What is Malware?

Kurt Baker - February 4, 2021

Malware (malicious software) is a program or code that is created to do intentional harm to a computer, network, or server. Cybercriminals develop malware to infiltrate a computer system discreetly to breach or destroy sensitive data and computer systems. Common types of malware include viruses, ransomware, keyloggers, trojans, worms, spyware, malvertising, scareware, backdoors, and mobile malware.

How to Detect Malware

No matter how well you try to avoid malware, you’re likely to run into newer, more innovative variants at some point. When you do, advanced malware protection is your best defense.

Advanced malware protection uses a unique and integrated combination of methods to prevent and detect known malware, unknown malware, and fileless malware. These methods include machine learning, exploit blocking, behavioral analysis, and blacklisting.

Traditional Antivirus (AV) is simply no longer effective to detect malware.

Signs You Have a Malware Infection

Signs and symptoms of malware can be obvious or discrete. Here are a few common signs that may indicate you have a malware infection:

  • Slow computer
  • Very frequent ads and pop-ups, especially if they appear in unexpected places
  • Battery drains rapidly
  • System crashes
  • Sudden loss in disk space
  • Browser settings change on their own
  • Browser redirects on its own
  • Unfamiliar apps appear on mobile device
  • Increase in system’s internet activity
  • Disabled antivirus product
  • Lost access to files or computer
  • Deleted files
  • Contacts receive strange messages from you

How to Remove Malware

The key to removing malware from your device is installing and running next-generation antivirus (NGAV) software. Upon detecting malware, NGAV can help identify and remediate malicious artifacts left behind from malicious activity.

For maximum efficacy, it’s crucial to keep your antivirus software updated so that it can stay ahead of constantly evolving malware attacks. The Falcon platform offers a next-gen solution that allows for automatic sensor update and constant system scans – users do not have to worry about manually updating the software or scanning for malware.

Here are some additional resources that can guide you through the process of removing malware:

How to Prevent Malware

For most businesses, deploying a breach prevention solution or platform that continuously monitors for malware attacks will be the first line of defense. Here are a few more tips to help you and your organization minimize the risks of a malware attack:

  • Keep your software updated: Set up automatic updates on all your devices because outdated software is more vulnerable to malware attacks.
  • Stay cautious and practice user vigilance: Anytime you are online you are vulnerable. Be wary of pop-ups, advertisements, and suspicious websites or links. Do not click on links in emails, mobile text messages, or social media messages sent from unknown users.
  • Use virtual private networks: VPNs allow you to go online safely, securely, and anonymously so your data and privacy stays protected.
  • Be wary of email attachments: Email phishing is one of the most common malware attacks. Never open emails from unknown senders or click on their attachments or images.
  • Only download apps from official app stores: Downloading trusted apps on your devices decreases your risk for malware.
  • Use strong passwords and multi-factor authentication
  • Don’t lend out your devices to others
  • Stay educated: Learning more about malware will keep yourself and any endpoint users aware of the risks involved while on the internet.

Types of Malware

In the years since the Morris Worm debuted, adversaries have applied a great deal of creativity to the concept of malware, coming up with new types of attacks as enterprise technology has evolved. The most common types of malware today are:

TypeDescription
RansomwareIn a ransomware attack, an adversary encrypts a victim’s data and offers to provide a decryption key in exchange for a payment. Ransomware attacks are usually launched through malicious links delivered via phishing emails, but unpatched vulnerabilities and policy misconfigurations are used as well.
Fileless MalwareFileless malware is a type of malicious activity that uses native, legitimate tools built into a system to execute a cyber attack. Unlike traditional malware, fileless malware does not require an attacker to install any code on a target’s system, making it hard to detect.
SpywareSpyware is a type of unwanted, malicious software that infects a computer or other device and collects information about a user’s web activity without their knowledge or consent.
AdwareAdware is a type of spyware that watches a user’s online activity in order to determine which ads to show them. While adware is not inherently malicious, it has an impact on the performance of a user’s device and degrades the user experience.
TrojanA trojan is malware that appears to be legitimate software disguised as native operating system programs or harmless files like free downloads. Trojans are installed through social engineering techniques such as phishing or bait websites.
WormsA worm is a self-contained program that replicates itself and spreads its copies to other computers. A worm may infect its target through a software vulnerability or it may be delivered via phishing or smishing. Embedded worms can modify and delete files, inject more malicious software, or replicate in place until the targeted system runs out of resources.
RootkitsRootkit malware is a collection of software designed to give malicious actors control of a computer network or application. Once activated, the malicious program sets up a backdoor exploit and may deliver additional malware
Mobile MalwareMobile malware is any type of malware designed to target mobile devices. Mobile malware is delivered through malicious downloads, operating system vulnerabilities, phishing, smishing, and the use of unsecured WiFi.
ExploitsAn exploit is a piece of software or data that opportunistically uses a defect in an operating system or an app to provide access to unauthorized actors. The exploit may be used to install more malware or steal data.
ScarewareScareware tricks users into believing their computer is infected with a virus. Typically, a user will see scareware as a pop-up warning them that their system is infected. This scare tactic aims to persuade people into installing fake antivirus software to remove the “virus.” Once this fake antivirus software is downloaded, then malware may infect your computer.
KeyloggerKeyloggers are tools that record what a person types on a device. While there are legitimate and legal uses for keyloggers, many uses are malicious. In a keylogger attack, the keylogger software records every keystroke on the victim’s device and sends it to the attacker.

Learn More

There are many important distinctions between malware and viruses. Learn about the characteristics of these two cyber threats, how a user can identify the type of attack, and how to best resolve it. Read: Malware vs Virus

Malware Resources

GET TO KNOW THE AUTHOR

Kurt Baker is the senior director of product marketing for Falcon Intelligence at CrowdStrike. He has over 25 years of experience in senior leadership positions, specializing in emerging software companies. He has expertise in cyber threat intelligence, security analytics, security management and advanced threat protection. Prior to joining CrowdStrike, Baker worked in technical roles at Tripwire and had co-founded startups in markets ranging from enterprise security solutions to mobile devices. He holds a bachelor of arts degree from the University of Washington and is now based in Boston, Massachusetts.