Malware part 1: What are the threats?

The online world is not all fun and games. As the use of personal computers has exploded over the last 15 years, online threats have been growing right along with it.

You’ve probably heard some of the terms used to describe these threats: virus, worm, Trojan horse, spyware, adware … the list goes on. All of these have been grouped into the single term malicious software, or “malware.”

Malware comes in all shapes and sizes, and knowing the differences can help you defend yourself.

Viruses: This is by far the most common term for malware. In fact, the word is often used to describe other types.

By definition, a virus is any self-replicating program that infects a system without authorization. Once installed, it will execute itself, infect system files and attempt to propagate to other systems. A virus is often transmitted by a computer user via e-mail but can also be distributed through storage media, such as flash drives.

Worms: Though closely related, worms and viruses are completely different types of malware. Both have the ability to self-replicate and propagate by attaching themselves to files. While a virus moves from machine to machine through user action, a worm tends to spread itself using forms of network traffic, such as e-mail.

In no time, a worm can travel through the Internet and inflict great damage — from deleting files to creating back doors (Trojans) that give its creator control of a system.

Trojan horses: Named after the story of the wooden horse used by the Greeks to invade Troy, the Trojan horse is a very deceptive program that appears harmless but is actually one of the most dangerous types of malware. It can arrive as a friendly e-mail attachment or present itself as a useful application on a Web site. Because it does not have the ability to self replicate, a Trojan isn’t technically a virus. However, it does have the ability to deliver destructive payloads, including viruses, worms or spyware.

Spyware/Adware: Spyware and adware are perhaps the most worrying of all the threats, as they intrude on your privacy without you realizing it. Frequently, they track and report your computing activity without consent. While they aren’t designed to inflict damage, they can affect the performance of your computer, even to the point of rendering it inoperable.

The two forms of malware are essentially the same. Adware is just ad-supported software that acts like spyware.

Spyware and adware usually come bundled with free software and automatically install themselves with the program you intended to use. Signs of infection include system sluggishness, sudden modifications to your Web browser, redirects of your online searches, and the frequent display of pop-ups.

Rootkits: This type of malware is the most difficult to detect. By design, it is hidden to increase its useful life span and avoid detection. A rootkit could be a single program or collection of programs designed to take complete control of a system. Commonly, systems infected with a rootkit become “zombies,” controlled by malicious users through the Internet and used for malicious purposes, such as sending spam or attacking other computers. When attempting to track a rootkit’s creator, the search usually ends with the first infected zombie, and the hacker goes undetected.

Scareware: This is a relatively new term to describe the sudden explosion of rogue or fake anti-malware applications. These programs have one main goal: to deceive you into purchasing what you believe will be some protection for your computer.

Often what you get is just more malware, and on top of that you become a victim of identity theft. Personal information used to pay for the phony software is sold to others.

Staying safe: As you can imagine, malware is abundant online and will attempt to attack you from every direction it can. But there are things you can do to fight them off.

Read Part 2 >