Malware, short for malicious software, is any software used to disrupt computer operations, gather sensitive information, or gain access to private computer systems. It can take the form of executable code, scripts, active content, and other software.
Malware term is used to refer to a variety of forms of hostile or intrusive software, including computer viruses, worms, Trojan horses, spyware, adware, ransomware, rootkits, backdoors, scareware, and other malicious programs.
Image: Wild Apples.com (Wooden Trojan Horse crafted from cherry and basswood by Gunther Keil, limited edition)
– To steal personal, financial, or business information;
– To gather guarded information, or to disrupt the operation in general of government or corporate websites;
– Against individuals to gain information such as personal identification numbers or details, bank or credit card numbers, and passwords;
– To take control of users’ computers for illicit purposes – to send email spam, to host contraband data or to engage in distributed denial-of-service attacks (DoS);
– To monitor users’ web browsing, display unsolicited advertisements, or redirect affiliate marketing revenues also called spyware;
– To affect an infected computer in some way, and demands payment to reverse the damage;
– To generate money by click fraud, making it appear that the computer user has clicked an advertising link on a site;
– For criminal purposes, sabotage, often without direct benefit to the perpetrators.
Viruses and worms are the best-known types of malware. They are known for the manner in which they spread, rather than any specific types of behavior.
The term is used for a program that embeds itself in some other executable software (including the operating system itself) on the target system without the user’s consent and when that is run causes the virus to spread to other executables.
Is a stand-alone malware program that actively transmits itself (spreads itself) over a network to infect other computers.
A Trojan horse is any program that invites the user to run it, concealing harmful or malicious executable code of any description. The code may take effect immediately and can lead to many undesirable effects, such as encrypting the user’s files or downloading and implementing further malicious functionality.
Programs designed to monitor users’ web browsing, display unsolicited advertisements, or redirect affiliate marketing revenues are called spyware. Spyware programs are generally installed by exploiting security holes. They can also be packaged together with user-installed software, such as peer-to-peer applications.
Ransomware affects an infected computer in some way, and demands payment to reverse the damage. For example, programs such as CryptoLocker encrypt files securely, and only decrypt them on payment of a substantial sum of money.
A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or areas of its software that would not otherwise be allowed (for example, to an unauthorized user) while at the same time masking its existence or the existence of other software.
A backdoor is a method of bypassing normal authentication procedures, usually over a connection to a network such as the Internet. Once a system has been compromised, one or more backdoors may be installed in order to allow access in the future, invisibly to the user. Backdoors may be installed by Trojan horses, worms, implants, or other methods.
Scareware is a form of malicious software that uses social engineering to cause shock, anxiety, or the perception of a threat in order to manipulate users into buying unwanted software.
Scareware is part of a class of malicious software that includes rogue security software, ransomware and other scam software with malicious payloads, which have limited or no benefit to users, and are pushed by unethical marketing practices.
Some forms of spyware and adware also use scareware tactics.
Protection and Recovery from malware
Software such as anti-virus, anti-malware, and firewalls are used to protect against activity identified as malicious, and to recover from attacks.