Malicious Software, or “malware,” comes in several forms.
Viruses are programs, typically small in size, which can copy themselves to infect another computer and are spread by sharing infected media, or files over the network, typically via e-mail, or malicious or hacked web sites.
Worms are a form of malware similar to viruses that spread automatically over a network. Worms take advantage of flaws in programs and can infect a large number of computers in a very short time.
A Trojan Horse or Trojan, like its namesake from The Aeneid, is a program that masquerades as something it isn’t. Trojans frequently carry other malware hidden inside their code: their main purpose is to evade detection by anti-virus programs.
Spyware and Adware are programs that track your activities on the web. They are frequently used to target spam e-mails to a more receptive audience based on their web browsing habits.
A Rootkit is particularly nasty. This malware imbeds itself deep within a computer’s software or hardware making detection extremely difficult. Computers with a rootkit installed are frequently used by attackers to compromise other systems.
Fake Anti-virus Software is one of the newest versions of malware being seen on the Internet. This software falsely reports a malware infection and then tries to con the victim into purchasing a “fix” to remove the infection.
Over the past decade there have been major changes in the quality of malicious software. Early on, viruses were simple scripts—easy to detect and, while often extremely damaging, were very manageable. The most common attacker creating a virus was a “script-kiddie,” a person without formalized training who was modifying other programs to create new viruses. As a result, viruses were often so poorly written that they were unable to run properly.
But, things have changed.
Organized crime has become involved in the generation of malware. Frequently used to steal information needed to commit identity theft, malware has become big business. “Screen scrapers” pass along what is shown on your computer screen to the identity thief. “Key loggers” keep track of everything you type, including passwords and account information.
Gone is the amateur “script-kiddie” creating viruses for thrills, replaced by skilled coders writing applications that create customized malware for the purchaser. One such application, called Zeus, offers different levels of service for a price—automatically generating malware to evade detection or disable those detection programs entirely. How successful they are depends on the price willing to be paid by the attacker.