Malware

Malware is harmful software made to cause problems for computers, servers, or networks. It can steal private information, take control of systems without permission, or stop people from using their devices properly. There are many kinds of malware, such as computer viruses, worms, and ransomware.

Malware is a big problem for people and businesses online. The number of different malware types has grown a lot over the years. It can cost money to fix the damage it causes. Sometimes, malware is used to target important systems like electricity networks.

To stay safe from malware, it's important to use antivirus software, keep systems updated, and make backups of important files. These steps help protect computers and keep information safe.

History

Main article: History of computer viruses

For a chronological guide, see Timeline of computer viruses and worms.

The idea of a computer program that can copy itself goes back to early ideas about how complex machines work. A scientist named John von Neumann showed that such a program was possible. Later, a researcher named Fred Cohen studied computer viruses to learn more about them.

Before the Internet was common, viruses spread by hiding in programs or special parts of old computer disks called floppy disks. When someone used an infected program or turned on a computer with an infected disk, the virus would start running too. One of the first known viruses was called (c)Brain and it was created in 1986.

Today, malware can be used to steal important information and can spread in many ways, such as through emails and everyday devices like toys or lights that connect to computers.

Purposes

Since many people started using the Internet, harmful software has been made to make money. Since 2003, most viruses and worms have been made to take control of people's computers for bad reasons. These infected computers, called "zombie computers," can be used to send unwanted messages or attack websites.

Such software is also used to target government or company websites to steal important information. It can also be used to get personal details from individuals.

Besides being used for crime, harmful software has also been used to cause damage for political reasons. One famous example is Stuxnet, which was made to disrupt certain industrial systems.

In 2024, someone who controlled many infected computers was caught for doing this for profit.

Types

Malware is software that can harm computers or cause problems. It might steal information, slow down the computer, or lock files until money is paid.

Malware

Virus

Main article: Computer virus

A computer virus hides inside another program and makes copies of itself. It can damage data or files.

Worm

A worm spreads itself over networks to infect other computers without needing a user to do anything.

Rootkits

Main article: Rootkit

Rootkits hide harmful software on a computer by changing the operating system. This makes the harmful software hard to find.

Backdoors

Main article: Backdoor (computing)

A backdoor lets someone access a computer without permission, often using another type of malware to get in.

Trojan horse

Main article: Trojan Horse (Computing)

A Trojan horse looks like a normal program but has hidden harmful functions. It can steal information or slow down the computer.

Droppers

Main article: Dropper (malware)

Droppers are a type of Trojan that download more harmful software to the computer.

Ransomware

Main article: Ransomware

Ransomware locks a computer or files until a payment is made. Some types also hide (encrypt) the files.

Click fraud

Some malware makes it look like a user clicked on ads to earn money from advertisers.

Grayware

See also: Privacy-invasive software and Potentially unwanted program

Grayware includes unwanted programs that can slow down a computer or cause security problems but aren’t clearly harmful enough to be called malware. Examples include programs that show extra ads or track what you do online.

Potentially unwanted program

Potentially unwanted programs (PUPs) are apps that users might not want, even if they downloaded them on purpose.

Adware

Some adware turns off protection programs; fixes exist to solve this.

Spyware

Programs that watch what you do online, show extra ads, or change where money goes are called spyware. They don’t spread like viruses but are often hidden in other software.

Detection

Antivirus software finds harmful programs in two main ways: by looking at the code and by watching how the program behaves. It can learn to recognize known harmful programs by studying their code. But this doesn't help with new, unknown programs. To catch these, the software watches how the program runs and stops it if it acts strangely.

Harmful programs try to stay hidden. It's hard to tell if a program is harmful because they use tricks to avoid being noticed. Some can hide parts of themselves or change their appearance, making them harder to detect. These tricky attacks have become more common recently.

Risks

Software can have weak spots that bad people can use to harm computers. For example, older versions of some programs had weaknesses that let unwanted code run. Malware can use these weak spots to take control of your computer.

Sometimes, programs ask for more access than they need. This extra access can be misused by malware. Using strong passwords and extra steps to log in, like a code sent to your phone, helps keep accounts safe. Having different types of computers and software on a network can also reduce risk, because bad software might not work on every system.

Mitigation

Anti-malware programs, also called antivirus, help stop and remove harmful software. Examples include Microsoft Security Essentials for older Windows versions and Windows Defender for newer ones like Windows 8, Windows 10, and Windows 11. These tools work in a few ways:

1. Real-time protection: They look for harmful software as it tries to install, stopping it before it can harm your computer.
2. Removal: They can find and delete harmful software that is already on your computer.
3. Sandboxing: They keep apps in a safe area so they can't hurt other parts of your computer. This helps protect against harmful code from the internet.

Website security scans check for weaknesses that could let harmful software in. Keeping your network split into smaller parts can also slow down harmful software spreading. As a last step, some computers are kept completely offline, called an "air gap", though this isn't perfect protection either.

Research

Researchers have studied harmful software, called malware, from 2005 to 2015. They looked at important journals, articles, different areas of study, and how many papers were published. They found that the amount of research grew each year.

North America did the most research, followed by Asia and Europe. China and India are becoming important places for this kind of study too.