What Do Viruses, Trojans, Worms, And Malware Actually Do?

While we all know viruses and trojans are bad, how exactly they work and what do they do to our computer system is not much known about. In the 24th instalment of our weekly TECH TUESDAY column, we look at viruses, trojans, worms, spyware, and other malware to explain their role.

Cover image via

What is a Virus? What does it do?

Image via

In the strictest sense, a virus is a program that copies itself and infects a PC, spreading from one file to another, and then from one PC to another when the files are copied or shared.

Just as a biological virus replicates itself in a human cell, a computer virus replicates itself in computer memory when initiated by the user. Not only they replicate themselves but may also contain some malicious codes which can affect your files, your operating system or even your master boot records thereby making your computer start slow or not boot at all.

Most viruses attach themselves to executable files, but some can target a master boot record, autorun scripts, MS Office macros, or even in some cases, arbitrary files. Many of these viruses, like CIH, are designed to render your PC completely inoperable, while others simply delete or corrupt your files—the general point is that a virus is designed to cause havoc and break stuff.

As a virus always needs a human action to initiate itself, in a computer most of them attach themselves to an executable .exe file because it knows eventually the user will double click on it to run it and that’s all it needs to infect the computer. Yes, unfortunately, most viruses are inadvertently initiated by the computer users themselves and hence it is important that when you install and run programs, you know beforehand that you got them from a trusted source.

You can protect yourself from viruses by making certain your antivirus application is always updated with the latest definitions and avoiding suspicious looking files coming through email or otherwise. Pay special attention to the filename—if the file is supposed to be an mp3, and the name ends in .mp3.exe, you're dealing with a virus.

What is Malware? What does it do?

The word Malware is short for malicious software, and is a general term used to describe all of the viruses, worms, spyware, and pretty much anything that is specifically designed to cause harm to your PC or steal your information. The term computer virus is often used interchangeably with malware, though the two don't actually have the same meaning.

Malware is the big umbrella term. It covers viruses, worms and Trojans, and even exploit code. But not vulnerabilities or buggy code, or products whose business practices you don’t necessarily agree with. The difference between malware and vulnerabilities is like the difference between something and the absence of something. In this case, malware is a something. You can see it, interact with it, and analyze it. A vulnerability is a weakness in innocent software that a something (like malware or a hacker) can go through.

What is a Worm? What does it do?

Image via

Practically a worm is an evolved form of a virus. Like virus, worms too replicate and spread themselves but it happens on a bit larger scale. Also, unlike virus, a worm does not need a human action to replicate and spread and that’s what makes it more dangerous.

Computer worms use the network to send copies of themselves to other PCs, usually utilizing a security hole to travel from one host to the next, often automatically without user intervention. Because they can spread so rapidly across a network, infecting every PC in their path, they tend to be the most well-known type of malware, although many users still mistakenly refer to them as viruses.

As the infection is network-based, a good firewall along with antivirus is necessary to control worm attack. Also, this means that blindly downloading email attachments or clicking the links friends share with you in a chat window isn't recommended. Double-check before you do that.

Some of the most famous worms include the ILOVEYOU worm, transmitted as an email attachment, which cost businesses upwards of 5.5 billion dollars in damage. The Code Red worm defaced 359,000 web sites, SQL Slammer slowed down the entire internet for a brief period of time, and the Blaster worm would force your PC to reboot repeatedly.

What is Trojan? What does it do?

Image via

Trojan horse or simply Trojan is a bit interesting. Trojan horse is a program that appears useful by pretending to do certain things in foreground, but in reality they are working silently in background with the only objective of harming your computer and/or stealing valuable information.

Trojans really have only one purpose, and that is to cause damage. They often have identical destructive functionality to some viruses; they just lack the ability to spread on their own. Trojans must be planted somewhere people are likely to run across them (like Flashback), or they must be sent directly (like in a targeted attack such as Imuler). This confusion is what leads some people to refer to things as “Trojan viruses,” even though those two terms are mutually exclusive.

In many cases, trojans will create a backdoor that allows your PC to be remotely controlled, either directly or as part of a botnet—a network of computers also infected with a trojan or other malicious software. The major difference between a virus and a trojan is that trojans don't replicate themselves—they must be installed by an unwitting user.

Once your PC has been infected with the trojan, it can be used for any number of nefarious purposes, like a denial of service (DoS) attack against a web site, a proxy server for concealing attacks, or even worse—for sending out buckets of spam. Protection against trojans works the same way as viruses—make sure that your antivirus application is up to date, don't open suspicious attachments, and think long and hard before you try and use a downloaded crack for Photoshop—that's one of malware authors' favorite spots to hide a trojan.

What is a Spyware? What does it do?

Image via

Spyware is a type of program that is installed without your permission on your personal computers to collect information about users, their computer or browsing habits tracks each and everything that you do without your knowledge and send it to remote user. It also can download other malicious programs from internet and install it on the computer.

They don’t harm your computer in any way. Instead, they attack you! Once installed on a system they run in background and keep on collecting user’s personal data. These data can include your credit card numbers, passwords, important files and many other personal stuff.

Since spyware is primarily meant to make money at your expense, it doesn't usually kill your PC—in fact, many people have spyware running without even realizing it, but generally those that have one spyware application installed also have a dozen more. Once you've got that many pieces of software spying on you, your PC is going to become slow.

What many people don't realize about spyware is that not every antivirus software is designed to catch spyware. You should check with the vendor to make sure the application you are using to protect you from malware is actually checking for spyware as well. If you come across a PC that is already heavily infected, run a combination of MalwareBytes and SuperAntiSpyware to clean it thoroughly.

Other TECH TUESDAY stories on SAYS:

You may be interested in: