If you want to successfully combat malware, you need to familiarize yourself with the 5 types of malware you might encounter. This includes viruses, trojans, and worms.
Here are 5 malware types explained:
Computer viruses are malicious computer programs that can replicate by modifying computer programs and inserting their own code. Computer viruses can damage files, steal information, take control over systems, etc. Viruses commonly spread via email attachments. The infection initiates when the file attached to the email is opened.
It should be noted that a virus is just one type of malware, and should not be used as an umbrella term for malware (malicious software) as it often is.
These are the three computer virus types:
- Executable file virus. An executable file virus looks for executable files (.exe, .scr, etc.) on the computer, attaches itself to them or overwrites parts of their executable code. These viruses usually spread along with infected files, but modern viruses also have other methods of spreading (email, self-copy, and transfer to network resources or media). Many of these types of viruses are rather complex and use polymorphic or metamorphic schemes to complicate their detection, i.e. each time, the virus is generated in a different way, which prevents such viruses from being easily detected. A notable example of a executable file virus is the CIH virus, also known as Chernobyl or Spacefiller. The virus first appeared in 1998 on the 12th Chernobyl disaster anniversary, hence why it’s sometimes referred to as the Chernobyl virus. This virus overwrote critical information on infected systems. Sixty million computers all over the world are believed to had been infected.
- Boot sector virus. A boot sector virus infects the master boot records (MBR). These viruses are considered to be pretty rare these days.
- Macro virus. Macros viruses are viruses written using Notepad, OpenOffice, Microsoft Office, etc., macro commands. When opening a document damaged by this kind of virus, it would try to overwrite the global template, and would continue to spread via documents created on the infected computer.
Trojan malware are malicious programs that have malicious features and hide in other programs. Trojans spread through browser vulnerabilities, or they are concealed as useful programs and are downloaded by users themselves. Trojans could allow hackers access to the computer. They usually do not replicate, and are spread by viruses, worms or downloaded harmful software. Typical trojan functionality includes keystroke logging, process control, file sending, spying on user, etc.
Worms are computer infections that resemble viruses. Worms can spread via email attachments, which need to be opened for the worm to infect. The worm looks for files, like the address book, that contain email addresses. It then sends itself to those email addresses found on the already infected computer. This tricks users into opening the email, as the sender is someone they know. Worms can also infect via operating system vulnerabilities. They aren’t always harmful for the computer, but usually cause some kind of issue.
Malware with mixed features
Most recent malware can be classified as malware with mixed features. Seeing as malware can be profitable, cyber crooks realized that it’s important to infect more and more computers and stay on them for as long as possible. Infected computers are added to a botnet and are exploited to commit further crimes. Botnets can execute DDoS attacks, send massive amounts of spam, etc.
Hoax malware are fake infections that are sent via emails. The emails usually do not contain any malware but warn the recipient about a non-existent infection. It’s usually a chain email that wants recipients to forward the email to someone else.