Viruses 101

OK, so anyone who has ever owned or used a computer should know that there are these nasty little bugs called viruses that can infect your computer and stop it from functioning correctly.  But what exactly are they?  And what harm do they do?

The first thing we need to understand is that the term “virus” is hardly ever used correctly.  When most people say “My computer has a virus”, what they actually mean to say is “My computer is infected with malware.”

Viruses are just one of the eight particular types of computer infections, which are known in the industry as “malware” and are very different from the other seven due to their unique behaviour.  In short, all viruses are malware but not all malware are viruses, if that makes sense…Of course it does.

Also, just to complicate matters further, a particular program may exhibit behaviour that qualifies it as two, three or more of the various types of malware.

Before I go any further I must point out that this article is written and intended for a non-geek audience and is therefore simplified in its descriptions, definitions and examples.  So if you’re a geek and are reading this, please don’t leave snooty comments below pointing out a whole load of technical inaccuracies and/or omissions.  Why not get a girlfriend instead?

What Is Malware?

“Malware, short for malicious software, consists of programming (code, scripts, active content, and other software) that is designed to disrupt or deny operation, gather information that leads to loss of privacy or exploitation, or gain unauthorized access to system resources, or that otherwise exhibits abusive behaviour. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code.” – Wikipedia

The 8 Types of Malware

As mentioned before, there are currently eight different types of computer infections, which are classified as malware and they are:

1) Viruses

Like their biological counterparts, computer viruses exhibit the unique behaviour of infecting a system and then using that system’s resources to make copies of themselves and spread.  A virus can use a variety of methods in which to do this but one of the most common ways is by infecting your computer’s email program and then sending itself to all of your contacts.

Have you ever received a weird email from a friend that contained a strange link to an even stranger website?  That’ll be a virus at work!  If you clicked the strange link and went to that website, the chances are that your computer would have then been infected with the same virus, which would then email itself to all of your contacts and continue the cycle.

2) Worms

Worms are very similar to viruses in that once they infect a system they start to make copies of themselves.  However, there are some important differences that set them apart from viruses;

• Worms are self-replicating, which means that they don’t need to use your systems resources in order to reproduce.
• They have a “payload”, which means that they’re programmed to do more than just replicate.  They may delete important system files, block access to your documents or open communication ports, making your computer vulnerable to further (and more serious) attacks.

3) Trojans

Trojans or “Trojan Horses” are malware programs that on the surface look perfectly harmless (like a picture of your friend’s new baby attached to an email) but has a malicious program hidden inside.

The term comes from Greek Mythology where during the Trojan War, the Greeks give their enemies, the Trojans, a giant wooden horse as a peace offering.  The Trojans took the horse inside the walls of their city but what they didn’t know is that hidden inside the horse were a large number of Greek soldiers who promptly attacked the city from within and opened up the city gates to the rest of the Greek army.

This analogy is very fitting for computer trojan horses because that’s exactly what they do to an infected system.  Unlike viruses and worms, Trojans don’t make copies of themselves.  Instead they may;

• Steal your personal information and send it back to the hacker
• Watch and record everything on your screen
• Download more malicious files from the internet onto your computer
• Log keystrokes (make a note of everything you type)
• Leave your computer vulnerable for a hacker to remote control

Trojans are a particularly nasty type of malware due to their potential for compromising your privacy.  This can lead to identity theft and financial loss.

4) Spyware

As the name suggests, spyware is malicious software that spies on your computer related activities.  This includes (but is not limited to);

• Logging the websites you visit
• Logging keystrokes (make a note of everything you type)
• Watching and recording everything on your screen
• Collecting personal information

The name spyware sounds as if the only thing this type of malware does is “spy” but unfortunately that is not the case.  Some strains of spyware can also do other things like redirect your internet browser to unwanted websites.  For example, you type www.google.co.uk into your browser but instead of being taken to Google, you’re taken to a fake antivirus or fake banking website.  In fact, every website you try to go to takes you somewhere else.  This kind of annoyance can really disrupt the normal operation of your computer and may be down to spyware.

 5) Adware

“Adware” or “Advertising-Supported Software” is any computer software that in some way, shape or form, serves you advertisements of some kind.  These adverts commonly take the form of “pop-ups”, web browser windows that spontaneously “pop-up” on your screen.

Whether or not adware can be correctly classified as malware is debatable because not all computer-based advertisements are unexpected or unwanted.  However, it’s generally accepted that pop-up adverts are annoying, so adware is included in the malware definition.

Adware in itself is benign, causing no harm to your computer system.  However, depending on the extent of the infection, it can seriously impact on system performance and in some extreme cases it can render your computer unusable.  Also, if it’s bundled with spyware then it can expose you to more serious negative effects.

6) Scareware

As the name suggests “scareware” is malicious software that is meant to scare you into performing a certain action, most often this action involves you parting with your hard earned money.

Scareware usually takes the form of fake anti-virus programs or bogus security alerts that warn you about malware infections when in fact, the warning itself IS the infection!  The scareware program may promise to disinfect your computer and protect you from further infections if you first pay a fee of course.

7) Crimeware

Crimeware is a type of malicious software that is specifically designed to facilitate computer related crime or “cybercrime”.

Any of the previously mentioned types of malware may also qualify as crimeware if their intent is to aid or facilitate the commission of a crime.  Most often the intended crime is identity theft, fraud or financial exploitation.

An example of crimeware may be a spyware program that redirects your internet browser to a fake banking website every time you try to do some online banking.  The fake website may look almost identical to the actual website of your bank.  However, as soon as you log in, your personal information is captured and sent back to the hacker who can then access your accounts.

With modern encryption and authentication techniques, this type of fraud is now a lot more difficult to accomplish but the dangers of this actually happening are still present.

8) Rootkits

A rootkit is a set of malicious software programs that allow a hacker to gain highly privileged (or even unrestricted) access to your computer system.  Because of the high level of access they have to an infected system they are very good at hiding themselves, which in turn makes them extremely difficult to detect and remove.  They can, in effect, render themselves invisible by redirecting or even controlling the very programs that are meant to find them.  Once infected with a rootkit, a compromised system may be left vulnerable to further malware infections for a variety of different purposes.

The unique feature of rootkits is their stealth capabilities.  They can be designed to hide the existence of both themselves and other forms of malware so that you’re completely unaware of any infection.

Related Articles

After reading this article you may be thinking to yourself, “So what’s the good news?”  Well there is some.  There are many ways that you can protect yourself from malware, and buying a MAC is NOT one of them, despite what my friend Roger continues to suggest.  Actually, that gives me an idea for another article…

For tips on how to protect yourself from all of these nasty little bugs, please refer to the articles listed below.

• 5 Steps To PC Security
• Bogus Security alerts

Share This Article