Malware Examples: Common Types You Should Know
Different types of Malware and examples
Most businesspeople today are familiar with the term malware—that is, malicious software of some sort—but in recent months I have heard multiple otherwise knowledgeable people misuse various terms related to different types of malware. To help clarify this confusion, I decided to share a short primer that includes common malware examples and should be useful for people of all backgrounds:
Malware
Malware is an all-encompassing term that includes many forms of intentionally malicious software (in fact, the word malware was first coined in 1990 by the late Israeli professor, Yisrael Radai, as a conjunction of the words “malicious” and “software”). Malware examples include computer viruses, worms, Trojans, ransomware, scareware, spyware, cryptocurrency miners, adware, and other programs intended to exploit computer resources for nefarious purposes.
Virus
A computer virus is an instance of malware that, when executed, replicates itself by inserting its own code into data files (often in the form of rogue macros), “boot sectors” of hard drives or SSDs, or other computer programs. Like biological viruses, computer viruses require hosts in order to spread. While viruses still inflict tremendous damage, the majority of serious malware threats today arrive in the form of Trojans and worms. (Note: The plural of computer virus is accepted as “viruses,” even if one uses “viri” as the plural for a biological virus.)
Worms
A computer worm is a standalone piece of malware that replicates itself without the need for any host in order to spread. Worms often propagate over networks by exploiting security vulnerabilities on target computers and networks. Because they normally consume network bandwidth, worms can inflict harm even without modifying systems or stealing data.
Trojans
A Trojan (or Trojan horse) is malware disguised as non-malicious software or hidden within a legitimate application or piece of digital data. Trojans are typically spread by social engineering – for example, by tricking people into clicking a link, installing an app, or running some email attachment – and, as such, unlike viruses and worms, Trojans typically do not self-propagate – instead, they rely on human involvement.
Ransomware
Ransomware is malware that demands that a ransom be paid to some criminal in exchange for the infected party not suffering some harm. Ransomware often encrypts user files and threatens to delete the encryption key if a ransom is not paid within some relatively short period of time, but other forms of ransomware involve a criminal actually stealing user data and threatening to publish it online if a ransom is not paid. Ransomware is most often delivered as a Trojan or a virus, but can be, and has been, also been packaged in a worm.
Scareware
Scareware is malware that scares people into making some purchase. One common example is malware that displays a message on a device that the device is infected with some virus that only a particular security package can remove, with a link to purchase that “security software.”
Spyware
Spyware is software that surreptitiously, and without permission, collects information from a device. Spyware may capture a user’s keystrokes (in which case it is called a keylogger), video from a video camera or audio from a microphone, screen images, etc. Some technologies that might technically be considered spyware if users have not been told that they are being tracked are in use by legitimate businesses; they include beacons that check if a user loaded a particular web page, and tracking cookies installed by websites or apps.
Cryptocurrency Miners
Cryptocurrency mining malware is malware, that, without permission of a device’s owner, uses the device’s computing power to generate new units of a particular cryptocurrency (which it gives to the criminals operating the malware) by completing complex math problems that require significant processing power to solve.
Adware
Adware is software that generates revenue for the party operating it by displaying online advertisements on a device. Adware may be malware – that is, installed and run without the permission of a device’s owner – or may be a legitimate component of software (for example, installed knowingly by users as part of some free, ad-supported package.)
Blended Malware
Blended malware is malware that utilizes multiple types of malware technology as part of an attack – for example, combining features of Trojans, worms, and viruses.
Zero Day Malware
Zero Day malware is any malware that exploits a vulnerability not previously known to the public or to the vendor of the technology containing the vulnerability.
How Malware Spreads and Creates Security Risks
Malware spreads through methods like phishing emails, malicious downloads, infected attachments, compromised websites, and removable media, exploiting human trust and software vulnerabilities. Once inside a system, it can steal sensitive data, encrypt files for ransom, disrupt operations, or create backdoors for further attacks. Malware propagation often leverages social engineering to trick users into activating malicious code or abusing unpatched systems that lack current security defenses. These infections pose serious security risks, including data loss, identity theft, financial harm, and long-term network compromise if not detected and remediated promptly.
Effective Ways to Defend Against Malware Attacks
- Keep systems and software updated to close security vulnerabilities that malware often exploits.
- Use reputable antivirus and anti-malware software with real-time scanning to detect and block threats before they cause harm.
- Enable firewalls and network defenses to block unauthorized access and filter malicious traffic.
- Practice cautious browsing and downloading habits by avoiding unknown links, attachments, and untrusted sources.
- Implement strong authentication and backups with multi-factor authentication and regular data backups to limit damage and support recovery.
In a future piece, I plan to provide a high-level overview of technologies used by malware.
This piece originally appeared in Inc.
Joseph Steinberg is a cybersecurity expert witness and advisor, and a Lecturer on Cybersecurity at Columbia University in NYC. He has led businesses in the information-security industry for over two decades, and has written books ranging from the best-selling Cybersecurity for Dummies to the official study guide for a CISO certification exam. He is one of only a few dozen people worldwide to hold the suite of advanced information security certifications, CISSP, ISSAP, ISSMP, and CSSLP, indicating that he possesses a rare, robust knowledge of information security that is both broad and deep; his information-security-related inventions are cited in well over 500 US patent filings.
CyberSecurity for Dummies is now available at special discounted pricing on Amazon. Give the gift of cybersecurity to a loved one.