Malware overview: the full details

The different types of malware that threaten Windows daily, including spyware, Trojans and viruses, as well as flaws and vulnerabilities.

Malware can be loosely defined as a malicious computer executable. The definition requires some flexibility because the term can describe a wide variety of different types of unwanted programs. The one certainty when discussing malware is the magnitude of the problem it poses -- the damage inflicted globally by malware is usually measured in billions . This overview briefly covers the history of malware, the different strains, what makes today's computers so hospitable and what the future holds.

Malware first entered the computer lexicon when the people responsible for chronicling such topics -- journalists, analysts and industry pundits -- realized they needed a broader term to describe the profusion of malicious software running rampant across the Internet. Before malware became a commonly used term, any dangerous software was referred to as a virus or worm, which still holds true today in the mainstream media. What distinguishes the term malware from words like virus and worm is that malware refers to the intention of the software's creator rather than a particular feature of said software. While the term may be fairly new, the software it describes is not.

Viruses and worms
Worms have probably been around the longest, though when they first started surfacing they were hardly as malicious as today's malware. A worm, as well as a virus for that matter, is a self-propagating computer program.

The first well-known worm was known as the Morris Worm and it used an early version of the Internet and a BSD Unix flaw to propagate itself. In the recent past, hackers would often write these pesky programs simply to prove that it could be done. That was before every computer on earth was networked together via the Internet, and viruses and worms often had to be physically distributed to computers via floppy disk.

Viruses usually distinguish themselves from worms by requiring a host, like a Word document. Though both viruses and worms can be spread through email, viruses and unwanted email attachments have become synonymous. The first widespread email-distributed virus was 1999's Melissa virus, which was a macro virus that exploited Microsoft Word and Outlook to mail itself to an infected computer's address book. Although viruses and worms can be damaging, their implementation is often haphazard and less beneficial to their creators than other forms of malware, which helps explain why this oldest form of malware is dying out.

Spyware and adware
Just as widespread email use provided an enormous highway for virus traffic, the growth of the Internet helped spawn spyware. Spyware is an Internet browser-based malady that is largely fueled by the prospect of monetary gain. In its least virulent form, spyware or adware causes sluggish systems, slow Web browsing and annoying pop-ups. The more dangerous spyware might track browsing habits or sensitive information and transmit that information back to its creator.

The term spyware is most commonly used to refer to the less damaging adware. The surreptitious activity attributed to spyware usually requires another piece of malware like a keylogger.

Bots, Trojans and keyloggers
The most recent trends in malware are related to the increasing criminalization of online threats. One of these threats, bots, is either on the rise or people are just starting to realize the dangers of being infected by one. Bot makers and distributors infect multiple systems to create massive botnets that can be used to launch Distributed Denial of Service attacks or as spam distributors -- which is, unfortunately, a lucrative endeavor.

Next on the list of growing Internet threats is the Trojan horse. By definition a Trojan horse is just a means of secretly installing a piece of malware on a system. That malware could be as innocuous as adware or as dangerous as a keylogger or rootkit. The name of the game for Trojans is subversion -- sneaking their way onto a system and delivering an unexpected and potentially devastating payload.

Flaws and vulnerabilities
So what makes malware so pervasive? You can often chalk up the reasons for this deluge of depravity to software bugs, but even perfectly operating software can be susceptible to attack. For example, lax default configurations can either open up or exacerbate vulnerabilities -- like when Windows 2000 Server had IIS turned on by default, which contributed to the massive damage inflicted by Code Red worm of 2000. Often Microsoft's zeal for introducing new functionality opens security holes in software, especially in Internet Explorer. But Microsoft is not solely to blame for the rise of malware. A significant number of the most vile threats require user interaction.

The future of malware
The bad news is that malware, once characterized by harmless viruses and annoying adware, is increasingly used for criminal activities. So much so that it is introducing new terms to the computer world, like crimeware. Even completely novel applications of computer code to the crimeware cause are surfacing. A new form of malware known as ransomware attempts to hold a user's computer files hostage.

Gone are the days when a hacker would announce his triumph with an obvious mass-mailing virus. Nowadays, more malware writers are creating subversive software. They wish to sneak onto systems and secretly acquire sensitive user information or to even enslave vulnerable machines. While wrong-doing is on their minds, financial gain is usually the primary incentive.


Read more on Hackers and cybercrime prevention