You’re probably most familiar with malware from its regular appearances in the news, typically in relation to big organisations falling victim to it. Just last year, computing giant Nvidia were the victims of a ransomware attack that exposed its data to the world, costing the firm untold sums.
But do you really know what malware is? Join us as we dig into what malware is, the types of malware, how to spot malware and how to prevent malware on your home or work network.
Malware (a contraction of malicious software) is a term used to describe any software that does unwanted things on your computer or device. It can take many forms, from viruses and worms to Trojan horses and ransomware, and can be spread through various means, including email attachments, malicious websites, and infected storage devices.
These nasties can include slowing your CPU, performing tasks of their own or locking your computer down and demanding a ransom. Some can also track your activities and steal sensitive data, such as passwords and files.
Some variations of malware are:
Computer viruses are malicious programs that can cause a lot of damage to your computer and the data stored on it. They can spread quickly and silently without user awareness, making them particularly dangerous. They can corrupt data, delete data, or even take control of a computer, allowing hackers to access personal information or even gain access to a computer’s operating system. This can lead to identity theft, financial loss, or even the destruction of a computer.
To protect yourself, it’s important to have a good anti-virus program installed and to keep it updated regularly. Additionally, be careful when downloading files or clicking on links in emails, and make sure you have a secure, up-to-date firewall in place. Taking these steps can help protect you from computer viruses' potential dangers.
Worms are a particularly common form of malware that spreads via operating system vulnerabilities. The most common way that a worm does its damage is by overloading web servers and using up bandwidth.
They are also capable of carrying ‘payloads’, which are bits of code included to commit certain actions, such as creating botnets, stealing data or deleting files.
Worms are quite similar to viruses. However, there are a number of differences. The main distinguishing factor is that while viruses require user action to spread (running a program, opening a file, using a USB stick), worms often spread by mass-mailing themselves to contacts or similar.
Ransomware has seen plenty of exposure in recent years, owing mainly to the massive 'Wannacry' attack. This type of malware can literally hold a device and its contents hostage, while demanding a ransom to release your data.
Ransomware does this by encrypting a hard drive and displaying a message demanding the user pays a ransom to unlock the device. Ransomware often spreads just like worms, usually arriving in the form of a network vulnerability or downloaded file.
As the name suggests, this form of malware is designed to display unwanted advertisements; this includes pop-up ads and ads shown in the software.
Many free or compromised versions of software come bundled with adware, as it is used to generate revenue for advertisers. Often, adware is backed up by spyware (see below) or other malware to track your activities and steal your data, making it more dangerous than it might seem.
This is malware that secretly monitors, records and sends your activities to a server or malicious attacker.
The types of information typically gathered by spyware include websites visited, system information, location and login credentials. Sometimes spyware has the capability to modify network, system and application security settings too.
Perhaps the most common types of spyware are keyloggers. They can infect a device and track your keyboard activity, sending copies of your usernames, passwords, bank details and more to criminals. For more, read our complete guide to keyloggers.
Browser-jacking malware is closely related to adware. It modifies your browser, ads toolbars, search engine & homepages and can add desktop shortcuts.
This malware can also redirect you to malicious sites and download adware and spyware.
A rootkit is designed to remotely control or access a computer without the user’s knowledge.
Once a rootkit is installed, its malicious owner can execute software, steal data, modify the system or change software (including any software that might have been able to detect the malware). In short, rootkit malware gives somebody else complete control.
This level of secrecy means you may be unable to find or remove a rootkit using typical security software. Consequently, detection and removal rely on manual methods such as monitoring for irregular behaviour.
Trojan malware gets its name from the Greek tale of the Trojan horse. Trojans are programs that are disguised as legitimate files or software in an attempt to trick users into downloading malware.
Once a Trojan is installed, a malicious party can control the device remotely. When the attacker has access to an infected computer, they can monitor user activity, change files and settings, steal data or install more malware.
Bots are generally created to perform non-malicious tasks automatically. However, they are increasingly being used for more malicious purposes. Specifically, bots are being deployed in botnets, as spambots, web spiders scraping server data, and distributing malware on download sites.
Bots are the reason CAPTCHA tests exist, as they cannot usually pass this test without human input.
Your first port of call in spotting malware should be your antivirus software. Running an up-to-date version of an antivirus scanner on a regular basis is vital in finding malware.
However, malware can appear between these scans, and can even evade them, so keep an eye out for the following symptoms:
To protect yourself and your organisation against malware, it is important to implement a combination of technical and non-technical measures. Some key steps to take include: