In 2023, a million personal and corporate devices were compromised with infostealer malware.
For each of those devices, close to 51% of login credentials were stolen.
Businesses like yours pay a steep price for cybercrime: $1.3 million on average in 2023.
Below, we explain what malware is, why it’s a concern, and how to protect your business against this growing threat.
Understanding Malware
What is malware and how does it affect your device?
Briefly, malware stands for “malicious software.” It refers to a range of software that can compromise the security of devices such as mobile phones, desktops, laptops, and tablets. All operating systems are vulnerable, including Android, iOS, Windows, and macOS.
When malware infects a device, it can result in one or more of the following:
- File corruption: malware variants can corrupt or delete files without your permission.
- Economic loss: threat actors can infect your systems with ransomware (a type of malware) and hold your devices hostage until you make a substantial cryptocurrency payment.
- Unauthorized access: a Trojan horse (another type of malware) allows cybercriminals to monitor your systems remotely and steal sensitive data such as Social Security numbers, credit card info, and passwords.
- System malfunction: malware often consumes significant server resources, causing your devices to experience severe lags in performance.
- Privacy invasion: some malware variants can even hijack device cameras without your knowledge.
Common types of malware and their characteristics
Malware can spread through various vectors, such as malicious email attachments and unauthorized app downloads.
Some types of modern malware can even evade detection.
The most common types of malware include:
- Viruses
- Worms
- Trojan horses
- Spyware or keyloggers
- Infostealers
- Adware
- Ransomware
How malware can compromise your online security
Malware is the most common type of cyberattack against SMBs: 82% of ransomware attacks target businesses with fewer than 1,000 employees.
The results are catastrophic, with 75% of SMBs admitting that a ransomware attack would bring business to a complete stop.
As the threat landscape evolves, threat actors are using increasingly sophisticated social engineering tactics to gain your trust.
You may be promised a lucrative partnership, exclusive deals on security software, or a high-value investment opportunity. A threat actor may send you a legitimate resume in the form of a PDF infected with malware.
They could even impersonate popular software vendors and send you emails with instructions to install fraudulent updates. When you click on the update link, malware is installed on your system.
This can lead to data theft and corporate espionage, where your trade secrets are exfiltrated without your knowledge.
Symptoms of Malware
Signs on a Mac or computer
The most common signs of malware on a Mac system are:
- Emails and messages sent without your consent. Your colleagues or business partners may receive suspicious emails from you that you didn’t send.
- Security alerts that look legitimate. You may receive fraudulent antivirus warnings or recommendations to download a software patch.
- High CPU usage. Your device CPU may submit a high volume of RAM requests to run mysterious processes or apps in the background.
- Performance lags. Your Mac device may experience severely slow boot times and sluggish app responses.
- Intrusive and persistent pop-ups and ads. These pesky ads can be a lucrative source of income for attackers who profit from PPC (pay-per-click) schemes.
Signs on an Android or iPhone
You aren’t alone if you’ve ever wondered, “How do I check for malware on my Android?”
The most common signs of malware on an Android or iPhone system include:
- System performance issues. Malware can exhaust server resources, causing severe lags in performance and rapid battery depletion.
- Unexpected actions. If your device is infected with malware, you may experience unexplained reboots or unusually long shutdown times.
- Signs of unusual activity. Your device may show significant spikes in data usage, even when it’s idle.
- Fast-draining battery. IOS updates are notorious for allegedly causing battery drain issues – but malware could also be the problem.
- Unexplained fees. Threat hackers can use malware to sign you up for premium services you didn’t request.
- Files changed in the root user account. A newly discovered macOS bug allows hackers to bypass the macOS System Integrity Protection, a security mechanism that prevents unauthorized alterations to your most critical system resources. Fortunately, there’s a patch for this.
How to Get Rid of Malware on an Android
Restart to safe mode
Can malware be deleted?
The answer is yes. The first step is to restart in Safe Mode.
Here, it’s important to remember that rebooting in Safe Mode won’t remove all malware on your device. It can, however, prevent most types of malware from running while you troubleshoot the issue. Here's how to reboot in Safe Mode.
Read on for the next steps in removing malware on your Android.
Uninstall suspicious apps
After entering Safe Mode, check your Activity Monitor for suspicious files or apps. Here’s how to uninstall any malware you find on your Android. You’ll also want to clear your browser cache or browsing history.
Alternatively, you can use Microsoft Defender Offline to remove or quarantine any malware.
Look for signs of other apps with infected malware
To fully secure your device, you’ll need to ensure that all traces of malware have been wiped from your device. But how do you do that? Trojans, for example, are notoriously difficult to detect.
If you find yourself in this situation, these industry-leading Trojan scanners can help you detect and remove the malware.
You can also try Android anti-virus apps like Bitdefender Mobile Security.
Factory reset
If all else fails, a factory reset may be in order.
Here, it’s important to note that, while a factory reset can be extremely effective, it won’t protect your device from zero-day vulnerabilities or eliminate any rootkit malware, which gives hackers admin access to your device.
A factory reset also won’t prevent these threat actors from using social engineering schemes to steal your data or business trade secrets.
Remember to back up your data to the cloud or on-premises storage before starting a factory reset.
Install latest updates
You’ll want to combine a factory reset with an update to the latest version of your Android’s OS. An update will provide the latest security features to protect your device.
Here's how you can do an Android systems update. You’ll want to keep up with updates: in Jan 2024 alone, Google released 58 security updates for Android.
Use app verifier in Google Play Store
Google Play Protect is an app verifier or security feature in Android that helps detect potentially harmful apps and malware.
Here’s how you can access Google Play Protect and how you can turn it on.
How to Get Rid of Malware on iPhones
Restart iPhone
iPhone users often ask us one of two questions:
- Can I remove the malware myself?
- How do I get rid of a malware virus?
The answer to the first question is yes.
Second, you’ll want to restart your device to begin ridding your iPhone of malware or a virus.
A restart can help clear RAM (random access memory) from your device. This will remove any non-persistent malware that runs only in memory.
A restart is also usually the first step you take to start a systems update.
Read on for more ways to get rid of any malware or viruses on your iPhone.
Ensure IOS is up to date
Make sure you have the latest iOS version to protect your device from any vulnerabilities that can be exploited by malware. Here’s how you can update to the latest iOS version.
Delete any suspicious apps
If you use public Wi-Fi networks regularly, you’ll want to be diligent in checking for suspicious apps.
Norton 360 for Mobile is one of your best options for removing malware (including ever-elusive Trojans) from your iPhone.
For a budget option, you can also try Avira Mobile Security, a free iPhone anti-virus option that comes equipped with a free VPN for securing communications over a public network.
Clear browsing data
Next, you may want to clear your browsing data, cookies, and cache. If you use Safari, go to Settings > Safari > Advanced > Website Data and tap on Remove All Website Data.
Using another browser? Get instructions on how to clear your cache, cookies, and history here.
Clearing the cache is important because it removes malicious scripts, images, and stylesheets that live in your browser cache.
Check app permissions
Checking app permissions is critical in identifying malware. Permissions regulate how much and what type of data apps can access.
Malware can give hackers access to your texts, photos, location, and contacts without your permission.
So, reviewing and restricting these permissions can help enhance the security of your device.
Factory reset
A factory reset can remove any apps (or malware) that were installed without your knowledge.
This process is known as Erase All Content and Settings.
Doing this will erase all your data and restore your privacy settings.
Restore iPhone to the previous backup
After a factory reset, you’ll want to restore your iPhone from a backup to retrieve all your previous data, such as photos and text messages.
If you’re using Windows 10, Windows 11, or an older macOS version, you can use iTunes or iCloud to get your data back.
If you have a newer macOS version (such as Catalina, Sonoma, or Ventura), open the Finder or Apple Devices App. If you aren’t sure which macOS you have, find out here.
How to Get Rid of Malware on Mac
Remove internet connection
The first step in removing malware from your Mac is to disconnect from the internet. Many variants of malware must have internet coverage to transfer data from your device to a remote server.
By going offline, you prevent further data exfiltration and malware infections.
Finally, disconnecting allows you to run anti-virus scans without interference from new exploits or attacks.
Restart in safe mode
Turning on Safe Mode ensures that malware stops spreading while you’re focusing on cleaning up your system.
Before starting Safe Mode, go to the Apple Menu and click on About This Mac. You’ll want to figure out whether you have an Intel or Apple silicon processor. This determines how you’ll commence restarting in Safe Mode.
Review the activity monitor
You’ll want to review the Activity Monitor on your Mac to spot any suspicious recurring processes or apps that are consuming excessive resources.
Checking the Activity Monitor may help you identify irregularities in memory usage, CPU usage, and network activity. Here's how you can view your CPU activity in Activity Monitor on your Mac.
Uninstall recent apps
One of the most popular questions we get is, “How do I clean my device from malware?”
Uninstalling recent apps can help. But it won’t protect against persistent malware or malware disguised as legitimate software.
Apple offers a three-layered defense to clear your Mac device of malware:
- Gatekeeper (with Notarization) prevents the launch or execution of malware
- XProtect, Gatekeeper, and Notarization halts the spread of malware that has already infected your Mac
- XProtect acts to remediate malware that has executed successfully
Check browser for strange activity
Regularly check for unexpected redirects, unusually slow performances, and new toolbars you didn’t download.
Be sure to inspect your search engine settings to ensure they have not been tampered with.
Delete cache
Deleting your cache can help remove any malicious code stored on your Mac. But, beware: there are different types of cache. Removing the wrong one CAN negatively impact the proper functioning of the macOS.
A systems cache, for example, is connected to the macOS. You’ll want to proceed with caution here. Never delete any cache folder, just individual files.
You can, however, safely clear browser cache in Safari.
Remove suspicious browser extensions
Check for suspicious extensions and remove them. Here’s how you can remove browser extensions in Safari, for example.
Reset browser settings
Resetting browser settings can help remove changes made by malware. Here’s how you can reset your browser in Safari, Chrome, and Firefox. And here’s what to do for an Opera browser reset.
Factory reset
A factory reset should be a last resort, along with a complete reformat of your hard drive and OS system reinstall.
If you own a Mac, you’ll want to follow these steps for a factory reset.
How to Get Rid of Malware on a Computer
Disconnect from the internet
What are the steps to remove malware from a computer?
The first is to immediately disconnect from the internet.
Disconnecting can prevent malware from communicating with a malicious command and control (C&C) channel.
By disconnecting, you can prevent C&C attacks like DDoS attacks and ransomware.
Restart into safe mode
Safe Mode starts the computer with just enough drivers and functions to enable the OS to run. Malware often relies on more advanced functions to operate fully, so limited functionality can make it easier to spot, i.e. suspicious processes will stand out more prominently. Here's how you can start your PC in Safe Mode.
Close malicious apps and updates
Identifying and closing malicious apps is another key step to take.
And it needn’t break the bank. These three malware removal tools can do the job for you, and they’re free.
Use a malware scanner
With AI-based polymorphic malware keeping IT staff up at night, you’ll need AI-based scanning capabilities to detect and respond to anomalies in real-time.
For example, the Lumen Defender software detects Cuttlefish malware targeting business or commercial routers.
Check homepage browser
Windows is the most used operating system on desktops and laptops, with a market share of 73%.
In 2023, laptop use increased by 3% from the previous year, and Windows is the dominant OS for laptop users.
So, if you’re reading this, there’s a good chance you either own a laptop or are using one.
Many laptop users ask us, “How do I remove malware from my Windows laptop?”
First, you’ll want to answer these questions:
- Each time you log on, are you redirected to a different browser?
- Does your browser redirect you to a less secure URL (HTTP instead of HTTPS)?
If you answered yes to either, your browser may be infected with malware and may need to be reset. Here’s how to reset the Chrome browser.
Clear cache
Clearing your cache refers to clearing the portion of your hard drive that stores files your browser may use again. The cache’s files can be a target for malware. So, clearing it can remove malicious scripts and prevent harmful redirects. Here’s how to clear your cache in Chrome, Firefox, Microsoft Edge, Safari, and Opera.
How to Protect Devices Against Malware
Know how to spot suspicious activity or requests
Staying vigilant is key to fighting a malware infection. According to the SANS Institute, Microsoft’s AMSI tool can be a powerful ally in helping you detect malicious JavaScript, VBS, and PowerShell scripts.
Clear trash frequently
Taking out the trash is a good thing, both in the digital and real world. Adware, for instance, can flood your browser with ads that you can’t close. Here’s how you can take out the adware trash in Chrome, Safari, Microsoft Edge, Firefox, and Internet Explorer.
Use strong and unique passwords
It’s no secret that passwords are the single weakest link in a secure environment. Password reuse can create a domino effect, leading to cyber-attacks and malware infections.
According to NIST’s newest password guidelines, password length is more important than complexity. The longer a password is, the more impervious it is to brute-force attacks. A password of 12-15 characters provides ample protection.
Use a password management software
Password managers like LastPass store your passwords, credentials, and other sensitive data in password vaults. And you need only one master password to access the vault.
Your data is kept safe due to our zero-knowledge architecture and powerful military-grade encryption. This ensures that even if malware infects your device, attackers can’t easily use brute-force methods to decipher your master password.
Protect your business from malware. Start your LastPass trial today.
