What is malware?
26 April 2017
Malware is an umbrella term, which refers to a type of malicious software designed specifically to disrupt, damage or gain access to a computer system, without knowledge of the owner. It can be used to compromise computer functions, steal data, bypass access controls and cause other types of harm.
A piece of software is usually described as malware based on the intent of the creator, and it can take the form of executable code, scripts, active content and other software.
Some of the most commons forms of malware are:
Short for advertising-supported malware. This type of malware automatically delivers advertisements such as pop-ups on websites and advertisements that are displayed by the software. Most adware is sponsored or authored by advertisers and serves as a revenue-generating tool. Some adware can come bundled with spyware, making it even more dangerous due to its ability to track user activity and steal information.
These are software programs which have been created to automatically perform certain actions. Although some bots are created for relatively harmless purposes, malicious use is increasingly common. Bots can be used for a number of things including:
- in botnets for DDoS attacks;
- as spambots that render advertisements on websites; and
- as web spiders to scrape information or for distributing malware.
A bug is a flaw which produces an undesired outcome. They are typically the result of human error and can exist in the source code of a program. There are different severity levels of bugs. Minor bugs only affect a program’s behaviour slightly, which is why they can go for long periods without being discovered. More significant bugs can cause issues like freezing or crashing. Security bugs are the most severe of all, they can allow attacks to bypass user authentication, override access privileges or steal data.
Computer worms are the most common form of malware. They typically spread over computer networks by exploiting vulnerabilities in the operating system, and cause harm by consuming bandwidth and overloading web servers. However, they can also contain “payloads” which damage host computers. Payloads are pieces of code written to perform actions on affected computers such as data theft, file deletion and botnet creation.
A fileless infection is malicious coding written directly to RAM and exists only in memory, rather than installed onto the target computer’s hard drive.
This is a type of surveillance software which records every keystroke made by a computer user. It can be used maliciously to gain unauthorised access to passwords or other confidential information.
This is a type of malware which restricts a user’s access to their computer, either by encrypting files or locking down the system and then demands payment for the restrictions to be removed. Once access is restricted the ransomware will display threatening or frightening messages to make the user pay up. For example, threatening to permanently delete all files if a sum of money is not paid within 24 hours.
This is a type of malicious software designed to remotely access or control a computer without being detected by the user. They can be particularly dangerous because once they are installed it is possible for the person behind the rootkit to remotely execute files, steal data, modify system configurations and software, install concealed malware or control the computer as part of a botnet.
This is a type of malware designed to trick a user into purchasing useless, and potentially harmful, software. It can take the form of fake virus alerts, false software updates or sham malware removal tools. This frightens users, who believe their device is infected, and they download what they think is genuine security software or an essential update. Once installed it may run fakes scans which end up detecting more “threats” and convince you to pay for their removal.
This type of malware that functions by spying on users without their knowledge. This can include activity monitoring, collecting keystrokes, harvesting data and more.
This type of malware tricks users by disguising itself at as ordinary file or program. Once downloaded and installed, a Trojan Horse can give an attacker remote access to the infected computer. They can steal data, install more malware, modify files, monitor user activity and use the computer in botnets.
This is a form of malware capable of copying itself and spreading to other computers. They often spread by attaching themselves to various programs and executing code when a user launches one of those infected programs. Viruses can spread through script files, documents, and cross-site scripting vulnerabilities in web apps.
All malware spreads and affects computers in different ways, but there are some common symptoms you can look out for.
- Increased CPU usage
- Slow computer or web browser speeds
- Problems connecting to networks
- Modified or deleted files
- Strange files, programs or desktop icons
- Programs running, turn off or reconfiguring themselves
- Strange computer behaviour
- Emails sent automatically, without the users’ knowledge