TechJunkie is a BOX20 Media Company

Home Security What is a Zero Day Virus?

What is a Zero Day Virus?

What is a Zero Day Virus?

A zero day virus is part of a series of attacks called ‘zero day threats’. These are attacks that seek to exploit vulnerabilities in software that has yet to be found or patched. As well as zero day viruses, there is zero day malware. The phenomenon is sometimes also referred to as zero day exploits.

As you can imagine, modern software is complicated and may contain many millions of lines of code. As hard as they may try, weaknesses in that code will make it past even the most rigorous QA testing and into the real world. Any attack that uses a weakness not known to the public or found by the programmers at release is called zero day because they have had zero days to protect against it.

It might help to know how virus scanners and malware checkers work to put this into context.

What is a zero day virus2

How virus scanners work

Every computer that connects to the internet should have some form of virus and malware scanning software. It scans every file you open for threats and will run scheduled scans on every file on your hard drive to see if it can find any viruses or malware.

To do this it uses two techniques, signature analysis and heuristics.

Signature analysis

Signature analysis uses ‘virus definitions’ to identify malicious code. It uses a signature provided by the company who run the antivirus software and is essentially a snapshot of what a particular virus code looks like. The scanner has many of these signatures and will compare every file on your computer to one of these to see if it is a virus or not.

It is a very effective way of identifying malicious code but has one fatal flaw. It depends entirely on the virus being known. This means a security company must already have found it, identified it and shared the signature. Your software must then have downloaded the latest signature and be using it. Zero day attacks usually occur before these signatures can be produced.

Heuristics

Heuristics, or heuristic-based detection, is where the antivirus scanner will look for activity that looks like a virus. It looks at behavior, patterns in code and activity that isn’t typical of the file type to identify malicious code. Your antivirus software watches everything that goes on within the device and will stop any program or code that it thinks is suspicious or that looks like it is doing something it shouldn’t.

To be effective, your security software should be configured to always be running, to scan files in the background and to update itself regularly. Good quality security software will install with these settings as default. It is vital that you do not mess with these settings unless you really know what you’re doing.

Zero day virus

A computer virus is regarded as malicious code that attaches itself to another program. Once activated it will replicate itself and perform whatever action it was programmed to perform. This could be to overwrite files, delete them, propagate itself to other connected devices or something else.

Viruses are incredibly common and there are millions of different types of virus. Just like a biological virus, computer viruses can be mutated to do different things. Unlike a biological virus, it does not usually mutate itself but has to be mutated by someone.

Zero day malware

Zero day malware refers to malicious code that has been written to exploit as yet unknown (to users and programmers at least) vulnerabilities. Malware is spread in a variety of ways including drive-by attacks on infected websites, spam email, infected email attachments, phishing, infected ads and other vectors.

Malware is designed to perform a range of tasks from hijacking your device (ransomware), stealing your personal information, creating a botnet or joining one.

Zero day worms

Worms are self-contained programs that can find their own way onto your computer and perform actions without any activation. They can then delete files, spread across a network, copy logins and passwords and a range of other activities. Zero day worms, like the other zero day threats are those that have yet to be identified and mitigated against by security software providers.

Zero day Trojans

Zero day Trojans are more rare but are still a threat. Named after the famous Trojan horse that allowed Greek soldiers to hide inside to sack Troy, computer Trojans allow another person to access your device to wreak havoc or harvest your personal data.

What is a zero day virus3

How to protect yourself from zero day threats

So you now know that by their very nature, zero day viruses and malware are largely unknown to your antivirus software. It depends entirely on heuristics to see it the code is acting suspiciously or not and then do something about it. As you can imagine, this is an inexact science. So aside from using good antivirus software and a malware scanner, is there anything you can do to protect yourself from such threats?

Patch management

Software patches are pieces of code written by vendors that plug vulnerabilities and fix bugs. Allowing all of your programs to automatically update will go a long way to minimizing the potential for exploits. This is especially true for operating systems. Whether you use Windows or OS X, you need to allow automatic updating to help protect your device.

Good internet hygiene

The internet is a wonderful resource but it is also a bit like the Wild West and some corners of it you just don’t want to go. Always keep your browsers up to date, allow your antivirus software to integrate with it and be careful where you go. Never click on email links from people you do not know and never download files unless you trust the provider.

Always use a firewall

A firewall works separately to your antivirus and watches all internet traffic into and out of your device. It scans traffic and can pick up anything strange and alert you to it. This is useful in preventing zero day threats ‘phoning home’ to report a successful infection or broadcasting your files or data back to their creator.

On its own a firewall is not very effective at preventing zero day threats. Used in conjunction with a good quality antivirus and malware scanner and it can strengthen your defenses significantly.

How To Change your IP Address in Windows

Read Next 

Leave a Reply

Your email address will not be published. Required fields are marked *


Random

May 16, 2017

944 Articles Published

You May Like

Fake Location Life360
SECURITY

How To Fake Your Location on Life360
Robert Hayes

Feb 29, 2024
3 mins read
Ugreen NASync Series feat
SECURITY

Ugreen Unveils NASync Network Attached Storage
Ronil Thakkar

Jan 18, 2024
3 mins read
1Password Export File
SECURITY

How to Export Passwords and Other Data From 1Password
Ashish Mohta

Nov 12, 2023
3 mins read
How to Add 2FA to 1Password
SECURITY

1Password: How to Enable Two-Factor Authentication
Ashish Mohta

Oct 30, 2023
3 mins read
Data Shared on Dark Web
SECURITY

How to Check if Your Data Has Been Shared on the Dark Web
Ashish Mohta

Sep 15, 2023
3 mins read
                             

More

TORRAS-Ostand-Power-Banks2 TORRAS-Ostand-Power-Banks2
GALAXY S
TORRAS Ostand Power Banks: Top 5 Features You Must Know
Namrata Gogoi

Apr 3, 2024
3 mins read
How to Use Facebook Marketplace Without an Account How to Use Facebook Marketplace Without an Account
EMAIL
How to Use Facebook Marketplace Without Facebook Account
Ashish Mohta

Mar 15, 2024
3 mins read
how to text someone from a different phone number (not your own) how to text someone from a different phone number (not your own)
ANDROID
How To Text Someone from a Different Phone Number (Not Your Own)
Ronil Thakkar

Mar 13, 2024
3 mins read

More

Zoom How to Change Name
ZOOM

How to Change Your Name in Zoom
Arch

May 31, 2021
3 mins read
AMAZON.COM

How To Filter By Color in Google Sheets
Robert Hayes

Jan 15, 2020
3 mins read

Copyright @2024 TechJunkie

Copyright @2024 TechJunkie