Malware Explained

Malware, also known as malicious software, is software that is created to steal data or information or destroy files and systems.  Viruses are a subset of malware.  All viruses are malware.  Not all malware is a virus.  A virus is noted for its ability to replicate itself and move from computer to computer and network to network.  Malware and viruses may function differently but they are all designed to steal personal information, data and/or destroy systems.

Computer viruses are known from moving from host to host without any interaction from an active user.  The first computer viruses appeared in the 70s.  These viruses could jump from machine to machine and print a message on the computer screen.  This early virus would remove itself from a previous machine when it found a new machine.  This means it did not spread to multiple machines at once.  It was not a destructive virus and was probably developed as an experiment.

Some of the commonly known types of malware are viruses, worms, Trojans, ransomware, spyware, adware, and bots.  Malware can not only capture and destroy data but malware has evolved to target the physical hardware of systems.

Viruses and worms are alike in that they both self-replicate and can spread copies of themselves.  Sometimes these copies will self-modify with each new copy.  A worm operates independently of other files, whereas a virus will depend on a host program to spread itself.


A computer virus is a type of malware that propagates by inserting a copy of itself into and becoming part of another program.  It spreads from one computer to another infecting each computer as it goes.  Viruses can range in severity from being an annoyance to the destruction of data and software and even cause denial-of-service conditions.  Almost all viruses are attached to an executable file.  This means that a virus can exist on a system and not become active or able to spread until a user activates it by running or opening the infected file.  One common way that viruses are spread is through email attachments.  They can also be spread by using the network, a disk, or file sharing.


Computer worms are another form of malware that replicates copies of themselves and can cause the same type of damage that a virus can do.  The difference is that worms are standalone software and do not require a host program or a human opening or running an executable file.  A worm can enter a computer through a vulnerability in the computer system.  The worm then takes advantage of file-transport or information-transport features of a system to travel throughout the system.  Some worms leverage encryption, wipers, and ransomware malware to harm the targets.  In these instances, they are the delivery mechanism for harmful malware.


Ransomware is a type of malware that threatens to publish a victim’s data or block all access to the victim’s files and data until a ransom is paid.  Individuals, as well as businesses, are targets for ransomware. 


Trojan malware is a harmful software that is designed to look legitimate.  Users are usually tricked into loading and executing it on their systems thinking it is a legitimate tool or software.  A trojan can be designed to perform any kind of theft or destructive task.  Some trojans are just annoying with pop up ads but some can destroy the host by deleting files, stealing data and activating and spreading viruses.  Trojans are spread by user interaction like opening an email attachment or downloading and executing a file from the internet.


A bot is derived from the word “robot” and is an automated process that interacts with other network services.  A common use of bots is to gather information or interact automatically with Instant Messaging and Chat programs.  They are also used sometimes to interact dynamically with websites.

Bots can have good uses and they can also be used for malicious purposes.  A malicious bot is self-propagating and is designed to infect a host and connect back to a central server that acts as a command control center.  Bots can log keystrokes, gather passwords, capture and analyze packets of data, gather financial information and create a Denial of Service attack.  They can also relay spam and open backdoors to allow access to the system.  Advanced botnets may take advantage of the internet of things which are devices such as home electronics and appliances to increase automated attacks.


Spyware is a type of malware that gathers information about a person or organization without their knowledge. 


Adware is software that generates revenue for its developer by automatically generating online advertisements in the user interface or on a screen presented to the user during the installation process.  The generated revenue can be the display of the advertisement or “pay-per-click” basis if the user clicks on the advertisement.

Every use and functional aspect of a computer or network is a potential target for malware.  The challenge is to have in place a system or method for preventing malware attacks.  If we are aware of what the potential problems are, we can take the most cost-effective action to prevent risks to our computers or systems.  A very simple measure is to keep current with all OS and application updates and patches.  But this is not enough.   Comprehensive cybersecurity is mandatory for all your devices.  Desktops, laptops, tablets, and smartphones.  The best cybersecurity solutions provide real-time protection for all your activities.   Cybersecurity best practices will be explained in an upcoming post.