What is Malware?
It is a common misconception that any software or file that is harmful to your computer is a virus. As a matter of fact, a virus is just one of the many types of malicious software or malware for short. Malware is the umbrella term used to refer to different kinds of hostile and intrusive software which includes computer viruses, worms, Trojan horses, ransomware, spyware, adware, and others that we will be discussing later in this article. Malware can take the form of executable code, scripts, active content, and other software.
Different Types of Malware
The most common types of malware are viruses, worms, and Trojan horses. These three are usually thought to be the same. These three are all malicious programs that can cause damage to your computer. However, learning the difference between the three, as well as all the other types of malware, can help you protect your computer better.
A computer virus is a man-made piece of code that has the capability to copy itself. Microsoft defines a virus as a small software program that is designed to spread from one computer to another and to interfere with computer operation. It is usually loaded onto your computer without your knowledge and will run against your will. Computer viruses typically have a detrimental effect, such as corrupting your system or destroying your data. They will use all available memory and bring your system to a halt.
A computer virus attaches itself to a program or file which enables it to spread from one computer to another, leaving infections as it travels. Viruses have different levels of severity. Some viruses have mildly annoying effects to hardware or software while some might damage your files beyond repair. A computer virus can steal your passwords, display advertisements, or crash your computer. The most dangerous type is the virus that has the capability to transmit itself across networks and bypass security systems.
A computer virus needs human interaction in order for it to be able to cause harm. Almost all viruses are attached to an executable file, which means that the virus may exist on your computer but it can only infect your computer if you choose to run or open it. A virus is spread by sharing infected or infecting files or sending emails with viruses in the attachments.
Famous viruses include the Concept virus, the Chernobyl virus (CIH), and the ILOVEYOU virus.
In a nutshell: Attaches itself to an .exe file. Requires human action to spread.
A worm is similar to a virus by design and is generally considered to be a sub-class of a virus. However, unlike viruses, worms don’t need human interaction. They have the capability to travel from computer to computer on their own. They take advantage of files or information transport features on your system. The biggest danger that a worm poses is its capability to replicate itself on a system. For example, a worm could send a copy of itself to everyone on your address book then it would replicate and send itself out to everyone listed in each of the receiver’s address book, so on and so forth.
Worms typically tend to consume too much system memory or network bandwidth causing web servers, network servers, and individual computers to stop responding.
Examples of worms include the Blaster Worm, which is designed to tunnel into your system and allow malicious users to control your computer remotely, and the Sasser Worm, a computer worm that affects computers running vulnerable versions of Microsoft Windows XP and Windows 2000 by exploiting the system through a vulnerable port. Other famous worms include the Morris worm, the Anna Kournikova worm, and the Storm worm.
In a nutshell: Can replicate itself on a system. Does not require human action to spread.
3. Trojan Horse or Trojan
This type of malware is named after the mythological Trojan Horse. A Trojan Horse, or simply a Trojan, appears to be useful at first by disguising itself as a legitimate file or software from a legitimate source. However, it will cause damage once installed or run on the computer. Some Trojans are designed to be more annoying than harmful while some may cause serious damage by deleting your files or deleting information on your system. Trojans are also known to create a backdoor on your computer that gives malicious users access to your system, possibly allowing confidential or personal information to be compromised. For example, downloading a pirated software may actually contain a Trojan.
Some of the things a Trojan can do include monitoring activity on your computer, joining your computer to a botnet, opening floodgates, and downloading other types of malware to your computer.
In a nutshell: Appears useful but damages system. Requires human interaction. Does not self-replicate.
4. Blended Threat
A blended threat is a more sophisticated attack that bundles some of the worst aspects of viruses, worms, Trojan horses, and malicious code into a single threat. Blended threats can use servers and Internet vulnerabilities to initiate, then transmit and also spread an attack. They cause harm to the infected system on network and propagate using multiple methods. They can attack from multiple points as well.
To be considered a blended threat, the attack should normally serve to transport multiple attacks in one payload. Basically, it can cause damage within several areas of your network in just a single period of time. Because of this, blended threats are considered to be the worst risk to security since most of them require no human intervention to propagate.
In a nutshell: Sophisticated. Bundles aspects of viruses, worms, and Trojan horses. Most require no human action.
A spyware is a type of malware that spies on you without your knowledge. It collects a variety of different types of data. In fact, different types of malware can act as spyware. For example, there are some spyware that get included in Trojans then spy on keystrokes to steal financial data.
In a nutshell: Spies on your computer activity. Other types of malware can act as spyware.
Adware is a type of malware that often comes along with spyware. It is any type of software that displays advertising on computer. However, programs that display ads inside the program itself aren’t generally classified as malware. The kind of adware that’s particularly malicious is the kind that abuses its access to your system to display ads when it shouldn’t. Adwares are considered to be more socially acceptable” than other types of Malware.
An example of an adware is the Ask Toolbar that’s included with Oracle’s Java software.
In a nutshell: Display ads. Not always a threat to your machine.
A keylogger runs in the background, recording every keystroke you make. Keystrokes can include usernames, passwords, credit card numbers, and other sensitive data. Keyloggers upload these keystrokes to a malicious server where it can be analyzed and people can pick out useful passwords and credit card numbers. Different types of malware can act as keyloggers. Employers can also install keyloggers into their employees’ computers for monitoring purposes.
In a nutshell: Records key strokes. Can be used for monitoring purposes.
8. Botnet or Bot
A botnet, also sometimes called a zombie army, is a software program created to automatically perform specific operations. Although some bots are created for relatively harmless purposes such as video gaming, it is becoming alarmingly common to see bots being used maliciously. Each of the computers functions as a “bot” because it becomes infected with a specific piece of malware. Once a botnet infects your computer, it will connect to some sort of control server and wait for instructions from the botnet’s creator. Botnets can be used to initiate a distributed denial of server (DDoS) attack.
Websites can guard against bots with CAPTCHA tests that verify users as human. According to many reports, botnets currently pose the biggest threat to the Internet.
In a nutshell: Turns computers into robots. Rely on unprotected computers that can be turned into zombies.
A rootkit is a type of malware designed to burrow deep into your computer, avoiding detection by security programs and users. A rootkit might hide itself completely, preventing itself from showing up in the Windows task manager. Once a rootkit has been installed, it is possible for the malicious party behind the rootkit to remotely execute files, access or steal information, modify system configurations, alter software, install concealed malware, or control the computer as part of botnet. The key thing that makes a malware a rootkit is that it’s stealthy and focused on hiding itself once it arrives.
Rootkits continually hide their presence and as a result, typical security products are not effective in detecting and removing toolkits. Rootkit detection therefore relies on manual methods such as monitoring your computer for irregular activity, signature scanning, and storage dump analysis. Users can protect themselves from rootkits by regularly patching vulnerabilities in software, applications, and operating systems, updating virus definitions, avoiding suspicious downloads, and performing static analysis scans.
In a nutshell: Good at hiding its presence. Activated each time your system boots up.
Ransomware is a fairly new type of malware. This type of malware holds your computer or files hostage and demands a ransom payment. Some ransomware simply pop up a box asking for money before you can continue using your computer. Most types of ransomware can be defeated by an antivirus software.
An example of ransomware is the CryptoLocker. The CryptoLocker encrypts your files and demands a payment before you can access them. The CryptoLocker is dangerous especially if you don’t have backups.
In a nutshell: Spreads like a worm. Holds your computer system captive in exchange for money.
Read about ways to get rid of malware, click *insert how to combat malware link here*. You can also read about the common symptoms of malware here.