Different types of malware

Cybersecurity 101: Different Types of Malware

Malware is an inevitable consequence of the digital information age and the growing dependence on computers further increase the prevalence of risks associated with thus unfavorable digital offshoots.

Take note that a “malware” is a general term used to indicate different types of software programs that interfere with the normal and intended function of a computer. From the word itself, malware is an amalgamation of two words: malicious and software.

3 major types of malware: The difference between virus, worm, and Trojan horse

A malware is categorized according to its mode of operation and features. The following discussion describes the different types of malware, while also explaining some similarities and differences between a virus, worm, and Trojan horse.

1. Virus: A type of malware that operates similarly to viruses that affect living organisms. It infects a computer through execution and insertion of its own code inside existing software programs or applications before replicating itself. Commonly infected programs include data files and the boot sector of the hard drive.

But replication and propagation are not the primary functions of a computer virus. It is intentionally programmed to delete or corrupt data, steal information, or alter how a computer responds and behaves.

2. Worm: Worm operates similarly with a virus, specifically in the manner it replicates and spread across an infected computer system. However, this type of malware runs as a standalone software whereas a virus relies on a host software or application.

The apparent independence of a computer worm means that it functions primarily to replicate independently and spread to other computers, often through a computer network. Most worms are used to slow down a network by increasing bandwidth usage. However, there are worms designed to carry and install payloads containing other types of malware.

3. Trojan: This type of malware does not replicate or spread unlike a virus or a worm. A Trojan horse disguises as an authentic and harmless software program, thus encouraging and prompting human interaction through installation and execution.

Once installed, a Trojan attacks a computer. It can simply annoy a computer user, destroy other software, steal data and information, or become a carrier of a virus or worm.

5 subtypes of malware: From backdoor to botnets

Essentially, viruses, worms, and Trojans are the primary categories or types of malware. However, a malware can be further categorized based on more specific characteristics or modes of operation and features.

1. Backdoor: A backdoor is a specific type of malware that is programmed to grant third-party or unauthorized remote access to a computer or computer network once installed. It can be included as a hidden part of a computer program, a separate standalone program or application, or a code within a firmware of a hardware or an operating system.

It is important to note that the term “backdoor” also refers to different methods used for bypassing security protocols in computer systems, specifically by getting through standard authentication requirements or decrypting an encrypted computer.

2. Spyware: Software programs such as keyloggers, desktop recorders, and memory scrapers are examples of information stealers. They work by monitoring and recording or logging specific computer activities.

Once installed, for example, a keylogger records all keystrokes done using the keyboard attached to a computer, thus, making it effective in stealing passwords. A memory-scraper malware, on the other hand, monitors and scans the random access memory found in specific computer devices such as point-of-sale terminals to collect personal data and information, including credit card information, among others.

3. Ransomware: Another specific type of malware is ransomware. It is programmed to attack a computer system and render it unusable either by blocking general access or decrypting the entire system or selected files and programs.

Ransomware is primarily used for extortion activities. It takes a computer as a hostage and locks it for an undefined period until a user pays ransom money in exchange for access. It can also be used to technically steal data and information by preventing access from their original user.

4. Adware: Advertising-supported software or adware is originally a legitimate software used for deploying advertisements and generating revenues. Typical examples of an adware can be found in open-source software programs and free mobile applications.

However, when used as a specific type of malware, an adware forcibly presents unwanted advertisements. Some adware unknowingly collects data and information to track computer and Internet usage behavior and deliver targeted online advertisements.

5. Botnet: A botnet or robot network is a collective term for a network of remote-controlled computers that are infected by a malware. The infectious malware binds different computers into a single network that can be controlled from a single point, thus allowing multiple and simultaneous operations.

The use of botnets in fraudulent activities includes crippling a website by triggering high traffic, slowing down a network by generating high bandwidth and consuming excessive system resources, and generating revenues through pay-per-click ads.