Using this site

Please ensure you understand and agree with our data protection policy before using this site. Review Policy

What is Malware? - Definition and Examples

Malware (malicious software), is a blanket term for any kind of computer software with malicious intent. Most modern computer threats are malicious software.

Download Anti-Malware

You may be interested in taking a look at our other antivirus tools:
Trojan Killer, Trojan Scanner and Online Virus Scanner.

» Malware
Defining Malware: Understanding How It Works and Malware Types

What is Malware?

April 19, 2023

Malware. You heard this word and likely knew its definition. However, the majority of users can barely tell anything more. Malware is more than just “malicious software”, as people used to describe this definition, and, in fact, not a synonym for “virus”. So how can it correctly be characterized?

It is hard to describe everything meant under the term malware. Of course, since it is an umbrella term for all sorts of viruses, you can easily say that it is the describing term for any unwanted software that can harm your system. And this term is likely proper, but there are still several things to say about the mentioned definition.

The transcript of this abbreviation - malicious software - gives quite a clear meaning of the whole term. However, “the program which carries danger for your system and data you store on your computer” must be detailed. People often ignore that some applications may be malicious, as these apps do not demonstrate their unwanted potential. Such applications must correctly be named as “potentially unwanted” or “potentially malicious”. Different anti-malware vendors specify the threat level for such applications, depending only on their own opinion.

Unwanted programs are not the only exclusion among the malicious software. A lot of disputes are around the programs which have the potential to be used by burglars. Various hack tools are among this category of programs. These applications can be used for legitimate actions, like accessing the Windows account when you have lost the password. Since the same action is often done by crooks who try to hack the whole computer network, hack tools are usually detected and blocked by antiviruses, like they are currently active viruses.

DarkGate and Pikabot Copy the QakBot Malware

DarkGate and Pikabot Copy the QakBot Malware

Learn more ->

Why malware exists?

Because of the wish to earn much more significant sums of money than ones made on legal jobs, people often think about the way to reach tens of thousands of dollars without doing any real job. Besides the drug dealing and casino playing, they will likely see the offer to become a virus distributor. Of course, all such requests are posted primarily on the Darknet, so both persons who offer the job and those hired keep their anonymity. Nonetheless, people are prone to make mistakes, and police departments investigating cybercrimes will find these crooks sooner or later. More than 90% of virus creators and their assistants employed in virus distribution have been busted.

Another reason malware exists is that people are not very clever. They may quickly be the bait to press a specific button on the website, which leads to malware installation. The same thing with malware injection through dubious applications: greed leads people to questionable websites for a free (hacked) version, then makes their computer full of viruses. Until such injection ways are possible, fraudsters will try to take their bite of this foolish pie.

What does malware activity look likes?

imagine that your CPU, GPU, and RAM became 50% less powerful. Your PC becomes as slow as a snail, struggling to open the web browser. Then, add the blinking console windows, chaotically opening the browser or wallpaper change on a strange picture. It is hard to describe all symptoms in one paragraph because there is a vast amount of them. But all these visible changes may be described with only three words - “something is wrong”.

In cases of ransomware injection, you will surely see that your files are encrypted, and there are a lot of money ransom notes all over the system. Stealer activity often leads to the situation when your social network accounts are used for spamming. Spyware presence, however, cannot be spotted until you scan your computer with anti-malware software.

Phobos Ransomware Mimics VX-Underground Researchers

Phobos Ransomware Mimics VX-Underground Researchers

Learn more ->

Everything in this world is changing, and viruses, acting in the most changeful environment, must change the same fast. A lot of users wonder when someone shows the abilities of modern viruses. “Oh, they are so powerful, but I will never get one. It is likely too rare!”. Complexity became a new slogan of malware in both distribution and activity in the infected system.

Making the virus Jack of all trades is challenging. Malware creators who designed some easy things in the early 2000s were forced to re-qualify as legal programmers or increase their qualifications to make more tricky malware. This environment was always very competitive, and this competition turned faster and faster when more serious anti-malware tools appeared.

Some of the viruses were kicked out of the “arena” by the changes in global technologies. While dial-up Internet connection was widespread, a specific virus rerouted your dial-up connection through the international network. Such calls were charged at a significantly more expensive rate, so at the end of the accounting period, this dial-up modem's “happy owner” became rather angry than happy, seeing a bill for several thousand dollars.

Known malware types

Malware comes and goes, synchronized with the conditions it uses for spreading and money generating. Some viruses are getting squeezed out by their successors, and some categories keep running after several decades. The reasons for long-liver appearance are hard to predict because computer environments change rapidly, and it is hard to keep going after all changes. Only those with specific distribution and money-earning ways can stay active after more than ten years. However, here is the list of currently active malware:

The majority of these viruses appeared about a decade ago. Of course, they differ from their predecessors since they must deal with much more severe system security and bring more massive effects. But the main goals of these viruses were likely the same throughout the decade. Not all viruses were strong enough to keep going. Here is the list of virus types that have already disappeared or can be met so rare that they are equal to museum exhibits:

Virus Many people think that “virus” is an umbrella term for all applications that may be dangerous to the system. But in fact, viruses were a vast class of malware with their features. A computer virus replicates itself like its analog counterpart for humans until the victim becomes unworkable. The virus was infecting all programs you have on your PC, and in one moment, you see that your system resources are over.

The most practical reason for this virus to disappear is that it is hard to monetize it. While ransomware asks for a ransom payment and adware earns money for each banner view, viruses cannot bring you money in any way.
Worm Worms are one of the eldest malware types. Morris Worm is likely known by most users interested in computer history. A worm is a type of malware that literally “eats” the programs and OS, causing its failures in the future and allowing other viruses to exploit the created “holes”.
Locker The predecessor of ransomware. This malware type locks your computer, leaving you with a scary banner that covers the screen. On that banner, you were told that some government organizations blocked your system for outlaw actions, and you need to pay a ransom for its unblocking. Usually, you could not skip that banner in the usual way - Ctrl+Alt+Del and Ctrl+Shift+Esc were not working. Nonetheless, some of the design flaws of that malware were used to get access to the system.

The ransomware appeared to be much more effective and profitable, so soon after 2014, when ransomware activity reached the first noticeable milestone, lockers were forgotten.
Dialer It was already mentioned in that article. This malware was spread through pornographic websites with a large number of pop-ups. While browsing one, users may click the banner and download the virus. Then, they were spectating many pop-ups that offered to set up something. Among these pop-ups, a re-dial window appeared, but the user likely skipped it, missing its contents. The virus re-dialed you on the international connection, which cost much more than the usual dial-up. You will probably have a ton of destructive emotions seeing the Internet bill for $2000-2500.
Rogue Rogue software is a controversial thing. Some call it full-size malware. Others say that it’s instead a PUA than a virus. The GridinSoft team tends to believe that rogue is instead a potentially unwanted program. This malware looks like a legit program until you install it and let it interact with your system. If it mimics the antivirus software (the most common case), it will start notifying you about dozens of various malicious programs running on your computer. Some of the programs may block your desktop, just like locker malware.

You are not able to remove the rogue software in the usual way. It is not listed in any of the lists of installed software you used to check. Moreover, the rogue has no uninstallation file in its root directory. The problem that led this malware to disappear is that it is much less profitable than “classic” viruses.
Malicious CPU-Z Copy Is Spread In Google Search Ads

Malicious CPU-Z Copy Is Spread In Google Search Ads

Learn more ->

How can I protect my computer from malware?

You may see a lot of different advice on the Internet. Some may be useful, but most “advisers” are laymen who do not know much about cybersecurity. Tips like “change the certain registry key” or “unmark the certain setting in the Group Policies” will barely bring you any tangible result. Of course, you are free to follow any advice which looks legitimate and effective, regardless of who gives you this advice. But, like it constantly happens with amateurs, the consequences may be unpleasant.

Protect yourself against malware with Gridinsoft, the best Malware Removal Tool available. Regain control of your privacy with a malware scanner, detector, and remover that's ultra-fast and refreshingly lightweight — and 100% effective.

Download Malware Removal Tool

Anti-malware tools have the most extensive efficiency against various viruses. Sometimes you may hear that all security tools are useless, and you will not get the malware if you have no AV tool installed. But time shows the difference: antivirus tools are still the best and ultimate solutions against malware. You may rely on your attentiveness for a long time. But one day, you will be infected, and you will never expect the way malware comes to your PC. Using Gridinsoft Anti-malware, you will surely save your money and calmness, solving only puzzles but not malware activity consequences.

RustBucket Malware Attacks MacOS More Effectively

RustBucket Malware Attacks MacOS More Effectively

Learn more ->

Frequently Asked Questions

Do malware can make devices explode?
A very interesting question that has been circulating on the internet for awhile. Although it is more like a rumor, we thought the answer would be able to explain another interesting aspect of malware and what it has to do with BIOS. BIOS or Basic Input Output System is a special set of codes that will give various instructions to a computer's operating system on how to interact with hardware. When malware infects a computer it can also affect the computer's BIOS altering commands given to hardware. That's where you see your mouse moving without you barely touching it or the volume of speakers changing. Malware cannot make instructions to hardware to explode your computer but it has the ability to overload your machine causing the fan inside your computer to overwork and thus cause the overheat.
When was the first malware created?
In 1969 BBN Technologies’ programmer Bob Thomas created the first virus named Creeper. The virus was a self-replicating worm that infected DEC’s PDP-10 and spreaded itself to computers on the ARPANET (the US Department of Defense’s prototype of the Internet). Upon the infection the virus displayed to the victims a message "I’m the creeper. catch me if you can!". Creeper worm was just an experiment but various threat actors quickly adopted the thing for their own purposes.
What was the fastest malware to spread?
The fastest malware to spread is constantly to be the MyDoom virus which appeared in 2004. According to research done by specialists from Unit 42 the virus was active in 2019 and by this time it has caused damages estimated to be $38 billion. There's no information currently available if MyDoom is still active. The same ILOVEYOU virus MyDoom used emails to spread. Some of the malicious emails contained a message which read "andy; I’m just doing my job, nothing personal, sorry." In other instances the infected emails masqueraded as email delivery failure reports. Additionally upon the successful infection the virus would send another malicious email to people on the victim's contact list. Threat actors used MyDoom to conduct distributed denial-of-service attacks against various companie's websites.
Do all types of malware are viruses?
Often people confuse two terms "Malware" and "Viruses" thinking they mean the same thing which in fact is not true. Malware encompasses a large number of different kinds of destructive and harmful computer codes and viruses being just one of those kinds. In fact malware include trojan horses, keyloggers, adware, rootkits, worms, etc. According to a research done by PRR Computers viruses make 57% from all other kinds of malware.
What is the most dangerous malware in the world?
You can't name just one particular virus or keylogger as being the most dangerous one from all other families of malware. Every malware family has its "the strongest" representative and generally in its own way based on general characteristics of the malware family can present particular danger other than the other individual types from other families. If you compare ransomware and adware you will see that ransomware presents more destructive actions to your computer than adware. But among the various malware families there can be such individual kinds of the most effective and the most destructive/ harmful in action malware types than among the whole family. There are ransomware variants that not only encrypt data and demand ransom but also steal accessed data and make threats to leak it unless payment is made. And compare ransomware and adware when you obviously would think that ransomware is the most dangerous, but in fact adware can present even more danger in its own way. The same goes for individual types from various malware families; each of them can be dangerous enough if not detected and removed by antimalware software in time.
What is the difference between trojans and viruses?
Some people tend to think that trojans are viruses but in fact those two words mean slightly different kinds of malware. Threat actors attach viruses into other computer programs and when users run it the malicious code is also to be executed. Viruses don't need remote control. What viruses do is that they can alter or delete data as its main malicious task. Trojan horses in its turn is another type of malware that disguises to be some helpful and useful program but in reality conducts various kinds of malicious actions like giving unauthorized access to the victim's computer and control over it.