WHAT IS THE DIFFERENCE BEWTEEN VIRUSES, TROJANS, WORMS, AND OTHER MALWARE?
Lifehacker’s tech-savvy readers are the first people on speed-dial when it’s time to heal an infected PC, but how much do you really know about viruses, spyware, scareware, trojans, and worms? Here’s a helpful guide to understanding all the different types of malware.
The point of today’s lesson, of course, is to help you teach your friends and family more about the different types of malware, and debunk a few of the common myths about viruses. Who knows, maybe you’ll learn a thing or two as well.
WHAT IS MALWARE?
The word Malware is short for malicious software, and is a general term used to describe all of the viruses, worms, spyware, and pretty much anything that is specifically designed to cause harm to your PC or steal your information.
VIRUSES WREAK HAVOC ON YOUR FILES
The term computer virus is often used interchangeably with malware, though the two don’t actually have the same meaning. In the strictest sense, a virus is a program that copies itself and infects a PC, spreading from one file to another, and then from one PC to another when the files are copied or shared.
Most viruses attach themselves to executable files, but some can target a master boot record, autorun scripts, MS Office macros, or even in some cases, arbitrary files. Many of these viruses, like CIH, are designed to render your PC completely inoperable, while others simply delete or corrupt your files – the general point is that a virus is designed to cause havoc and break stuff.
SPYWARE STEALS YOUR INFORMATION
Spyware is any software installed on your PC that collects your information without your knowledge, and sends that information back to the creator so they can use your personal information in some nefarious way. This could include keylogging to learn your passwords, watching your searching habits, changing out your browser home and search pages, adding obnoxious browser toolbars, or just stealing your passwords and credit card numbers.
Since spyware is primarily meant to make money at your expense, it doesn’t usually kill your PC—in fact, many people have spyware running without even realizing it, but generally those that have one spyware application installed also have a dozen more. Once you’ve got that many pieces of software spying on you, your PC is going to become slow.
What many people don’t realize about spyware is that not every antivirus software is designed to catch spyware. You should check with the vendor to make sure the application you are using to protect you from malware is actually checking for spyware as well. If you come across a PC that is already heavily infected, run a combination of Malwarebytes and SuperAntiSpyware to clean it thoroughly.
SCAREWARE HOLDS YOUR PC FOR RANSOME
Scareware is a relatively new type of attack, where a user is tricked into downloading what appears to be an antivirus application, which then proceeds to tell you that your PC is infected with hundreds of viruses, and can only be cleaned if you pay for a full license. Of course, these scareware applications are nothing more than malware that hold your PC hostage until you pay the ransom—in most cases, you can’t uninstall them or even use the PC.
If you manage to come across a PC infected with one of these, your best bet is to Google the name of the virus and find specific instructions on how to remove it, but the steps are usually the same—run a combination of MalwareBytes, SuperAntiSpyware, and maybe ComboFix if you need too.
For more on scareware, including a full walk-through of how a PC actually gets infected in the first place, check out the guide I wrote on removing internet security 2010 and other fake antivirus malware.
TROJAN HORSES INSTALL A BACKDOOR
Trojan horses are applications that look like they are doing something innocuous, but secretly have malicious code that does something else. In many cases, trojans will create a backdoor that allows your PC to be remotely controlled, either directly or as part of a botnet—a network of computers also infected with a trojan or other malicious software. The major difference between a virus and a trojan is that trojans don’t replicate themselves—they must be installed by an unwitting user.
Once your PC has been infected with the trojan, it can be used for any number of nefarious purposes, like a denial of service (DoS) attack against a web site, a proxy server for concealing attacks, or even worse—for sending out buckets of spam. Protection against trojans works the same way as viruses—make sure that your antivirus application is up to date, don’t open suspicious attachments, and think long and hard before you try and use a downloaded crack for Photoshop—that’s one of malware authors’ favorite spots to hide a trojan.
WORMS INFECT THROUGH THE NETWORK
Computer worms use the network to send copies of themselves to other PCs, usually utilizing a security hole to travel from one host to the next, often automatically without user intervention. Because they can spread so rapidly across a network, infecting every PC in their path, they tend to be the most well-known type of malware, although many users still mistakenly refer to them as viruses.
Some of the most famous worms include the ILOVEYOU worm, transmitted as an email attachment, which cost businesses upwards of 5.5 billion dollars in damage. The Code Red worm defaced 359,000 web sites, SQL Slammer slowed down the entire internet for a brief period of time, and the Blaster worm would force your PC to reboot repeatedly.
Glad to finally put a name to the annoyingly threatening scareware? Does it irritate you when somebody calls spyware a virus? Be sure to send this article to them, and share your malware war stories in the comments.
Because worms often exploit a network vulnerability, they are the one type of malware that can be partially prevented by making sure your firewall is enabled and locked down—you’ll still need an updated antivirus software, of course.