Malware (malicious software) is any software that is deliberately designed to inflict damage to a computer, server, client, or computer network, gain unauthorized access and leak private information, deprive access to information, or unknowingly interfere with the user’s computer security and privacy.
The threat of malware can be mitigated by installing antivirus software, firewalls, regular patches, and regular backups, and by isolating infected systems. Malware is now being designed to evade antivirus software detection algorithms. Examples of malware include computer viruses, worms, Trojan horse, ransomware, spyware, adware, rogue software, wiper, and scareware.
The focus of this article is on viruses, worms, and spyware:
Viruses – This is malicious program code that can self-replicate and spread from computer to computer, via sharing of removable computer media, or the internet. A virus can harmlessly display cute messages on computer terminals, dangerously erase or alter computer files, or simply fill computer memory with junk to a point where the computer can no longer function. A computer virus is a type of malware, that spreads between computers and causes damage to data and software.
Computer viruses aim to disrupt systems, cause major operational issues, and result in data loss and leakage. A key thing to know about computer viruses is that they are designed to spread across programs and systems. Computer viruses typically attach to an executable host file, which results in their viral codes executing when a file is opened. The code then spreads from the document or software it is attached to via networks, drives, file-sharing programs, or infected email attachments.
Worms – Destructive programs that may destroy data or use up tremendous computer and communication resources. Such programs do not change other programs but can run independently and travel from machine to machine across network connections by exploiting vulnerability and application/system weaknesses. Worms also may have portions of themselves running on many different machines; a computer worm is a type of malware whose primary function is to self-replicate and infect other computers while remaining active on infected systems. Worms exploit vulnerabilities in networking protocols to propagate by filling parts of the operating system that is automatic and invisible to the users. Computer worms often consume the entire system’s memory and slow or stop other programs from running. Computer worm loads and begins to run on a newly infected system, remain active on an infected system for as long as possible, and spread to as many other vulnerable systems as possible.
Spyware (spying software) is software that gathers information about a person or organization and sends it to an unauthorized third party in a way that harms the user either by violating their privacy or compromising the security of their devices. This feature may be present in malware as well as in legitimate software. Websites may exhibit spyware behaviors like such as web tracking. Hardware devices can also display spyware activities such as keystroke loggers and system analyzers that collect sensitive and critical information, such as credit card numbers, bank details, etc. from the host and then transmit the information to the originator when an online connection is detected.