What Is Malware?

Types of Malware

Malware attacks can be delivered through phishing emails, computer takeovers, or drive-by downloads — that is, without having either the consent of the user or their understanding of the consequences of their authorization. The objectives of malware vary, and can involve obtaining unauthorized access to information, passwords, or funds. Generally, malware is classified according to its specific attributes, including how it spreads. Some of the most common forms of malware include viruses, ransomware, and Trojan horses.

Malware Viruses

Computer viruses are programs that are written to self-replicate — spreading copies of themselves across computer systems. Much like a virus that infects living things, this replication is the defining trait of a malware virus. Viruses are known for causing numerous types of disruption and damage to the data and systems that they infect. It’s common for systems to run antivirus and malware-detection software to try to prevent infection by viruses, or remove them and reverse any changes they might have made if infection has already occurred.

Trojan Horse Malware

Malware falls into the Trojan horse classification when it poses as, or attaches itself to, legitimate applications or software. A user installs or executes the Trojan malware when they use the application that it has attached to. Often, a user may not notice that there’s anything wrong with their computer, as they can still use the application as intended; often completely unaware of what’s  happening in the background. As with viruses, the sort of damage caused by Trojan horses varies. Primarily, “Trojan horse” refers to how malware executes and spreads, and is based on how the giant wooden horse described in Virgil’s Aeneid carried an army of soldiers into the ancient city of Troy disguised inside the horse’s belly.

Ransomware

Ransomware is the term given to malware based on the actions it takes when it executes, not on how it spreads. Ransomware operates by cryptographically locking or stealing data from an infected system. Typically, the ransomware will then inform the user that they need to make a payment to be able to gain access to their data again, or to stop stolen data from being publicly released. The level of professionalism behind some ransomware campaigns can be surprising: Many operations have an online support staff ready to chat with victims to help them make ransom payments to decrypt their data or prevent it from being leaked online.

Crypto Malware

Crypto malware is malware whose specific focus is to gain unauthorized access to computer systems to target or acquire cryptocurrency. One example of this is the illicit and secret mining of cryptocurrency on your computer, also known as cryptojacking. Cryptojackers aim to infect a large number of systems with crypto malware and use the combined computing power to mine cryptocurrencies and keep the rewards, all without paying for the associated electricity costs or hijacked mining hardware.

Other crypto malware might scan your computer for crypto wallet passphrases, wallet passwords, and other means of gaining access to any associated cryptocurrency that could be stored in a crypto wallet. One clever piece of malware detects when a crypto address is copied to a clipboard and replaces it, tricking the user into sending their crypto to the wrong address.

For this reason, many recommend using a hardware wallet for non-custodially storing significant amounts of crypto. For custodial storage of your crypto on a crypto exchange, many people recommend choosing a reputable exchange and following their security best practices, which usually include using two-factor authentication (2FA). Crypto malware is another type of malware that is classified by how it operates — or what it targets — rather than how it spreads.

Malware Protection

Given the variety of ways in which malicious software can operate and spread, there is no single solution to staying safe from it. Instead, you should follow a number of best practices to limit the likelihood of falling victim to malware and reduce the impact of a malware infection were it to happen. The following are the minimum-level recommended steps you can take to stay safe from malware:

• Exercise caution with the attachments you open and the email links you receive; many types of malware use email as a mechanism to spread to new systems

• Install applications from reputable sources or official app stores only

• Run an up-to-date antivirus and antimalware solution that includes malware detection and malware removal tools 

• Enable a host-based firewall if available

• Backup your important data to an external location regularly 

• Update your operating system, software, and devices regularly

• Never store passwords or wallet recovery phrases in an online device; physically write them down and/or use another security solution such as 2FA or a password manager