What Is Malware?
Malware is software with ill-intent that can target your computer or device and leave you with a headache — or a big problem.
Updated October 21, 2021 • 3 min read
Malware (malicious software) refers to software that’s designed and used to compromise or damage computer systems. Malware takes a wide variety of forms and has been developed to meet a wide variety of nefarious goals, ranging from injecting ads to a webpage to remotely controlling an entire system. Creators of malware have continued to evolve the techniques they use to compromise security, evade detection, and realize their goals. In doing so, they have created a game of cat and mouse, trying to stay one step ahead of malware-detection solutions. In this overview, we break down the main types of malware, the motivations and goals associated with its use, and some of its implications for the cryptocurrency ecosystem.
Types of Malware
Malware attacks can be delivered through phishing emails, computer takeovers, or drive-by downloads — that is, without having either the consent of the user or their understanding of the consequences of their authorization. The objectives of malware vary, and can involve obtaining unauthorized access to information, passwords, or funds. Generally, malware is classified according to its specific attributes, including how it spreads. Some of the most common forms of malware include viruses, ransomware, and Trojan horses.
Computer viruses are programs that are written to self-replicate — spreading copies of themselves across computer systems. Much like a virus that infects living things, this replication is the defining trait of a malware virus. Viruses are known for causing numerous types of disruption and damage to the data and systems that they infect. It’s common for systems to run antivirus and malware-detection software to try to prevent infection by viruses, or remove them and reverse any changes they might have made if infection has already occurred.
Trojan Horse Malware
Malware falls into the Trojan horse classification when it poses as, or attaches itself to, legitimate applications or software. A user installs or executes the Trojan malware when they use the application that it has attached to. Often, a user may not notice that there’s anything wrong with their computer, as they can still use the application as intended; often completely unaware of what’s happening in the background. As with viruses, the sort of damage caused by Trojan horses varies. Primarily, “Trojan horse” refers to how malware executes and spreads, and is based on how the giant wooden horse described in Virgil’s Aeneid carried an army of soldiers into the ancient city of Troy disguised inside the horse’s belly.
Ransomware is the term given to malware based on the actions it takes when it executes, not on how it spreads. Ransomware operates by cryptographically locking or stealing data from an infected system. Typically, the ransomware will then inform the user that they need to make a payment to be able to gain access to their data again, or to stop stolen data from being publicly released. The level of professionalism behind some ransomware campaigns can be surprising: Many operations have an online support staff ready to chat with victims to help them make ransom payments to decrypt their data or prevent it from being leaked online.
Crypto malware is malware whose specific focus is to gain unauthorized access to computer systems to target or acquire cryptocurrency. One example of this is the illicit and secret mining of cryptocurrency on your computer, also known as cryptojacking. Cryptojackers aim to infect a large number of systems with crypto malware and use the combined computing power to mine cryptocurrencies and keep the rewards, all without paying for the associated electricity costs or hijacked mining hardware.
Other crypto malware might scan your computer for crypto wallet passphrases, wallet passwords, and other means of gaining access to any associated cryptocurrency that could be stored in a crypto wallet. One clever piece of malware detects when a crypto address is copied to a clipboard and replaces it, tricking the user into sending their crypto to the wrong address.
For this reason, many recommend using a hardware wallet for non-custodially storing significant amounts of crypto. For custodial storage of your crypto on a crypto exchange, many people recommend choosing a reputable exchange and following their security best practices, which usually include using two-factor authentication (2FA). Crypto malware is another type of malware that is classified by how it operates — or what it targets — rather than how it spreads.
Given the variety of ways in which malicious software can operate and spread, there is no single solution to staying safe from it. Instead, you should follow a number of best practices to limit the likelihood of falling victim to malware and reduce the impact of a malware infection were it to happen. The following are the minimum-level recommended steps you can take to stay safe from malware:
Exercise caution with the attachments you open and the email links you receive; many types of malware use email as a mechanism to spread to new systems
Install applications from reputable sources or official app stores only
Run an up-to-date antivirus and antimalware solution that includes malware detection and malware removal tools
Enable a host-based firewall if available
Backup your important data to an external location regularly
Update your operating system, software, and devices regularly
Never store passwords or wallet recovery phrases in an online device; physically write them down and/or use another security solution such as 2FA or a password manager
Cryptopedia does not guarantee the reliability of the Site content and shall not be held liable for any errors, omissions, or inaccuracies. The opinions and views expressed in any Cryptopedia article are solely those of the author(s) and do not reflect the opinions of Gemini or its management. The information provided on the Site is for informational purposes only, and it does not constitute an endorsement of any of the products and services discussed or investment, financial, or trading advice. A qualified professional should be consulted prior to making financial decisions. Please visit our Cryptopedia Site Policy to learn more.
Is this article helpful?