
I don’t really know a lot about how network traffic works, so this section is not explained very well.

Compromised Windows Updates / Windows Activation

If you own a pirated / cracked copy of Windows, you may be infected with malware, as the people who host the servers to “activate” your cracked copy of Windows may install malware into your system through a trojan backdoor. Moreover, they might even inject malware right into your Windows Update, allowing them to gather your documents and personal information. Many services /companies that host Windows Activation servers have been notorious for doing this.


Malware authors send unwanted emails (spam) to try to trick users into running malware. This malware can even be hidden in the email itself, so viewing previewing or even just loading the subject of the email may infect the user. Fortunately, many email providers have filters and protection against this, but you cannot guarantee that every threat will be blocked. Never open unexpected emails or emails from someone you don’t trust.
Malware authors can also send emails using someone elses email address via Outlook Express on Windows PCs. Outlook Express has had countless vulnerabilities in it’s history and I do not recommend using it. Nor do I recommend using any operating system older than Windows 7.


If I missed out any other methods, please tell me here.
I did a bit of research on malware before I wrote this blog post. If you are wondering, I watched a Pluralsight course called “Ethical Hacking: Malware Threats” by Dale Meredith.
I highly recommend starting that course 🙂



This post is just a bunch of ramblings. Feel free to leave if you dont want to be bored out of your mind 😉

This blog has been inactive for around a month or two and that was because I was burnt out from doing it. During that time, there were many things I wanted to blog about including the massive VTech hack or how Google is planning to deny all new SHA-1 Security Certificates in Google Chrome. I didnt have the time nor the energy and for that I’m sorry.

I recently posted something about state sponsored attacks, but to be honest I dont think I explained enough in that post. It needs more adding to it and I will probably rewrite that post sometime in the future.

As for later blogs, I have one planned for the 1st January 2016 and I hope that will be more interesting to the tech savvy people that read my blog posts.

Happy holidays! ❤

Extra: I really need better things to do than post ramblings 😛

[Old] What are state-sponsored attacks?

State-sponsored attacks are hacking incidents that are backed up or supported by government organisations/agencies. Often they support these attacks to gather information on the general public.

These state-sponsored actors may target activists, anonymous members of the public and random members of the public. The actual information these state-sponspored actors will try to obtain are names, email addresses, phone numbers, birthdays and other personal information used to identify you.

Government organisations can use this information to track and locate certain activists wanted by security agencies such as MI5, G4S or the police.

If your website/service comes under attack from a state-sponsored actor, it is almost impossible identify what government supported the attack. Some notorious governments known for these attacks are Russia, China, Great Britain and The United States.


If you do come under attack from a state-sponsored actor, it is recommended that you fix any vulnerabilities/security risks in your service as soon as possible to protect you and your users from government spying/hacking programs aiming to gain your personal information for illegal  uses.

Hacking is still illegal, even if they are in a position of authority / government power.