Malware is an inevitable consequence of the digital information age. The growing dependence on computers and other smart communication devices further increase the prevalence and risks associated with this unfavorable digital offshoots. The process of globalization and the resulting global economic integration have fueled the pervasiveness of consumer electronic products. This increases the motivation for developing malicious software programs.
Take note that “malware” is a general term that represents different types of software programs or computer applications that interfere with the normal and intended functions or purpose of a computer system. Most of these programs are developed and spread with malicious or harmful intentions. The term itself is an amalgamation of two words: malicious and software. This article identifies and defines or discusses the different types of malware.
3 Major Types of Malware: Virus, Worm, and Trojan Horse
Malwares can be categorized according to their mode of operation and features. The following discussion describes the different types of malware, while also explaining some similarities and differences between a virus, worm, and Trojan horse:
This is a type of malware that operates similarly to viruses that affect living organisms. It infects a computer through the execution and insertion of its code inside existing software programs or applications before replicating itself. The most commonly infected programs include data files and the boot sector of the hard disk or solid-state storage.
It is important to note that replication or propagation is not the primary function of a computer virus. This malicious software code or program is purposely designed to corrupt data, steal data or information, or alter how a computer responds or behaves. A virus can damage a computer either at the operating system, software, or hardware level.
A worm operates similarly to a computer virus. It has the same mode of operation when it comes to replication and spreading across a computer and between computers. However, compared to a virus, this type of malware runs as a standalone software. Take note that a virus relies on the host software or application for it to become operational.
The independence of a computer worm means that its main purpose is to replicate independently and spread to other computers through a network or file-sharing routes. Most worms are used to slow down a network by increasing bandwidth usage. Note that there are worms programmed to harbor and install payloads containing other types of malware.
This type of malware does not replicate or spread unlike a virus or a worm. A particular Trojan horse disguises itself as an authentic and harmless software program such as an app, video game, software update, or utility tool. This encourages and prompts human interaction or intervention through software download, installation, and eventual software execution.
Nevertheless, once installed, a Trojan horse attacks a computer. It can simply annoy a computer user, destroy other software, steal data and information, or become a carrier of a virus or worm. The most common use case of this type of malware centers on data and information theft or gaining backdoor access to a computer or the entire network.
5 Subtypes of Malware: From Backdoor and Spyware to Botnets
It is important to note that viruses, worms, and Trojans are the primary categories or types of malware. Malwares have been further categorized based on more specific characteristics and their modes of operation and features. Below are the details:
A backdoor is a specific type of malware that is programmed to grant third-party or unauthorized remote access to a computer system or computer network once installed. It can be included as a hidden part of a computer program, a separate standalone program, or a code within the firmware of hardware, another software, or an operating system.
Take note that the term “backdoor” also refers to different methods used for bypassing security protocols in computer systems and networks. These methods center on getting through normal authentication requirements or decrypting an encrypted security system or protocol. A backdoor is considered a malware if it is used as a software or software code.
Software programs such as key loggers, desktop recorders, and memory scrapers are examples of information stealers or spywares. These malicious software programs operate by monitoring and recording or logging specific computer activities. The logs are either saved to the computer for retrieval or sent to another computer through the network.
A key logger records all keystrokes done using the keyboard attached to a computer. This makes it making it stealing passwords. A memory-scraper scans the random access memory found in specific computers such as point-of-sales terminals to collect pertinent data such as credit card information, personal information, or purchasing history, among others.
Another specific type of malware is ransomware. It is programmed to attack a computer system and render it unusable either by blocking general access or encrypting or locking the system or selected files and programs. It can also attack an entire network or more specific systems such as an intranet portal, published website, or a particular database.
Ransomware is essentially used for extortion. It takes a computer or a system as a hostage and locks it for an undefined period until a user pays ransom money in exchange for access. Some use cases involve using a ransomware to technically steal data and information from a computer or network by temporarily preventing access from authorized users.
Advertising-supported software or adware is originally a legitimate software used for deploying advertisements and generating revenues. Common examples of an adware can be found in open-source software programs and free mobile applications. Several websites also contain a ton of adware as part of their income-earning or revenue models.
However, when used as a specific type of malware, an adware forcibly presents unwanted ads that can pester computer or software users. Some adware unknowingly collects data and other information to track computer and internet usage behavior. The obtained data and information are used for running and delivering targeted online advertisements.
A botnet or robot network is a collective term for a network of remote-controlled computers that are infected by a malware. The infectious malware binds different computers into a single or unified network of computers that can be controlled from a single point. This allows multiple and simultaneous operations that are usually done remotely.
The uses of botnets in fraudulent activities include crippling a website by triggering high traffic or launching distributed denial-of-service attack, slowing down a network by maximizing the limits of the network bandwidth, tapping the hardware resources of computers for activities such as cryptocurrency mining, and generating revenues via pay-per-click ads.