Table of Contents
Understanding the difference between malware and viruses is very important. A virus is just one type of malware, but the term is more widely used by the public. Malware is a program designed to gain access to computer systems, normally for the benefit of some third party, without the user’s permission. Malware includes computer viruses, worms, Trojan horses, ransomware, spyware and other malicious programs.
A virus is a malicious executable code attached to another executable file which can be harmless or can modify or delete data. The terms “virus” and “malware” are often used interchangeably. However, they are technically different.
Differences Between Virus and Malware
Here the some of the key differences between Malware and Viruses are outlined below in the table,
|Difference Between Malware and Virus|
|The full form of Virus is Vital Information Resource Under Seize||The full form of Malware is Malicious Software|
|A Virus is a malicious executable code attached to another executable file which can be harmless or can modify or delete data.||Malware is a program designed to gain access to computer systems, normally for the benefit of some third party, without the user’s permission.|
|Types of Virus include:
||Types of Malware include:
|Antivirus software is used to remove viruses from a computer device and
for protection against viruses.
|Antimalware software is used for protection against malware within a computer system.|
|Virus is a type of Malware.||Malware contains several programs and viruses are one of them.|
|Examples of Antivirus software are:
||Examples of Anti-Malware software include:
A computer virus, much like a flu virus, is designed to spread from host to host and has the ability to replicate itself. Similarly, in the same way that flu viruses cannot reproduce without a host cell, computer viruses cannot reproduce and spread without programming such as a file or document.
Virus is a type of malware that has specific way of distribution: Virus attaches itself to other executables (or bootsectors/ USB auto-runs). They either corrupt original executables or launch them upon execution and then try to infect other files/devices or perform other malicious tasks. Thus viruses are different from other malware like Worms (that search for vulnerabilities for infection), trojans ( that pretend to be something else) as other parasites have no capabilities to attach themselves to the executable file itself rather than completely replace it.
Types of Computer Virus
Boot Sector Virus
A boot sector virus damages or controls the boot sector on the drive, rendering the machine unusable. Your computer drive has a sector solely responsible for pointing to the operating system so that it can boot into the interface. Attackers will usually spread this virus type using a malicious USB device. The virus is activated when users plug in the USB device and boot their machine.
Direct Action Virus
These viruses can also remain dormant until a specific action is taken or a timeframe passes. When a user executes a seemingly harmless file attached with malicious code, direct action viruses deliver a payload immediately.
Web Scripting Virus
Most browsers have defenses against malicious web scripts, but older, unsupported browsers have vulnerabilities that allow an attacker to run code on the local device.
Polymorphic viruses make it more difficult for an antivirus to detect and remove them. Malware authors can use polymorphic code to change the program’s footprint to avoid detection.
A virus that can change the settings on your browser will hijack browser favorites, the home page URL, your search preferences and redirect you to a malicious site. The site could be a phishing site or an adware page used to steal data or make money for the attacker.
These malicious programs spread across a network or other systems by copying themselves or injecting code into critical computer resources.
Macro viruses deliver a payload when the file is opened, and the macro runs. Microsoft Office files can run macros, and these macros can be used to download additional malware or run malicious code.
This malware may stay dormant until a specific date, time, or a user performs an action. A virus that can access computer memory and sit dormant until a payload is delivered is considered a resident virus.
File Infector Virus
When the system boots or the program runs, the virus is activated. To persist on a system, a threat actor uses file infector viruses to inject malicious code into critical files that run the operating system or important programs.
Symptoms of Computer Virus
There are many telling symptoms of a computer virus infection, including the following:
- Constant pop-up windows that tell you to visit untrustworthy sites or prompt you to download anti-virus programs.
- Your homepage may look different, and you can’t change it back to its original form.
- Your email account sends mass emails designed to look as if you sent them.
- Your computer or device crashes constantly and eventually, you can turn them back on to function as intended.
- Your computer performance is unusually slow and processing speed is unreliable.
- Unrecognizable programs initiate when you launch your computer, and you only notice them at the time you turn on your device.
- You notice password changes are made, and you can no longer log into your devices.
Examples of Computer Virus
The web contains millions of computer viruses, but only a few have gained popularity and infect record numbers of machines. Some examples of widespread computer viruses include:
- Morris Worm
- SQL Slammer
What Causes Computer Viruses?
Modern browsers have defenses against local machine code execution, but third-party software installed on the browser could have vulnerabilities that allow viruses to run locally.
Computer viruses are standard programs, only instead of offering useful resources, these programs can damage your device. For a threat actor to execute a virus on your machine, you must initiate execution. In some cases, an attacker can execute malicious code through your browser or remotely from another network computer.
What Does a Computer Virus Do?
A virus can damage programs, delete files and reformat or erase your hard drive, which results in reduced performance or even crashing your system entirely. Hackers can also use viruses to access your personal information to steal or destroy your data. way a computer virus acts depends on how it’s coded. It could be something as simple as a prank that doesn’t cause any damage, or it could be sophisticated, leading to criminal activity and fraud.
A virus that infects a host device will continue delivering a payload until it’s removed. Most antivirus vendors have small removal programs that eliminate the virus.
How do Computer Viruses Attack and Spread
Computer viruses can be spread via email, with some even capable of hijacking email software to spread themselves. Others may attach to legitimate software, within software packs, or infect code, and other viruses can be downloaded from compromised application stores and infected code repositories.
Viruses were spread between devices using floppy disks. Nowadays, viruses can still be spread via hard disks and Universal Serial Bus (USB) devices, but they are more likely to be passed between devices through the internet. A key feature of any computer virus is it requires a victim to execute its code or payload, which means the host application should be running.
Most Dangerous Computer Virus
The worst computer virus in the world is the Mydoom virus that induced around $38 billion in damage in 2004. Mydoom virus is originated from Russia and is written in C++ programming language. My Doom is one of the fastest spreading virus of all time, it effected one in 12 emails at its peak. The worm spreads itself by appearing as an email transmission error and contains an attachment of itself and the first version of the worm, appeared on January 26, 2004.
Mydoom caused estimated damage of $38 billion in 2004, but its inflation-adjusted cost is actually $52.2 billion. Also known as Novarg, this malware is technically a “worm,” spread by mass emailing. At one point, the Mydoom virus was responsible for 25% of all emails sent. The worm was created to disrupt SCO due to conflict over ownership of some Linux code.
Users would open an attachment like “Mail Transaction Failed”. Its aim was to take down websites like Google and Lycos. It managed to take out Google for almost a day. It spread via email and through a peer-to-peer network. The virus creates a backdoor in the victim’s computer’s operating system to allow remote access and second it launches a denial of service attack on the controversial SCO Group.
How to Prevent Computer Viruses
Computer viruses can damage your PC, send sensitive data to attackers, and cause downtime until the system is repaired. By the following some methods can take preventions on catching the system by viruses.
- Install antivirus software: Antivirus should run on any device connected to the network. It’s your first defense against viruses. Antivirus software stops malware executables from running on your local device.
- Keep your operating system updated: Developers for all major operating systems release patches to remediate common bugs and security vulnerabilities. Always keep your operating system updated and stop using end-of-life versions (e.g., Windows 7 or Windows XP).
- Don’t open executable email attachments: Many malware attacks including ransomware start with a malicious email attachment. Executable attachments should never be opened, and users should avoid running macros programmed into files such as Microsoft Word or Excel.
- Don’t use pirated software: Free pirated software might be tempting, but it’s often packaged with malware. Download vendor software only from the official source and avoid using software that’s pirated and shared.
- Avoid questionable websites: Older browsers are vulnerable to exploits used when just browsing a website. You should always keep your browser updated with the latest patches, but avoiding these sites will stop drive-by downloads or redirecting you to sites that host malware.
What is an Anti-Virus?
An anti-virus is a software which comprises programs or set of programs which can detect and remove all the harmful and malicious software from your device. This anti-virus software is designed in a manner that they can search through the files in a computer and determine the files which are heavy or mildly infected by a virus. Given below is a list of few of the major antivirus software which is most commonly used:
- Norton Antivirus
- F-Secure Antivirus
- Kaspersky Antivirus
- AVAST Antivirus
- Comodo Antivirus
- McAfee Antivirus
Some Other Computer Viruses
- Mimail: This worm tried to harvest data from infected machines to launch a string of DDoS attacks, but was relatively easy to remove.
- Yaha: Yet another worm with several variants, thought to be the result of a cyber-war between Pakistan and India.
- Swen: Written in C++, the Swen computer worm disguised itself to look like a 2003 OS update. Its financial cost has been pegged at $10.4 billion, but not reliably.
- Storm Worm: This worm showed up in 2007 and attacked millions of computers with an email about approaching bad weather.
- Tanatos/ Bugbear: A 2002 keylogger virus that targeted financial institutions and spread to 150 countries.
- Sircam: A computer worm from 2001 that used counterfeit emails with the subject line, “I send you this file in order to have your advice.”
- Explorezip: This worm used fake emails to spread to every machine on thousands of local networks.
- Melissa: The most dangerous computer virus in 1999, Melissa sent copies of itself that looked like NSFW pics. The U.S. FBI estimated cleanup and repair costs at $80 million.
- Flashback: A Mac-only virus, Flashback infected over 600,000 Macs in 2012 and even infected Apple’s home base in Cupertino, Calif. In 2020, there’s now more malware on Macs than on PCs.
- Conficker: This 2009 virus still infects many legacy systems and could do significant damage if it ever activates.
- Stuxnet: This worm is reported to have destroyed Iranian nuclear centrifuges by sending damaging instructions.
Malware is a more generic term – Malicious Software. That is all software that has malicious intent or malicious distribution method. Malware is software written specifically to harm and infect the host system that attempts to steal information from your computer, such as passwords, bank details, credit card details etc. The most common form of malware is a keylogger which does just what it says, every time you enter a site it will log the keys that you press and send them back to the originator of the keylogger.
Malware includes viruses along with other types of software such as trojan horses, worms, spyware, and adware. Advanced malware such as ransomware are used to commit financial fraud and extort money from computer users.
Common types of malware
- Virus: As discussed, Virus is a specific type of malware by itself. It is a contagious piece of code that infects the other software on the host system and spreads itself once it is run. It is mostly known to spread when software is shared between computers. This acts more like a parasite.
- Adware: Adware is also known as advertising-supported software. It is software which renders advertisements for the purpose of generating revenue for its author. The advertisements are published on the screen presented to the user at the time of installation. Adware is programmed to examine which Internet sites, the user visits frequently and to present and feature related advertisements. Not all adware has malicious intent, but it becomes a problem anyway because it harms computer performance and can be annoying.
- Spyware: This type of malicious software, spies on you, tracks your internet activities. It helps the hacker in gathering information about the victim’s system, without the consent of the victim. This spyware’s presence is typically hidden from the host and it is very difficult to detect. Some spyware like keyloggers may be installed intentionally in a organization to monitor activities of employees.
- Worms: This type of malware will replicate itself and destroys information and files saved on the host PC. It works to eat up all the system operating files and data files on a drive.
- Trojan: Trojans are a type of virus that are designed to make a user think they are a safe program and run them. They may be programmed to steal personal and financial information, and later take over the resources of the host computer’s system files. In large systems it may attempt to make a host system or network resource unavailable to those attempting to reach it. Example: you business network becoming unavailable.
- Ransomware: Ransomware is an advanced type of malware that restricts access to the computer system until the user pays a fee. Your screen might show a pop up warning that your have been locked out of your computer and that you can access only after paying the cyber criminal. The cyber criminal demands a ransom to be paid in order for the restriction to be removed. The infamous Cryptolocker is one type of ransomware.
- Rootkit: Rootkit is a form of malware that provides the attacker with administrator privileges on the infected system, also known as “root” access. Typically, it is also designed to stay hidden from the user, other software on the system, and the operating system itself.
- Keylogger: A keylogger is malware that records all the user’s keystrokes on the keyboard, typically storing the gathered information and sending it to the attacker, who is seeking sensitive information like usernames, passwords, or credit card details.
- Exploits: Exploits are a type of malware that takes advantage of bugs and vulnerabilities in a system in order to give the attacker access to your system. While there, the attacker might steal your data or drop some form of malware.
How to Detect Malware
Malware can be detected using Advanced malware analysis and detection tools exist such as firewalls, Intrusion Prevention Systems (IPS), and sandboxing solutions. Some malware types are easier to detect, such as ransomware, which makes itself known immediately upon encrypting your files.
Some other malware like spyware, may remain on a target system silently to allow an adversary to maintain access to the system. Regardless of the malware type or malware meaning, its detectability or the person deploying it, the intent of malware use is always malicious.
How Does a Malware Spread
- Email: Some malicious emails can even infect your computer from the email client’s preview, without you opening or downloading an attachment or a link.
- The Internet: Perusing the Web may feel like a private activity, but actually, if you are revealing your computer to unwanted contact with anyone else who has a computer and Internet access.
- Outdated software: Malwares can creep the Internet, if you are looking for intrusions of out of dated software to spread its effects over computer systems.
- Local Area Networks (LANs): A LAN is a group of locally interconnected computers that can transform and share data and information through a private network. If one computer within the network gets malware infected, all other computers in the LAN network will automatically become infected as well.
- Instant messaging (IM) and peer-to-peer (P2P) file-sharing systems: If anyone is using a client for these online activities, malware may spread to your system.
- Social networks: If a website account is infected with a virus, anyone who visits the profile page of the website could “catch” the worm on their system. Malware creators take advantage of many popular social networks, infecting the giant user-data networks with viruses.
- Pop-ups: If anyone distinctly underhanded and widespread “hoax pop-up” claiming to scan your computer and detect malware. Some of the most refined malware spreads through mislead screen pop-ups that look like genuine alerts or messages. If you attempt to remove the malware as encouraged, you will be actually install the malware to the system
- Computer storage media: Malware can be easily transformed while you are transferring computer storage media with others, like USB drives, DVDs, and CDs. If it may seem safe to open a CD of photos from others, it’s always best to scan unfamiliar files first for possible security risks before you copy or open them.
- Mobile devices: Mobile malware threats have become progressively frequent, because more people are using their smartphones and tablets as mini-computers, helping malware problems accumulate across further platforms.
How to protect against malware
Here is some tips on protecting against malware,
- Pay attention to the domain and be wary if the site isn’t a top-level domain, i.e., com, mil, net, org, edu, or biz, to name a few.
- Use strong passwords with multi-factor authentication. A password manager can be a big help here.
- Avoid clicking on pop-up ads while browsing the Internet.
- Avoid opening email attachments from unknown senders.
- Do not click on strange, unverified links in emails, texts, and social media messages.
- Don’t download software from untrustworthy websites or peer-to-peer file transfer networks.
- Stick to official apps from Google Play and Apple’s App Store on Android, OSX, and iOS (and don’t jailbreak your phone). PC users should check the ratings and reviews before installing any software.
- Make sure your operating system, browsers, and plugins are patched and up to date.
- Delete any programs you don’t use anymore.
- Back up your data regularly. If your files become damaged, encrypted, or otherwise inaccessible, you’ll be covered.
Antimalware and antivirus solutions
- Signature-based scanning. This is a basic approach that all antimalware programs use, including free ones. Signature-based scanners rely on a database of known virus signatures. The success of the scanner depends on the freshness of the signatures in the database.
- Heuristic analysis. This detects viruses by their similarity to related viruses. It examines samples of core code in the malware rather than the entire signature. Heuristic scanning can detect a virus even if it is hidden under additional junk code.
- Real-time behavioral monitoring solutions. These seek unexpected actions, such as an application sending gigabytes of data over the network. It blocks the activity and hunts the malware behind it. This approach is helpful in detecting file less malware.
- Sandbox analysis. This moves suspect files to a sandbox or secured environment in order to activate and analyze the file without exposing the rest of the network to potential risk.
Download Entri App, Entri provides you effective learnings in a period of time with the help of expert teams and you can accomplish the goal with the Entri App. Start your preparation for your dream government job with Entri App. We provide a wide range of courses over different government exams. We are providing you the best platform for the preparations for every prestigious exam. Here you can get access to a number of mock tests and get daily practice GK and Current affairs questions.
For candidates preparing for competitive exams like Bank Exam, UPSC exam and other Government Exams. Static GK connotes general knowledge about the static facts, the facts that are never going to change in the future. Entri App provides you with the best knowledge in GK and coaches candidates on different exams in your local language.