What Is Malware? An Overview
You may hear a lot about malware infection and the dangers of running a server. However, you may also be confused about what this means in real-life terms, or what to do about it. So, let’s find out: when people talk about malware what do they really mean?
Malware is an abbreviation of malicious software, a term used to refer to any software intentionally designed to cause damage to a computer. Malware is usually broken down into a number of categories based on some of the characteristics it displays. Let’s have a look through some of those:
Viruses
First, probably the most common form of malware people will think of are viruses. A virus is defined as a piece of software that hides within other software or files to hide. Once the infected file or software is opened the virus code will run and it can then try to replicate itself into other files or software before running it’s intended task. This may be something that crosses over with another type of malware.
Keyloggers
Keyloggers are pieces of software that log your keypresses and mouse movements. These are usually uploaded to another server controlled by the hacker where the logs can be analyzed for patterns that may match something useful like account login details or banking information.
Trojan Horses
Trojan horses are named after the ancient Greek story of the Trojan horse. In computing terms, they are a piece of software that usually masquerades as something else in order to get users to install it, that when run allows the hacker to gain access to the computer. Unlike a virus, they usually rely on tricking users to spread, rather than spreading themselves.
Rootkits
Rootkits are pieces of software that are used to access privileged areas of a computer system. Once an attacker has gained access to a computer as a low-level user, they’ll often need to gain administrator or root level access in order to do all the things they want. A rootkit uses exploits in the operating system to gain that access, and they can also be used to hide the presence of pieces of malware that are running or installed to hide them from the legitimate users.
Worms
Worms are pieces of software designed to spread automatically throughout networks to as many systems as possible. While this is fairly standard behavior in modern viruses, in the early days, viruses generally required human interaction to spread infection (such as copying infected files to another computer).
Spyware
Spyware is similar to a keylogger, and in many cases may include one. Although it goes further than attempts to gain more information on a user such as websites they visit, the software they use and the various tasks completed. Again, this is reported back to the attacker to use later.
Adware
Adware generally refers to software that is funded through advertising. Malware writers may embed advertising displaying functions in their software in order to earn money from it. As such, a feature of malware adware is random advertisements appearing on the infected computer.
Scareware
Scareware is software that is designed to frighten the user into doing something. Often it uses fake threats of system virus infection or alerts of hacker attacks designed to resemble normal operating system warnings. They will often present links to software for the user to install in order to resolve the problem, often requiring payment in the process.
Ransomware
Ransomware is a type of malware that has become particularly prevalent recently. It works by limiting access to a computer, often by encrypting files, and then requests for money to be paid in order for the files to be decrypted. The payment requests normally involve cryptocurrencies in order to hide the identity of the attacker. All too often victims who pay the ransom find that the attacker didn’t actually have a way to decrypt their files, and find themselves without their files and also out of pocket.