Malware, short for Malicious Software, is software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems. It can appear in the form of code, scripts, active content, and other software. 'Malware' is a general term used to refer to a variety of forms of hostile or intrusive software.
Malware includes computer viruses, ransomware, worms, trojan horses, rootkits, keyloggers, dialers, spyware, adware, malicious BHOs, rogue security software, and other malicious programs; the majority of active malware threats are usually worms or trojans rather than viruses. In law, malware is sometimes known as a computer contaminant, as in the legal codes of several U.S. states.
Malware is different from defective software, which is a legitimate software but contains harmful bugs that were not corrected before release. However, some malware is disguised as genuine software, and may come from an official company website in the form of a useful or attractive program which has the harmful malware embedded in it along with additional tracking software that gathers marketing statistics.
Typical malware products detect issues based on heuristics or signatures, based on information that can be assessed to be bad. Some products take an alternative approach when scanning documents such as Word and PDF, by regenerating a new, clean file, based on what is known to be good from schema definitions of the file (a patent for this approach exists).
As malware also harms the compromised websites (by breaking reputation, blacklisting in search engines, etc.), some websites offer vulnerability scanning. Such scans check the website, detect malware, may note outdated software, and may report known security issues.
To learn more about what kind of viruses and malware can harm your computer, and how to protect yourself against them, be proactive and check out their profiles below
A computer virus is a program capable of continually replicating with little or no user intervention. Typically, a piece of code causes damage to your computer either by deleting or corrupting files. A virus can also interfere with computer operations by multiplying itself to fill up disk space or randomly access memory space, secretly infecting your computer. Often viruses are disguised as games, images, email attachments, website URLs, shared files or links or files in instant messages.
Spyware is malicious computer program that does exactly what its name implies, spies on you. After downloading itself onto your computer either through an email you opened, website you visited or a program you downloaded, spyware scans your hard drive for personal information and your internet browsing habits. Some spyware programs contain keyloggers that will record personal data you enter in to websites, such as your login usernames and passwords, email addresses, browsing history, online buying habits, your computer's hardware and software configurations, your name, age and sex, as well as sensitive banking and credit information. Some spyware can interfere with your computer's system settings, which can result in a slower internet connection.
Adware is any software that, once installed on your computer, tracks your internet browsing habits and sends you popups containing advertisements related to the sites and topics you've visited. While this type of software may sound innocent, and even helpful, it consumes and slows down your computer's processor and internet connection speed. Additionally, some adware has keyloggers and spyware built into the program, leading to greater damage to your computer and possible invasion of your private data.
Malware is short for malicious software. Malware is a broad term that encompasses computer viruses, worms, Trojan horses, spyware, adware, and others. Malware is designed to interfere with normal computer operation, usually giving hackers a chance to gain access to your computer and collect sensitive personal information.
A worm is a type of virus that spreads through your computer by creating duplicates of itself on other drives, systems and networks. One feature that makes worms so dangerous is that they can send copies of themselves to other computers across a network via email, an infected webpage, and instant messages.
A Trojan Horse is a program that either pretends to have, or is described as having, a set of useful or desirable features but actually contains damaging code. Generally, you receive Trojan horses though emails, infected webpages, instant message, or downloading services like games, movies, and apps. True Trojan horses are not technically viruses, since they do not replicate; however, many viruses and worms use Trojan horse tactics to initially infiltrate a system. Although Trojans are not technically viruses, they can be just as destructive.
The term adware frequently refers to software that displays advertisements. An example is the Eudora email client display advertisements as an alternative to shareware registration fees. However, these are not considered spyware.
Other spyware behavior, such as reporting websites the user visits, occurs in the background. The data is used for "targeted" advertisement impressions. The prevalence of spyware has cast suspicion on other programs that track Web browsing, even for statistical or research purposes. Many of these adware-distributing companies are backed by millions of dollars of adware-generating revenues. Adware and spyware are similar to viruses in that they can be considered malicious in nature.
Unlike viruses and worms, spyware does not usually self-replicate. Like many recent viruses, however, spyware—by design—exploits infected computers for commercial gain. Typical tactics include delivery of unsolicited pop-up advertisements, theft of personal information (including financial information such as credit card numbers), monitoring of Web-browsing activity for marketing purposes, and routing of HTTP requests to advertising sites.
A few spyware vendors, notably 180 Solutions, have written what the New York Times has dubbed "stealware", and what spyware researcher Ben Edelman terms affiliate fraud, a form of click fraud. Stealware diverts the payment of affiliate marketing revenues from the legitimate affiliate to the spyware vendor.
Spyware which attacks affiliate networks places the spyware operator's affiliate tag on the user's activity — replacing any other tag, if there is one. The spyware operator is the only party that gains from this. The user has their choices thwarted, a legitimate affiliate loses revenue, networks' reputations are injured, and vendors are harmed by having to pay out affiliate revenues to an "affiliate" who is not party to a contract. Affiliate fraud is a violation of the terms of service of most affiliate marketing networks. As a result, spyware operators such as 180 Solutions have been terminated from affiliate networks including LinkShare and ShareSale.
In one case, spyware has been closely associated with identity theft. In August 2005, researchers from security software firm Sunbelt Software suspected the creators of the common CoolWebSearch spyware had used it to transmit "chat sessions, user names, passwords, bank information, etc."; however it turned out that "it actually (was) its own sophisticated criminal little trojan that's independent of CWS." This case is currently under investigation by the FBI.
Some copy-protection technologies have borrowed from spyware. In 2005, Sony BMG Music Entertainment was found to be using rootkits in its XCP digital rights management technology Like spyware, not only was it difficult to detect and uninstall, it was so poorly written that most efforts to remove it could have rendered computers unable to function. Texas Attorney General Greg Abbott filed suit, and three separate class-action suits were filed. Sony BMG later provided a workaround on its website to help users remove it.
Beginning on 25 April 2006, Microsoft's Windows Genuine Advantage Notifications Application was installed on most Windows PCs as a "critical security update". While the main purpose of this deliberately uninstallable application is to ensure the copy of Windows on the machine was lawfully purchased and installed, it also installs software that has been accused of "phoning home" on a daily basis, like spyware. It can be removed with the RemoveWGA tool.
Spyware has been used to monitor electronic activities of partners in intimate relationships. At least one software package, Loverspy, was specifically marketed for this purpose. Depending on local laws regarding communal/marital property, observing a partner's online activity without their consent may be illegal; the author of Loverspy and several users of the product were indicted in California in 2005 on charges of wiretapping and various computer crimes
Anti-spyware programs often report Web advertisers' HTTP cookies, the small text files that track browsing activity, as spyware. While they are not always inherently malicious, many users object to third parties using space on their personal computers for their business purposes, and many anti-spyware programs offer to remove them.
Over-privileged code dates from the time when most programs were either delivered with a computer or written in-house, and repairing it would serve to render most antivirus software essentially redundant. It would, however, have appreciable consequences for the user interface and system management.
The system would have to maintain privilege profiles, and know which to apply for each user and program.
In the case of newly installed software, an administrator would need to set up default profiles for the new code.
Eliminating vulnerability to rogue device drivers is probably harder than for arbitrary rogue executable. Two techniques, used in VMS, that can help are memory mapping only the registers of the device in question and a system interface associating the driver with interrupts from the device.
Other approaches are
Such approaches, however, if not fully integrated with the operating system, would reduplicate effort and not be universally applied, both of which would be detrimental to security.
The best-known types of malware, viruses and worms, are known for the manner in which they spread, rather than any specific types of behavior. The term computer virus is used for a program that has infected some executable software and, when run, causes the virus to spread to other executables. On the other hand, a worm is a program that actively transmits itself over a network to infect other computers. These definitions lead to the observation that a virus requires user intervention to spread, whereas a worm spreads itself automatically.