To understand how malware works, we should first see the anatomy of a malware attack, which is separated in five steps as shown below −
Let us understand the above-mentioned points in detail.
A malware can enter into the system in many ways −
The user visits his favorite website that has been infected recently. This can be an entry point for a malware.
If a user clicks on a URL that has come in an email, it will hijack that browser.
Malware can also enter through any infected external media such as a USB or an external hard drive.
The malware initiates a process that redirects the traffic to an exploit server which checks the OS and applications such as the browser, Java, Flash player, etc.
In this phase, the exploit will try to execute based on the OS and will find a way to escalate the privilege.
Now, the exploit that was successfully installed will upload a payload to maintain access and to manage the victim like remote access, file upload/download, etc.
In this phase, the hacker who manages the Malware will start to steal your data, encrypt your files, etc.