$4.99/mo - Save 61% With Exclusive 2-Year Plan + 4 Months Free!Claim Now

What is Malware?

  • Last updated June 24, 2024
  • Rachelle J. Alley
    Rachelle J. Alley
    Rachelle J. Alley
    Editor
    Tech enthusiast by day, movie fanatic by night. Rachelle spends her week consuming numerous cups of coffee and typing her way into online privacy and security. Weekends, in her life, call for binge-reading her favorite books and multiple naps.
    See Full Bio >
    written by
    Rachelle J. Alley
    Rachelle J. Alley
    Rachelle J. Alley
    Editor
    Tech enthusiast by day, movie fanatic by night. Rachelle spends her week consuming numerous cups of coffee and typing her way into online privacy and security. Weekends, in her life, call for binge-reading her favorite books and multiple naps.
    See Full Bio >
    Editor

Malware, short for malicious software, is any software intentionally designed to cause damage to a computer, server, client, or computer network. In today’s digital age, understanding what is malware, is crucial for maintaining the security of our personal and professional data.

With cyber threats becoming increasingly sophisticated, you must familiarize yourself with various types of malware and their potential impact. This glossary aims to provide clear definitions and explanations of common malware terms, helping you stay informed and better protected.

Key Terms and Concepts in Malware

Adware

Software that automatically displays or downloads advertising material when a user is online. Often installed without the user’s consent, it can be annoying and invasive.

Antivirus Software

A program designed to detect, prevent, and remove malware from computers and networks. It provides real-time protection and scans systems for threats.

Backdoor

A method by which unauthorized access to a computer system is obtained, bypassing normal authentication processes. It allows hackers to remotely control the system.

Botnet

A network of private computers infected with malicious software and controlled as a group without the owners’ knowledge. Often used for launching coordinated attacks.

Computer Virus

A type of malware that attaches itself to a program or file and spreads to other programs and files on the same computer. It can cause data corruption and loss.

Credential Stealing Malware

Malware that captures and sends login details such as usernames and passwords to the attacker. Often used to gain unauthorized access to sensitive accounts.

Denial-of-Service (DoS) Attack

An attack meant to shut down a machine or network, making it inaccessible to its intended users. It overwhelms the target with a flood of internet traffic.

Drive-by Download

A program that is automatically downloaded to a user’s computer without their consent or knowledge. Often exploited through compromised or malicious websites.

Exploit

A piece of software or code that takes advantage of a bug or vulnerability to cause unintended behavior on computer software or hardware. Used to gain unauthorized access.

Exploit Kit

A toolkit used to deliver and manage exploits, often used by cybercriminals to distribute malware. It automates the exploitation process to infect systems.

Firewall

A network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. It acts as a barrier between trusted and untrusted networks.

Formjacking

The use of malicious JavaScript code to steal credit card details and other information from payment forms on the checkout pages of e-commerce sites. It compromises online transactions.

Grayware

Unwanted applications or files that are not classified as malware but can worsen computer performance and pose security risks. Often includes adware and spyware.

Hacktivism

The act of hacking for politically or socially motivated purposes. Hacktivists use their skills to promote a cause or protest against organizations.

Hoax Virus

A virus that doesn’t cause harm but tricks users into believing their systems are infected. Often leads to unnecessary or harmful actions by the user.

Identity Theft

The fraudulent acquisition and use of a person’s private identifying information, usually for financial gain. It can result in significant financial and personal harm.

Injection Attack

A broad class of attacks where untrusted data is ‘injected’ into a program, causing it to behave in an unintended manner. Common types include SQL injection and command injection.

Jailbreaking

The process of removing restrictions imposed by the manufacturer on devices running the iOS operating system through software exploits. Allows installation of unauthorized apps.

Keylogger

A type of surveillance technology used to monitor and record each keystroke typed on a specific computer’s keyboard. Often used to steal sensitive information.

Logic Bomb

A piece of code intentionally inserted into a software system to set off a malicious function when specified conditions are met. It can cause significant damage.

Malware

Short for malicious software, it refers to any software intentionally designed to cause damage to a computer, server, client, or computer network. Includes viruses, worms, and Trojans.

Man-in-the-Middle Attack (MitM)

A type of cyber attack where the attacker secretly intercepts and relays messages between two parties who believe they are communicating directly. Used to steal data or inject malicious content.

Network Worm

A type of worm that spreads across networks by exploiting vulnerabilities in operating systems and software. It can cause widespread disruption.

Obfuscation

The act of deliberately making something unclear or difficult to understand. Often used to hide malicious code from detection.

Phishing

A method used by cybercriminals to trick individuals into providing sensitive information by pretending to be a legitimate entity. Often conducted via email or fake websites.

Polymorphic Virus

A type of virus that can change its code or appearance with each infection. This makes it difficult for antivirus software to detect and remove.

Ransomware

A type of malware that encrypts a victim’s files or locks their computer system, demanding a ransom payment to restore access. It can cause significant disruption and financial loss.

Rootkit

A collection of software tools that enable unauthorized users to gain control of a computer system without being detected. Often used to hide other malware.

Scareware

A type of malware designed to trick victims into purchasing and downloading unnecessary and potentially dangerous software. It often presents fake security alerts.

Spyware

Software that enables a user to obtain covert information about another’s computer activities by transmitting data covertly from their hard drive. Often used for surveillance and data theft.

Trojan Horse (Trojan)

A type of malware that disguises itself as a legitimate file or program to trick users into installing it. Once installed, it can perform malicious actions.

Typosquatting

A form of cybersquatting that relies on typographical errors made by users when inputting a website address into a web browser. Often used to redirect traffic to malicious sites.

Virus Signature

A unique string of bits, or binary pattern, of a known virus. Antivirus software uses virus signatures to detect and remove viruses.

Worm

A type of malware that replicates itself to spread to other computers. Unlike a virus, it does not need to attach itself to an existing program.

Zero-Day Exploit

An attack that exploits a previously unknown vulnerability in a computer application or operating system. Such vulnerabilities are known as zero-day vulnerabilities and are highly valuable to attackers.