What is Malware? Definitions and Examples
You’ve heard the term before, but what exactly is malware and what does it do? Malware is short for Malicious Software. Malware is a term used to describe any intrusive software developed to steal data and damage or destroy computers and computer systems.
Malware infects networks and devices with the purpose of harming those devices, networks and/or users. Depending on the type of malware, and the developer’s end goal, the malware effects can be different ranging from mild and annoying to disastrous.
Types of Malware
Virus – a malicious software attached to a document or file that supports macros to execute it’s code and then spread from one host to the next, much like a biological virus would.
Example: The biggest computer virus ever is the Mydoom virus, which did an estimated $38 billion in damages in 2004.
Worms – Worms are a group of malicious software that rapidly replicates and spreads to any device with in the network. Worms, unlike viruses, do not need a host program to work.
Example: The Sobig worm at $30 billion in damage and the Klez worm at $19.8 billion in damages.
Trojan Virus – This malware is disguised as helpful software programs, and once the user downloads the software, the trojan virus gains access to sensitive data then blocks, modifies or deletes the data. They do not self replicate but they can be extremely harmful to the performance of the device infected.
Example: Emotet is a trojan virus that became famous in 2018 after the U.S. Department of Homeland Security defined it as one of the most dangerous and destructive malware.
Spyware – Spyware is often used to steal financial or personal information. Spyware is malicious software that runs secretly on a computer and reports back to a remote user. Rather than just disrupting a device’s operations, spyware actually targets sensitive information and can grant remote access to outside predators.
Example: CoolWebSearch – This program would take advantage of the security vulnerabilities in Internet Explorer to hijack the browser, change the settings, and send browsing data to its author.
Adware – Adware is not always dangerous, sometimes it simply collects data to show you the appropriate ads. The danger is that it can cause issues for you system, like slowing it down, and it can also redirect your computer to unsafe websites.
Example: DeskAd is a common adware program that shows deceptive ads within your internet browser, redirects your traffic to suspicious websites, and displays pop-up ads. DeskAd starts off very discreetly only to gradually take full control of your browser.
Ransomware – Ransomware is malicious software that gains access to sensitive information within a computer system, encrypts that information so that the user cannot access it, and then demands a financial payout for the data to be released.
Example: WannaCry, launched in 2017. The estimated value at the time was USD 4 billion in losses. The amount required to release each machine was around $300. WannaCry spread via email scams, or phishing. The city of Baltimore was hit by a type of ransomware named RobbinHood, which halted all city activities, including tax collection, property transfers, and government email for weeks.
Fileless Malware – Fileless malware doesn’t install anything on your system initially. It makes changes to files that are native to the operating system, such as PowerShell or WMI. Because your operating system recognizes the edited files as legitimate, a fileless attack is not caught by your antivirus software. Because these attacks are stealthy, they are up to ten times more successful than traditional malware attacks and attacks are on the rise.
Example: The Meterpreter program was able to gain access to the memory of computers at more than 100 banks spread across 40 countries in February 2017.
Rootkit – Once installed, the program gives developers root or privileged access to your system. Rootkits spread through phishing, malicious attachments, malicious downloads, and compromised shared drives. Rootkits can also be used to conceal other malware, such as keyloggers.
Example: The most famous use case of a rootkit in attacks is the 2010 campaign to spread the Stuxnet malware. Using Stuxnet, attackers secretly collected data and downloaded executable files to compromised nodes.
Keyloggers – A keylogger is a tool that hackers use to monitor and record the keystrokes you make on your keyboard. Keyloggers are unique on this list because some people choose to install keyloggers on the devices of significant others and family members as a way to spy on their online activities.
Example: Revealer Keylogger, Ardamax Keylogger, WinSpy, Invisible Keylogger, Refog Keylogger
Bots/Botnets – Short for Robot Network, a bot net is a network of computers that have been infected working together under the control of a single acting person. From one central point, they can command the computers to launch a coordinated criminal action. Many botnets are comprised of millions of computers.
Example: The Cutwail botnet for is an example of a Botnet and can send up to 74 billion messages per day.
How do Infections Happen?
These dangerous programs can be delivered to a system with a USB drive, through collaboration tools and by drive-by downloads, where the programs are automatically downloaded without the user’s permission or knowledge. But, phishing attacks are the most common method of infection. Around 92% of all malware is delivered by email phishing scams through attachments and email links.
There are some basic steps that you can take to protect yourself from becoming a victim of malware:
- Keep your software up to date
- Be cautious of any email attachments or links before clicking on them
- Don’t attach unfamiliar removable devices such as a usb or memory bank
- Scan all downloads with your antivirus software
- Use a non administrator account
- Avoid suspicious websites
- Turn on your firewall
- Use hard passwords
- Limit application privileges
Following these best practices will help to better protect you from malware. You may also want the assistance of a third-party company to give you the peace of mind that you are doing your very best to ensure complete cyber safety; protecting yourself, your business, and your data to the fullest extent. Contact ComRes today by filling out our online form, or call us at 954-462-9600 to receive more information on how we can protect your business, and the many other services we have to offer!