If I get malware, should I worry about it propogating over wifi or should I look for signs of that behaviour first? [duplicate]

Solution 1:

Should you worry about it? Yes.

There are known Server Message Block (SMB) vulnerabilities in e.g. Windows. SMB is a file sharing protocol. If your other systems have not been patched then they can be open to attack and propagation.

As far as any one specific malware package leveraging SMB (or other network protocols), it can be hard to tell, but mapped/open shares are usually "just part of the filesystem" to most software.

Solution 2:

So this is complicated and nuanced.

Most modern OS-based malware is not self-replicating. That said however, once compromised, the malware is likely to install Remote Access Toolkits (RATs) that give the attack infrastructure some degree of control over the system, and may use it to attack other systems in the network (east-west).

Viruses, which use common third party applications to replicate and spread are pretty uncommon these days, but Worms, which use vulnerabilities in OS software do come up every once in a while, and are usually a pretty big deal.

So, there is legitimate reason to question whether a given piece of malware has the capability to spread throughout the network. This also depends significantly on the extent to which the network has been hardened and the devices are managed in a secure manner. for instance disabling insecure protocols like SMBv1 and OS auto-run for disks and network shares will prevent many existing types of malware from spreading across a windows file-sharing network.

That said however, most people are not in a position to evaluate the risk and damage caused by the malware event. Out of an abundance of caution, I'd recommend taking the threat seriously, unless you have reason not to.