Understanding the Various Types of Malware

By: Ian Schmahmann

Definitions and A Brief Introduction to the Dangers of Malware

1. Introduction.

The ever increasing use of the Internet means more and more computers can be accessed by others through file transfers, e-mails and websites, leaving them susceptible to infection from an increasing number of viruses, Trojan Horses, worms, adware, spyware, etc. These terms can be very confusing as each one is different in characteristics and will cause different problems or damage to your computer.

People will tend to be more on the lookout for these threats if they understand what they are and their potential dangers. This article attempts to clarify the meaning of each of these terms. After reading this article it is strongly suggested that you visit www.bestvalueonline.biz/clearspyware.html for further information on how to protect your PC against this dangerous class of software. Your bank account and identity are ultimately at risk if you do not take action.

2. Malware

Many normal computer users are still unfamiliar with the term 'malware" and most never use it. Instead, "computer virus" is incorrectly used, even in the media to describe all kinds of malware, though not all malware are viruses.

Rather than being defined by any particular features, software is considered malware if the perceived intent of the creator is to cause damage. Malware includes computer viruses, worms, trojan horses, most rootkits, spyware, dishonest adware, and other malicious and unwanted software. In law, malware is sometimes known as a computer contaminant, for instance in the legal codes of California, West Virginia, and several other American states.

Malware is software designed to infiltrate or damage a computer system without the owner's informed consent. It is a shortened combination of the words malicious and software. The expression is a general term used by professionals in the computer industry to cover a variety of hostile, intrusive, or annoying software or program code.

Malware should not be confused with defective software, that is, software which has a legitimate purpose but contains harmful bugs.

3. Trojan Horse or Trojan

In the context of computing and software, a 'Trojan horse', or simply 'Trojan', is a piece of software which appears to perform a certain action but in fact performs another such as a computer virus. Contrary to popular belief, this action, usually encoded in a hidden payload, may or may not be actually malicious, but Trojan horses are notorious today for their use in the installation of backdoor programs. Simply put, a Trojan horse is not necessarily a computer virus. Unlike such malware, it does not propagate by self-replication but relies heavily on the exploitation of an end-user. Therefore, a computer worm or virus may be a Trojan horse. The term is derived from the classical story of the Trojan Horse.

4. Computer Worms

A 'computer worm' is a self-replicating computer program. It uses a network to send copies of itself to other nodes (computer terminals on the network) and it may do so without any user intervention. Unlike a virus, it does not need to attach itself to an existing program. Worms almost always cause harm to the network, if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.

5. Computer Virus

A computer virus is a computer program that can copy itself and infect a computer without permission or knowledge of the user. The term "virus" is also commonly used, albeit erroneously, to refer to many different types of malware and adware programs. The original virus may modify the copies, or the copies may modify themselves, as occurs in a metamorphic virus. A virus can only spread from one computer to another when its host is taken to the uninfected computer, for instance by a user sending it over a network or the Internet, or by carrying it on a removable medium such as a floppy disk, CD, or USB drive. Viruses can also spread to other computers by infecting files on a network file system or a file system that is accessed by another computer.

Viruses are sometimes confused with computer worms and Trojan horses. A worm can spread itself to other computers without needing to be transferred as part of a host, and a Trojan horse is a file that appears harmless. Worms and Trojans may cause harm to a computer system's hosted data, functional performance, or networking throughput, when executed. In general, a worm does not actually harm either the system's hardware or software, while at least in theory a Trojan's payload may be capable of almost any type of harm if executed. Some can't be seen when the program is not running, but as soon as the infected code is run, the virus kicks in. That is why it is so hard for people to find viruses themselves and why they have to use spyware programs and registry processors.

Most personal computers are now connected to the Internet and to local area networks, facilitating the spread of malicious code. Today's viruses may also take advantage of network services such as the World Wide Web, e-mail, Instant Messaging and file sharing systems to spread, blurring the line between viruses and worms. Furthermore, some sources use an alternative terminology in which a virus is any form of self-replicating malware.

Some viruses are programmed to damage the computer by damaging programs, deleting files, or reformatting the hard disk. Others are not designed to do any damage, but simply replicate themselves and perhaps make their presence known by presenting text, video, or audio messages. Even these benign viruses can create problems for the computer user. They typically take up computer memory used by legitimate programs. As a result, they often cause erratic behaviour and can result in system crashes. In addition, many viruses are bug-ridden, and these bugs may lead to system crashes and data loss. Many CID programs are programs that have been downloaded by the user and pop up every so often. This results in slowing down of the computer, but it is also very difficult to find and stop the problem.

6. Spyware

'Spyware' is computer software that is installed surreptitiously on a personal computer to intercept or take partial control over the user's interaction with the computer, without the user's informed consent. While the term spyware suggests software that secretly monitors the user's behaviour, the functions of spyware extend well beyond simple monitoring.

Spyware programs can collect various types of personal information, such as Internet surfing habit, sites that have been visited, but can also interfere with user control of the computer in other ways, such as installing additional software, redirecting Web browser activity, accessing websites blindly that will cause more harmful viruses, or diverting advertising revenue to a third party. Spyware can even change computer settings, resulting in slow connection speeds, different home pages, and loss of Internet or other programs. In an attempt to increase the understanding of spyware, a more formal classification of its included software types is captured under the term privacy-invasive software.

In response to the emergence of spyware, a whole industry has sprung up dealing in anti-spyware software. Running anti-spyware software has become a widely recognized element of computer security best practices for Microsoft Windows desktop computers. A number of jurisdictions have passed anti-spyware laws, which usually target any software that is surreptitiously installed to control a user's computer. Threats vary from the systematic capture of everyday events (e.g., what online sites that are visited or what items that are purchased from online stores) to the mass marketing based on the retrieval of personal information (spam offers and telemarketing calls are more common than ever) to the distribution of information on lethal technologies used for, e.g., acts of terror.

Today, software-based privacy-invasions occur in numerous aspects of Internet usage. Spyware programs set to collect and distribute user information secretly download and execute on users' workstations. Adware displays advertisements and other commercial content often based upon personal information retrieved by spyware programs. System monitors record various actions on computer systems. Keyloggers record users' keystrokes in order to monitor user behaviour. Self-replicating malware downloads and spreads disorder in systems and networks. Data-harvesting software programmed to gather e-mail addresses have become conventional features of the Internet, which among other things results in that spam e-mail messages fill networks and computers with unsolicited commercial content. With those threats in mind, we hereby define privacy-invasive software as a category of software that ignores users' right to be let alone and that is distributed with a specific intent, often of a commercial nature, which negatively affect[s] its users.

In this context, ignoring users' right to be let alone means that the software is unsolicited and that it does not permit users to determine for themselves when, how and to what extent personally identifiable data is gathered, stored or processed by the software. Distributed means that it has entered the computer systems of users from (often unknown) servers placed on the Internet infrastructure. Often of a commercial nature means that the software (regardless of type or quality) is used as a tool in some sort of a commercial plan to gain revenues.

7. Adware

'Adware' or advertising-supported software is any software package which automatically plays, displays, or downloads advertising material to a computer after the software is installed on it or while the application is being used. Some types of adware are also spyware and can be classified as privacy-invasive software.

Adware is software with advertising functions integrated into or bundled with a program. It is usually seen by the developer as a way to recover development costs, and in some cases it may allow the program to be provided to the user free of charge or at a reduced price. The advertising income may allow or motivate the developer to continue to develop, maintain and upgrade the software product.

Some adware is also shareware, and so the word may be used as term of distinction to differentiate between types of shareware software. What differentiates adware from other shareware is that it is primarily advertising-supported. Users may also be given the option to pay for a "registered" or "licensed" copy to do away with the advertisements. Adware can also download and install PUPs to your computer.

8. Rootkit

A 'rootkit' is a program (or combination of several programs) designed to take fundamental control (in Unix terms "root" access, in Windows terms "Administrator" (access) of a computer system, without authorization by the system's owners and legitimate managers. Access to the hardware (i.e, the reset switch) is rarely required as a rootkit is intended to seize control of the operating system running on the hardware. Typically, rootkits act to obscure their presence on the system through subversion or evasion of standard operating system security mechanisms. Often, they are also Trojans as well, thus fooling users into believing they are safe to run on their systems. Techniques used to accomplish this can include concealing running processes from monitoring programs, or hiding files or system data from the operating system.

Rootkits may have originated as regular, though emergency, applications, intended to take control of an unresponsive system, but in recent years have been largely malware to help intruders gain access to systems while avoiding detection. Rootkits exist for a variety of operating systems, such as Microsoft Windows, Mac OS X[2] [3] , Linux and Solaris. Rootkits often modify parts of the operating system or install themselves as drivers or kernel modules, depending on the internal details of an operating system's mechanisms.

9. Conclusion

In this article the terms malware, Trojans or Trojan Horses, Worms, Computer Virus, Spyware, Adware and Rootkits were defined. It is hoped that a better understanding of these terms will result in people becoming more aware of the dangers they are exposed to every day and that they will install the appropriate software to protect themselves from the damage that can be done.

For more information and to find out which products are best to protect your computer from malware you can contact Ian Schmahmann at iansch@bestvalueonline.boz

You can find reviews of the best software for system protection at www.bestvalueonline.biz The direct landing page for these programs is www.bestvalueonline.biz/clearspyware.html

Security
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 

» More on Security
 



Share this article :
Click to see more related articles