What is Malware?
Malicious software or malware is generally any software designed to gain access to or damage a computer.
This usually happens without the knowledge of the computer user.
Unless you are a security expert that’s trying to analyze them, the presence of malware on your computer system is most likely bad news.
Malware comes in numerous types and depending on whom you ask, is classified in different ways.
The most common is categorizing them according to their method of attacking your computer system, which is how we will be approaching it.
Do note that some malware types overlap each other, so it’s not surprising to find similarities, but there’s usually a defining trait that sets them apart which we will highlight whenever possible.
For starters, it’s best to get Viruses out of the way.
It’s the most popular form of malware and is the term most people mistakenly use interchangeably with malware.
Viruses were known to wreak havoc wherever they are and on whatever files they get hands their hands on.
While not necessarily applicable to all viruses, most of them have destructive payloads when left unchecked.
These harmful activities can range from occupying hard disk space, using up CPU processing time, corrupting data, to even making entire computer systems unusable.
Its most defining characteristic is that they reproduce themselves or infect other files every chance they get.
This increases the amount of damage they can do as well as the difficulty of containing it as a threat.
Trojan horses distinguish itself from viruses in that instead of cleverly hiding themselves inside other files they instead hide in plain sight.
This means that Trojans usually masquerade as legitimately useful applications while doing undesirable things unnoticed.
Unlike Viruses and Worms, however, Trojans usually do not replicate nor infect other files after it has delivered its payload.
The payload is generally in the form of backdoor exploits that help introduce different types of malware into the user’s system that can do either subtle or destructive damage to a user’s system.
Due to the stealthy nature of Trojans, it is most effective when it introduces other non-disruptive or subtle malware like spyware and adware.
The Trojan virus is so effective that it has also become a popular entry point for disruptive malware like ransomware.
The current trend in malware engineering is that it focuses more on stealing and selling user data to parties.
Those parties with the user data would know best how to exploit this information rather than causing direct harm.
Spyware typically tries to steal user confidential data such as usernames, passwords, credit card numbers, browsing history, and other valuable information.
Since it is designed to steal as much information and exploit it for as long as possible, Spyware usually does not cause any immediate harm to your PC.
After all, they’d want to be able to continue what they are doing without risking detection.
Some governments even resort to the use of spyware in the interest of national security.
In some cases though, they have been known to cause a drop in performance of the PC, due in part to the number of other spyware they bring in that are trying to capture more types of data at the user’s expense.
Much like Spyware, these are usually very subtle in the level of direct harm that it causes the user.
Instead of selling exploitable data, Adware exposes the user to advertisers who have either made the adware himself/herself or the engineer that was sponsored by advertisers.
Adware can loosely be either malware or a legitimate program.
It’s defining characteristic as malware is that the user affected was unaware of the inclusion of ads in the software or if the ads themselves are unavoidable, recurring, or both.
One of the most common ways adware affects users is by hijacking the user’s browser to display more ads from specific advertisers while browsing.
On the other hand, some legitimate software is classified as adware in that these use ads to make money rather than upfront costs to purchase the software.
Some types of adware usually have a paid option that eliminates the inclusion of pushy advertising.
For this reason, some security software does not actively detect adware as legitimate threats.
Rootkits are similar to Trojans in that they serve as a backdoor to introduce more malware to the computer.
It is considered by many to be more dangerous because it embeds itself very deeply into the user's system.
This makes it a more advanced type of malware that proves to be one of the most difficult to detect and remove.
Some types are so deeply hidden that it can survive a complete wipe or reformat of a computer system.
The goal of rootkits is to embed itself into the user’s system and act as a backdoor for other harmful malware.
Due to its elevated privileges, it can also effectively hide both itself as well as cover the tracks of the harmful malware it introduces.
When a malware’s main objective is to spread to as many machines as possible, especially through a network, then it is what many would call a Worm.
Unlike Viruses, most worms do no direct damage to files but may affect network traffic if left unchecked.
Worms are treated as malware because besides replicating itself, its authors can use them for large-scale cyber attacks using clusters of affected PCs.
Some computer worms also come with a harmful payload that can take the form of other malware types such as a virus, spyware, adware, or even the much-maligned ransomware.
Other types of malware such as spyware or adware exploit user data by selling them or exposing them to ads by third parties.
Ransomware takes a much more direct approach by taking data hostage and asking money directly from the user.
Ransomware is found in a user’s system using typical malware fashion such as email attachments or as a payload of another type of malware (such as worms, trojans, and rootkits).
Once it gets past a user’s defenses and is allowed to run, it will silently hide deep into the user’s files while slowly removing access to them.
While some types of ransomware simply keep people out (via a lock screen) from normal computer operations, the worst kind will encrypt the user’s files and leave the encryption key in the sole hands of the malware author (this is sent to them via an internet connection).
Users are then forced to pay a ransom to be able to get back access to their computer and/or files.
While it is not advisable to do so as it encourages the nefarious practice, some are left with no choice as it is the only way to get back valuable data such as family photos or would otherwise put lives at stake if the data were not recovered in time.
Protecting Against All Forms of Malware
While recovery from malware attacks is not unheard of, it is generally a better idea to keep them out in the first place.
Having preventive measures in place is one of the best practices in the industry, and an excellent place to start would be to install an anti-virus component that has real-time scanning and having one of the best detection rates possible.
Having an Anti-virus alone is by no means a silver bullet.
Add additional layers of protection that range from more comprehensive on-demand anti-malware scanners, application whitelisting, and maybe a solid data backup strategy to prevent malware from dealing with significant damage.
But at the end of the day, it’s awareness about malware and some common sense trumps all software-based preventive measures.
Knowing more about the popular types of malware will help users keep them from infecting their PC.