‘Virus’ has become a catch-all term for all malicious computer software, but technically it is a small piece of software that piggybacks on real, executable programs. Each time the legitimate program runs, the virus runs, giving it an opportunity to serve its malicious purpose and reproduce - through attaching itself to other programs. It is important to understand the true definition of a virus if you want to understand how they, and other forms of malware, infect computers.
Basic viruses can’t spread on their own and instead rely on human interaction to transmit them between computers. They corrupt documents, programs and other files that are transferred between individuals electronically or via portable media. When an unsuspecting user receives the infected file or media, they spread the virus to their computer by opening the file or running the program.
E-mail viruses travel as attachments to e-mail messages and replicate by mailing themselves to people in the victim's e-mail address book. Some e-mail viruses don't even require a double-click, as they can launch when the recipient views the infected message in the preview pane of e-mail software.
Worms are insidious and self-spreading software applications, which can infect many computers over a network - without human involvement - by using specific security holes to replicate themselves. The worm scans the network for another machine that has a specific security hole, and uses it to copy itself to the new machine before replicating from there. Through this method, computer worms spread much faster than computer viruses.
Trojan horses are computer programs that disguise their purpose. A Trojan identifies itself as a useful application such as a game or web app, but instead releases malicious code or malware when run. Trojan horses can’t replicate automatically, but can be hard to detect. Free software downloads are the most common source of Trojans. Antivirus software, firewalls and anti virus protection are the best line of defence against them.
Spyware doesn’t spread like a computer virus or a worm. Usually, an infected system doesn’t try to transmit the infection to other computers. Instead, spyware gets on a system by deceiving you or by exploiting your software vulnerabilities. Most spyware is installed without your knowledge, through deception either by the Trojan horse method, or by ‘piggybacking’ on a piece of desirable software.
To ‘piggyback’ into your system, spyware is bundled with other desirable software. When you download a program, the installer also installs the spyware. Users rarely read the full detail of software license agreements that appear with downloads – these should be read carefully to make sure the program is what it claims to be. As a basic precaution, you should check these before accepting a download – an authentic license agreement should have a paragraph stating that your ‘P.I.I.’ - Personally Identifiable Information - will not be shared with third parties.
Although the desirable software itself could be benign, the bundled spyware can serve malicious purposes. Some spyware developers may have financial arrangements with shareware authors to bundle spyware with their software or repackage desirable freeware with installers that slipstream spyware. Spyware can also infect a system through security holes in web browsers or other software. When you browse a website manipulated by the spyware author, embedded malicious code attacks the browser and forces the installation of spyware. Such attacks are known as a ‘drive-by downloads’, as the victims are innocent bystanders.
What is a rootkit?
What is a keylogger?
What is ransomware?
Was this article helpful?