Types of Malware

Types of malware

Malware is a term combining mal from malicious and ware from software. It is software designed to inhabit a computer system, often causing damage, usually without the owner’s consent or knowledge. It is a general term for the many forms of annoying software, causing a variety of effects. All forms of malware are sometimes lumped under the heading of “viruses,” but a true computer virus is a specific form of malware. Malware is also incorrectly associated with legitimate software which contains defects in its computer code (“bugs”.) Many forms of malware are written as pranks or practical jokes, but some are written with true hostile/criminal intent. Although there is no official breakdown, we can divide malware into several broad categories of malware: viruses, worms, adware, spyware, hijackers, toolbars, rootkits and dialers. Many, if not most malware programs will fit into more than one category. It is very common for people to use the words adware, spyware, and malware interchangeably. Most products that call themselves spyware or adware removers will actually remove all types of malware. These products each have a list of “definitions” that tell it what to look for. Some products have the same items listed but none seem to have a complete all inclusive list. You MUST only have one anti-virus protection running at a time, but may have several anti-spyware programs installed. The more of these programs running, the slower your system will run. If you have two anti-virus programs installed, they will see each other as a threat and my make your system slow or locking up. Two firewalls (usually a feature included in a protection program) will stop your access to the internet.

Virus

A computer virus is malicious code which inhabits an executable program file which causes that programwhen runto spread to other executable software. A virus may contain a code (“payload”) which performs other actions, such as causing a pop-up window to suddenly appear, containing funny, insulting or obscene messages or to perform actions which are injurious to the computer such as formatting the hard drive. A worm is a program which transmits itself over a network to infect other computers and may carry a payload. A virus requires a user action to spread such as opening an infected word processing file or an email, while a worm spreads automatically. A Trojan horse is a program which seduces the operator into installing or running it, appearing as a valuable or useful addition to the computer system, but concealing a malicious payload. A true computer virus is a program that can copy itself, modify the copies and spread to other computers, by email, floppy or flash drive.

Viruses have been written to target.com and .exe executive files, the boot records of floppy disks and hard drives, macro files in Microsoft Word, Windows and many other file types. PC-type computers and Microsoft programs (including Windows) are most often targeted because they are the most commonly used. A virus author wants the largest number people to be affected; if only a few computers are affected, there is little point to expending the effort of writing the virus. One of the common effects of a virus infection of a computer is that so many copies of the virus may be generated, that much of the computer’s resources are used up and the computer slows down to a snail’s pace. Occasionally, when an anti-virus program scans a computer for viruses, a virus may fail to be detected and the virus may attach itself to the anti-virus software and infect every file scanned by the anti-virus program.

Apple computers and computers running the Linux operating system are (at this time) relatively less affected by viruses because they have a relatively small market share. If all PC computer users suddenly “saw the light” and went out and bought Apple MAC computers (which are very good and in many ways much easier to use than PC computers,) there would soon be a flood of viruses targeting MAC computers appearing.

Worm

A computer worm is a self-replicating type of Malware which sends copies of itself over a network to other computers on the network and often does so without the knowledge or intervention of the computer operator. It does not need to attach itself to a program. Worms usually cause harm to the network by consuming bandwidth and slowing network traffic and may cause major disruptions. Worms may be associated with “payloads” – computer code designed to cause other effect besides spreading the worm, e.g., deleting files or sending files via e-mail. A common payload is to enable the worm author to control the computer containing the worm. Networks of these “zombie” computers are called “botnets” and are commonly used by spammers sending junk mail to cloak their website address. Spammers are a source of funding for worm authors and worm authors have been caught selling lists of worm-infected computers. Some worms have been created for useful purposes such as determining how worms are spread or automatically downloading Microsoft patches, but security experts generally feel that all worms are malicious software (Malware).

Adware

Adware is the class of programs that place advertisements on your screen. These may be in the form of pop-ups, pop-unders, advertisements embedded in programs, advertisements placed on top of ads in web sites, or any other way the authors can think of showing you an ad. The pop-ups generally will not be stopped by pop-up stoppers, and often are not dependent on your having Internet Explorer open. They may show up when you are playing a game, writing a document, listening to music, or anything else. Should you be surfing, the advertisements will often be related to the web page you are viewing.

Spyware

Programs classified as spyware send information about you and your computer to somebody else. Some spyware simply relays the addresses of sites you visit or terms you search for to a server somewhere. Others may send back information you type into forms in Internet Explorer or the names of files you download. Still others search your hard drive and report back what programs you have installed, contents of your e-mail client's address book (usually to be sold to spammers), or any other information about or on your computer – things such as your name, browser history, login names and passwords, credit card numbers, and your phone number and address. Spyware often works in conjunction with toolbars. It may also use a program that is always running in the background to collect data, or it may integrate itself into Internet Explorer, allowing it to run undetected whenever Internet Explorer is open.

Hijackers

Hijackers take control of various parts of your web browser, including your home page, search pages, and search bar. They may also redirect you to certain sites should you mistype an address or prevent you from going to a website they would rather you not, such as sites that combat malware. Some will even redirect you to their own search engine when you attempt a search. Hijackers almost exclusively target Internet Explorer, since it is the most commonly used browser.

Toolbars

Toolbars plug into Internet Explorer and provide additional functionality such as search forms or pop-up blockers. The Google and Yahoo toolbars are probably the most common legitimate examples, and malware toolbars often attempt to emulate their functionality and look. Malware toolbars almost always include characteristics of the other malware categories, which is usually what gets it classified as malware. Any toolbar that is installed through underhanded means falls into the category of malware.

Dialers

Dialers are programs that set up your modem connection to connect to a 1-900 number. This provides the number's owner with revenue while leaving you with a large phone bill. There are some legitimate uses for dialers, such as for people who do not have access to credit cards. Most dialers, however, are installed quietly and attempt to do their dirty work without being detected.