Types of Malware

Malware

Malware, or malicious software, is any program or file that harms a computer or its user. Common types of malware include;

• computer viruses

• ransomware

• worms

• trojan horses 

• spyware

 These malicious programs can steal, encrypt or delete sensitive data, alter or hijack key computing functions and to monitor the victim's computer activity.

Computer viruses

A virus is a type of malware that, when executed, self-replicates by modifying other computer programs and inserting their own code. When this replication succeeds, the affected areas are then said to be infected. 

Virus writers use social engineering and exploit vulnerabilities to infect systems and spread the virus. The Microsoft Windows and Mac operating systems are the targets of the vast majority of viruses that often use complex anti-detection strategies to evade antivirus software.  

Viruses are created to make profit (e.g. ransomware), send a message, personal amusement, demonstrate vulnerabilities exist, sabotage and denial of service, or to simply explore cybersecurity issues, artificial life and evolutionary algorithms. 

Computer viruses cause billions of dollars worth of economic damage by causing system failure, wasting resources, corrupting data, increasing maintenance costs, logging keystrokes and stealing personal information (e.g. credit card numbers).

Ransomware

Ransomware is a form of malware, designed to deny access to a computer system or data until ransom is paid. Ransomware spreads through phishing emails, malvertising, visiting infected websites or by exploiting vulnerabilities.

Ransomware attacks cause downtime, data leaks, intellectual property theft and data breaches.

Ransom payment amounts range from a few hundred to hundreds of thousands of dollars. Payable in cryptocurrencies like Bitcoin.

Worms

A computer worm is a self-replicating malware program whose primary purpose is to infect other computers by duplicating itself while remaining active on infected systems. 

Often, worms use computer networks to spread, relying on vulnerabilities or security failures on the target computer to access it. Worms almost always cause at least some harm to a network, even if only by consuming bandwidth. This is different to viruses which almost always corrupt or modify files on the victim's computer.  

WannaCry is a famous example of a ransomware cryptoworm that spread without user action by exploiting the EternalBlue vulnerability. 

While many worms are designed to only spread and not change systems they pass through, even payload-free worms can cause major disruptions. The Morris worm and Mydoom caused major disruptions by increasing network traffic despite their benign nature.

Trojan Horse

A trojan horse or trojan is any malware that misleads users of its true intent by pretending to be a legitimate program. The term is derived from the Ancient Greek story of the deceptive Trojan Horse that led to the fall of the city of Troy.

Trojans are generally spread with social engineering such as phishing. 

For example, a user may be tricked into executing an email attachment disguised to appear genuine (e.g. an Excel spreadsheet). Once the executable file is opened, the trojan is installed. 

While the payload of a trojan can be anything, most act as a backdoor giving the attacker unauthorized access to the infected computer. Trojans can give access to personal information such as internet activity, banking login credentials, passwords or personally identifiable information (PII). Ransomware attacks are also carried out using trojans. 

Unlike computer viruses and worms, trojans do not generally attempt to inject malicious code into other files or propagate themselves. 

Spyware

Spyware is malware that gathers information about a person or organization, sometimes without their knowledge, and sends the information to the attacker without the victim's consent. 

Spyware usually aims to track and sell your internet usage data, capture your credit card or bank account information or steal personally identifiable information (PII).

Some types of spyware can install additional software and change the settings on your device. Spyware is usually simple to remove because it is not as nefarious as other types of malware.