Malware 101: What Is Malware?

by | Mar 31, 2015 | Security

used with permission from Norton by Symantec
by Nadia Kovacs

malware101

Spyware, ransomware, and bots, oh my! A lot of these terms are prevalent on the Internet, but it may seem impossible to know what all these terms mean, and how they actually affect your devices and personal information.

The term, “virus” has been the commonplace word for all malicious software programs for years now; however, a virus is just one type of malicious threat. A virus is classified as a self-replicating piece of malicious code that travels by inserting itself into files or programs. The threats on the cyber landscape have evolved into more than just viruses, and can cause much more damage than viruses can. All of the threats on the Internet landscape are types of malicious software, and therefore now fall under the umbrella term, “malware.”

Malware That Causes Annoying Behaviors

Not all malware is destructive in nature. However, it can still cause extremely annoying behaviors such as generating an overabundance of pop up advertisements or it can cause your computer to run slowly. In addition to annoying behaviors, it can also steal data. This type of malware is not classified as a virus or Trojan horse, however it can still negatively affect a computer and can even introduce other security risks.

Adware

Adware is software that displays unwanted advertising on a computer or mobile device, usually in the form of pop-up ads or redirecting your browser to a specific website. While it won’t cause any direct harm to the users’ device, it can produce very annoying behaviors and can sometimes contain spyware as well.

Browser Hijacker

Browser hijacking is caused by malicious software that redirects your computer’s browser to a predetermined website. Generally used to display advertising, it can also be used to generate visits to a particular website, or can even lead you to a malicious website that will download malware onto your computer.

Spyware

Spyware is designed to do exactly what it sounds like- it hides on your computer and monitors everything that you do. It can track web activity, access emails and even steal username and password information.

Malware That Can Cause Damage and Data Loss

Malware that is malicious in nature aims to steal data from your machine, cause data corruption or will allow an attacker to take over the users’ computer.

Bots

Bots, or robots, are an application that carries out automated tasks on the users’ computer, such as attacks on other machines in order to create a botnet. Once a bot infects a computer, that computer is often referred to as a “zombie”,  as it is now under control of the hacker. Botnets can be used for distributing spam, injecting adware onto other computers, recruiting other computers for Denial of Service (DoS) attacks and more.

Macro Viruses

Macro viruses are a type of virus that are written specifically to alter macros, which are common commands that word-processing programs use. Found in documents such as Word, Excel and Power Point files, the macro virus will not cause any harm to your computer until it is launched, which usually consists of just opening the document. Once executed, macros can cause changes in text documents, such as removing or inserting words, changing the font, or other strange and annoying behaviors. Some macros can even access email accounts and send out copies itself to a user’s contacts.

Ransomware

Ransomware is a high level threat, as it will hold the data on your computer hostage via file encryption, often demanding a fee to regain access to the data. It usually transmits itself via a Trojan virus, and once infected it encrypts the data on the hard drive. The attacker then demands payment in order for the user to receive the encryption key to unlock the data. Never pay the fee requested to unlock your data. Instead, do regular backups, and if infected, restore your computer from your most recent backup.

Rogueware/Scareware

Also known as rogue security software, rogueware is malware that masquerades as Internet security software. It acts as an antivirus program and performs a false scan on your computer that will alert the user to a virus on what is probably a clean computer. The program then offers to remove the virus for a small fee, or will provide a link that will clean up the “infection.” If a user clicks on that link it can then direct them to a compromised website, allowing for the injection of malware onto the computer. If you receive a message from a program you are not familiar with informing you that you have a virus, do an Internet search of the program’s name and the search results will usually notify you if it is rogueware.

Trojan Horses

Trojan horses can cause severe damage to data such as deletion, modification, copying, stealing and they can even disrupt network activity. This malware is called a Trojan Horse because it hides the malware in what appears to be a normal file, which is akin to the story of the wooden horse used to trick the defenders of Troy into allowing concealed soldiers into their city. There are a multitude of Trojan viruses on the Internet landscape, however, here are a few of the most common:

  • Backdoor Trojan – These Trojans can create a “backdoor” on a users’ computer, allowing the attacker access to the machine in order to control it, upload stolen data and even download more malware onto the computer.
  • Downloader Trojan – The main purpose of these Trojans are to download additional content onto the infected computer, such as additional pieces of malware.
  • Infostealer Trojan – This Trojan’s main objective is to steal data from the infected computer.
  • Remote Access Trojan – This Trojan is designed to give the attacker full control over the computer.
  • Distributed Denial of Service (DDoS) Attack Trojan – This Trojan performs DDoS attacks, which are designed to take down a network by flooding it with traffic.

Worms

A computer worm’s main objective is to spread as many copies of itself in any way possible from computer to computer. A worm can replicate itself without any human interaction and it does not need to attach itself to a program in order to cause damage. Worms can modify and delete files, and even inject additional malware onto the computer.

Certainly, this all sounds like pretty scary stuff, but a good Internet security program will go a long way in helping protect you against these threats.