Back to Top

Malware in plain English

Let's start this article with a simple definition. "Malware" is a combination of two words: "malicious" and "software". It refers to a huge variety of hostile software, including viruses, spyware applications, and so on.


While most of malware was built for purely evil purposes in the past, many cyber criminals have recently built profitable businesses using rogue applications. To give you an example, some of them use malware which is installed on their victims' computers to attack various targets over the Internet. These are the so-called DDoS attacks; here's a really good guide that explains them.


Other malicious pieces of software are used to spread unsolicited emails, which include affiliate links, and make their senders money anytime a person clicks one of those links and purchases something. In fact, some cyber criminals may earn money even if people will only get to see the ads that they are sent to.


Sometimes, viruses are used to commit identity theft frauds. Recently, villains started to use advanced malware, which encrypts all the data on the victims' computers, and then asks for a ransom in exchange for the data decryption key.


As you can see, malware consists of many types of bad software: viruses, adware, spyware, worms, trojans, and so on. We will only focus on the most frequent types of malware in this article, though.


1. Viruses


Viruses spread by infecting other programs, attaching themselves to the targets. To initiate the infection, a person has to click a link that leads to an infected webpage, or to run an already infected application.


In the past, typical viruses used to insert a copy of themselves into each and every executable application that was installed in the computer. Some of them used to infect the hard disk boot sectors, thus executing themselves each time the operating system was run. This allowed them to stay in the memory at all times, being ready to infect more and more applications.


Memory resident viruses were and continue to be some of the most dangerous types of rogue applications. And to make things even more complicated, cyber criminals have created polymorphic viruses, which are able to mutate, changing their data checksum after each infection. This has made it much harder for antivirus applications to detect them based on their signatures.


2. Worms


Worms are similar with viruses, but they are able to infect computers, tablets and phones without needing any human input or action. They usually consist of two components, with one of them running locally and trying to connect to the second, remote component. Once that a worm has become active, it can accept instructions from the remote server and runs commands on the infected computer.


Often, the infected computer will download a rogue application from the remote server, and then it will start looking for another computer that can be infected as well. This way, the infection will continue to propagate even if the remote server is shut down.


3. Trojans


Trojans are evil applications disguised as useful apps, plug-ins, etc. People infect their computers by running these apparently desirable programs. So, to get infected with a trojan, you will need to run it yourself.


The good news is that trojans are unable to replicate themselves, so the infection will be limited to a single device. Nevertheless, trojans can install keyboard logging applications, or they allow hackers to get remote control over your desktop, delete your data, install viruses, and more.


So, how can you protect your computer from getting infected with one of these types of malware? Avoid visiting shady websites, for example. Avoid downloading and opening attachments that come from people you don't know. Keep your computer's operating system and all the applications updated.


Install a commercial quality antivirus which also includes anti-malware capabilities. You want to use a product that is able to detect polymorphic malware, and is updated on a daily basis.