Malware: What is it - isn't it just a Virus?
Malware is any program or software that is designed to do harm to, or steal data from, a user's device that has been 'infected' with that software. The software gets delivered to and activated (run, or in technical terms, 'executed') on the device. The malware (often referred to as a virus) may come from a website, via an attachment or link (and downloaded, after using that link) in an email, or message, or from a connected external device..
The word 'Malware' (MALicious softWARE) comes from the French 'Mal', which means Bad, Wrong, or Ill. The term Malware refers to all forms of software that does harm; including Spyware, Worms, Rootkits, RATs, Trojan Horses, Keyloggers, and, to a lesser extent, Adware, which, in many cases, is more annoying that a real threat - but not always. Viruses are any type of malware that replicates itself and inserts itself into other programs in order to infect other devices when moved or copied to them, or run on them remotely. See below for more information on what these types of malware are.
By 'harm', we generally mean one of two things:
1. Stealing (copying) information and sending it back to the source of the malware, so that the people responsible for sending it can use it to access your bank accounts, open new accounts or credit cards in your name and similar criminal activities. Stolen information is also often sold on, via the 'Dark Web', a generally hidden-from-view part of the web, where all sorts of criminal and illegal activities and stolen personal and financial information is on display and for sale to those who partake in these sorts of activities. A bit like a dark alley of the web!
2. Locking your device and/or encrypting your data, so that you cannot access it (or sometimes just pretending to) and demanding payment to unlock or unencrypt (decrypt) it, allowing you access to it again. This is, naturally, called 'Ransomware'. Paying the 'ransom' is by no means guaranteed to allow you to regain access to your data or your system and may well just allow them to take or demand more money from you! It is one of these programs that locked up many of the computers in the NHS, and of many companies and individuals worldwide some years ago. These are all implemented by infecting the device with, and then running that program (the 'Malware') on the device.
There are several ways you can combat this:
- Avoid getting 'infected' with such software in the first place; see our guide to this on our Be Web Aware page. Very important to do what you can, but very hard to be 100% diligent and effective all of the time.
- Use effective Internet Security Suites, Firewalls, and other software to try to stop any malware getting through and catch and remove any that do; see our Security Suites page. These need to be updated and run regularly to be effective.
- Use a
(Virtual Private Network). Although a great idea and necessary for some purposes, they do
NOT
guarantee safety from Malware and often have downsides! See our information on VPNs on our Internet Connection page.
- Don't use the internet, email, apps, or any internet enabled device - not really an option nowadays unfortunately!
So, what are the main types of Malware and what do they do?
Viruses
There are many types of virus. Most of the malware listed below can be (and often are) classed as a virus. They are so called, because they 'infect' your device and, like human viruses, they harm the infected host and often infect others that they link to (in this case, those on the same network or connected in some way at some time, via cable or use of a USB or other memory stick/device), or even a CD/DVD. In computers, they often make them run more slowly, by taking over part of the normal running and using
, as well as doing whatever damage, or retrieve whatever information they are designed to do.
They can make other programs and your browser do things and go place that you have not selected, such as going to a specific website, which you might not be able to switch away from. This may then download more malware to your device, pretend to offer a solution to your new speed and control issues (that
IT
has caused), or demand payment to release control and give you back the normal running of your device. It might just pretend to lock your device in an effort to get you to pay, or contact the people who originated the attack on your device in order to prise more information or money from you.
Spyware
This does exactly what it says, it spies on you and/or your personal information on your device. It may 'just' spy on and steal your personal information (as if that's not bad enough), but it might actually spy on you, using your device's built-in camera and microphone and tell what sites your are visiting and what your passwords are, by using a Keylogger (se below). By using your camera and microphone, the people responsible may be able to find out your account login details, passwords, etc., either just by spying using the software, or by getting your phone number or other contact details and phoning or otherwise contacting you, pretending to be your bank, utility supplier, or even the local council, government office, or the police.
They may then use the keylogger, camera and microphone to see and check what you are typing and hear what you are saying, to get into your accounts directly, or use this information to convince you that they are genuine! So, don't say passwords and other such information out loud while typing them in - or automatically believe someone who calls you, just because they have some of your information!
Trojan Horses
A Trojan, or Trojan Horse, is, as you might suspect, something that looks like something that is safe, but is exactly the opposite! In this case, we're talking about software. What looks like safe, dependabe software (often anti-virus, anti-spyware, or other anti-malware software) is advertised, possibly at an 'unmissable' offer price, or which has to be purchased within a very short time-frame (so you have no time to think about it), on fake sites, in an attempt to get you to download it and infect your device.
Often, it is 'Anti-Virus' or similar software, either purporting to be a well-known make, or perhaps an unknown, but 'special' software that will 'solve all of your virus and other problems' - but is fake and will actually infect your device and give you exactly these problems. However, it could be any type of software, on any site - it may even be a perfectly good, genuine site that has been hacked and the original good software download has been replaced with fake, or otherwise tampered with, destructive software.
to avoid getting infected by such software, follow our advice on checking any software that you download
before
running it - see our
Tools page for more information on how to do this.
Worms
Worms are much like most other malware programs, with the same malicious intent, but they are given this name as they are very good at replicating themseves in order to infect other devices on the same, or a connected, network. This is their primary function, to spread to as many devices as possible, in order to find exactly what they are looking for, which can be anything from credit card or bank details, to specific devices or types of accounts which may be more worthwhile infecting. After running on the newly infected device and looking for what they are after, they are then on the lookout for other devices. As soon as one is detected, or some way of getting to other devices, like a USB stick plugged in, the worm copies itself to the new device and infects it with it's malware, then sits and waits for another victim to connect up! Ransomware is usually a type of worm, so be very careful what you connect your device to, or what you plug into it.
Rootkits
Rootkits themselves do not necessarily contain software that will do damage on their own. Instead, they make it possible for other (normally unauthorised) users to access your device, without being detected, and this is when the real damage is done - criminials secretly accessing your PC, laptop, etc., is NOT a nice thought. It would be like having an invisible burglar entering your home, perfectly duplicating all of your personal information to take away and use, without you ever knowing.
Once connected, a hacker will normally have unrestricted access to your data and possibly further network devices. It is for this reason that you need to ensure that other devices on your network, like webcams, security cams, video doorbells, smart speakers, etc., are properly secured with new, strong passwords and
not
left with their default passwords, which can be very obvious and simple to crack! Quite apart from someone getting into your network and maybe your PC or laptop, which is bad enough to start with, you really don't want them getting access to your video feeds!
Keyloggers
Keyloggers do pretty much what they say they do. They record your keystrokes in a log file and send this information back to the originator of the malware, or make them available for the criminals to 'collect' whenever they choose. Some are not strictly 'loggers' but can send your individual keystrokes, one at a time, to the software orignator in real time. This is one of the reasons why you must
never
allow anyone to install what they may call 'remote control' software on your device, or download any software or App. to allow someone to see what you are doing, or have direct control of your device -
unless
it is someone you already know and trust ablolutely and have
asked
them to do this in order to sort out a problem for you!
It might not be a keylogger, but any remote control software will likely include something like this and will leave you totally open to all sorts of fraud and theft from one or possibly all of your bank and other accounts, even after they have apparently logged off! Instantly remove/delete any such software from your device as soon as you realise what it is and immediately report the issue to all account companies you have dealings and accounts with.
RATs
RATs are Remote Access Trojans, a sort of combination of basic Trojans and Keyloggers. As such, they can give someone logging into your device even more information, including easier access to your passwords and messages etc,. as you type them. You really don't want these getting onto your devices. Make sure your Internet Security Suite looks for and destroys RATs and as many other types of malware. It is usually a good idea to use at least two different Security Software Suites, so that one will hopefully catch whatever the other one misses, but be careful not to overdo it, as some of these software suites take up a lot of resourses and can seriously slow your device - see our
Secuity Suites page to see why and how to manage this threat.
Adware
Adware sounds pretty innocuous and, quite often, it is, but it can be dangerous too. This is software that gets downloaded with, or is included with other programs, usually downloaded from webites, but can also come on CDs or USB sticks. Often, it comes disguised as cookies, so you'll never see it or know it's there. They can track your browsing habits and use this information to put ads in front of you that you may be interested in, taking into acccount your previous browsing decisions. However, they can also use this same technique to direct you to fake and/or malicious sites and software, of a type that you may have previously shown interest in, so beware. One of the best tools to get rid of this is SuperAntiSpyware, check it out on our
Tools page.
So, how do you avoid getting infected in the first place? There are many ways your device can get infected and just as many ways that you can avoid this. Go to our
Be web Aware page to find out the best strategy to avoid this,
before
you start installing any additional software - which could just put you at even
more
risk!
Once you have a good handle on how to protect yourself by practicing 'safe internet browsing', you can be more proactive and select and install one or more anti-malware (usually called antivirus) programs, or suites of programs (Internet Security Suites), that usually contain a firewall, antivirus and anti-spyware software and, sometimes, anti-spam email software, that can help prevent you getting infected and deal with any infection that does happen.
Then there is the last resort option; recovering from an infection. This can be a lot more complicated than simply using an antivirus program, although these can do a good job of removing and isolating malware. Sometimes, it is as simple as shutting down a program that is trying to infect your device, such as a pop-up notice or warning; see the first part of our
Be Web Aware page for more information on this. Sometines it can be a lot more difficult.
Recovering from ransomware can be a lot more difficult. In fact, there may not be any way - other than wiping your hard drive/storage and re-installing your operating system! So, make sure you have a backup of your personal data -
before
something like this happens! See our page on
Backup for more information. Whatever you do, do
NOT
pay the ransomers anything at all. In fact, do not reply or converse with them at all, by any means whatsoever.
If you do, you are are just telling them that you are a good 'target' and are likely to either be targetted again, or simply asked for more money to release you device and/or data - and you're still unlikely to get it back! Even worse, you may open yourself to even more fraud if you give them any way to access your bank account or other funds, so DON'T do this. Take the hit, reinstall your device and reinstall your data from your last (safe, not connected) backup.
You
HAVE
backed up your personal data recently, haven't you?
Back to Top