The different types of malware

Cybersecurity 101: Different types of malware

Share on FacebookTweet about this on TwitterShare on Google+Share on RedditShare on LinkedIn

Malwares are an inevitable consequence of the digital information age and the growing dependence on computers further increase the prevalence of risks associated with these unfavorable digital offshoots.

Take note that a “malware” is a general term used to indicate different types of software programs that interfere with the normal and intended function of a computer. From the word itself, malware is an amalgamation of two words: malicious and software.

3 major types of malware: Virus, worm, and Trojan horse

Malwares are categorized according to their mode of operation and features. The following discussion describes the different types of malware, while also explaining some similarities and differences between a virus, worm, and Trojan horse

1. Virus: A type of malware that operates similar to viruses that affect living organisms. It infects a computer through execution and replicated itself by inserting its own code inside existing software programs before replicating itself. Commonly infected programs include data files and the boot sector of the hard drive.

But replication and propagation are not the primary functions of a computer virus. It is intentionally programmed to delete or corrupt data, steal information, or alter how a computer responds and behaves.

2. Worm: Worm operates similarly with a virus, specifically in the manner it replicates and spread across an infected computer system. However, this type of malware operates as a standalone software whereas a virus relies on host software.

The apparent independence of a computer worm means that it functions primarily to replicate independently and spread to other computers, often through a computer network. Most worms are used to slowdown a network by increasing bandwidth usage. However, there are worms designed to carry and install payloads containing other types of malware.

3. Trojan: This type of malware does not replicate or spread unlike a virus or a worm. A Trojan horse disguises as an authentic and harmless software program, thus encouraging and prompting human interaction through installation and execution.

Once installed, a Trojan attacks a computer. It can simply annoy a computer user, destroy other software, steal data and information, or become a carrier of a virus or worm.

5 subtypes of malware: From backdoor to botnets

Essentially, viruses, worms, and Trojans are the primary categories of malware. However, malwares have been further categorized based on more specific characteristics or modes of operation and features.

1. Backdoor: A backdoor is a specific type of malware that is programmed to grant third-party or unauthorized remote access to a computer or computer network once installed. It can be included as a hidden part of a computer program, a separate standalone, program, or a code within a firmware of a hardware or an operating system.

It is important to note that the term “backdoor” also refers to different methods used for bypassing security protocols in computer systems, specifically by getting through normal authentication requirements or decrypting an encrypted computer.

2. Spyware: Software programs such as key loggers, desktop recorders, and memory scrapers are examples of information stealers. They work by monitoring and recording or logging specific computer activities.

Once installed for example, a key logger records all keystrokes done using the keyboard attached to a computer, thus, making it effective in stealing passwords. A memory-scraper malware, on the other hand, monitors and scans the random access memory found in specific computer devices such as point-of-sales terminals to collect personal data and information, including credit card information, among others.

3. Ransomware: Another specific type of malware is ransomware. It is programmed to attack a computer system and render it unusable either by blocking general access or decrypting the entire system or selected files and programs.

Ransomware is essentially used for extortion activities. It takes a computer as a hostage and locks it for an undefined period until a user pays ransom money in exchange for access. It can also be used to technically steal data and information by preventing access from their original user.

4. Adware: Advertising-supported software or adware is originally a legitimate software used for deploying advertisements and generating revenues. Common examples of an adware can be found in open source software programs or free mobile applications.

However, when used as a specific type of malware, an adware forcibly presents unwanted advertisements. Some adware unknowingly collects data and information to track computer and Internet usage behavior and deliver targeted online advertisements.

5. Botnet: A botnet or robot network is collective term for a network of remote-controlled computers that are infected by a malware. The infectious malware binds different computers into a single network that can be controlled from a single point, this allowing multiple and simultaneous operation.

The use of botnets in fraudulent activities include crippling a website by triggering high traffic, slowing down a network by generating high bandwidth and consuming excessive system resources, and generating revenues through pa-per-click ads.