What Is Malware? Definition, Examples, and More

eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Malicious software, or malware, is designed to disrupt the regular function of a network or device, gain unauthorized access to hardware or systems, or send user data to others without that user’s consent.

Malware has been around since the 1980s, with early prank malware like the Morris Worm or the (c)Brain. Today, malware is a common threat to anyone who uses the Internet.

Since 2008, antivirus and cybersecurity software testers AV-TEST have kept track of the number of newly developed malware worldwide, totaling over 1.2 billion as of December 2024. A February 2024 Statista report counted 6.06 billion malware attacks worldwide in 2023 alone.

From ransomware attacks locking businesses out of their data until they pay millions to spyware tracking users’ every move through their infected device, malware can have devastating consequences. With so many attacks and unique types of malware, it’s essential to know how malware works, how it can infect your devices, and what to do if you find yourself infected.

How Malware Works

Malware’s functions vary depending on what type of malware you’re dealing with. However, the methods involving how they are triggered are similar. Malware must be injected into a device or network, and it will begin working if it gains access. Attackers trick users into performing an action that allows the malicious code to be downloaded onto their device, such as clicking a link in an email or visiting an infected website.

Once installed, malware exploits the system to perform harmful actions and disrupt system functions, often without the user’s knowledge or consent. Malicious attackers often use malware as a tool for several different purposes.

Want to Learn More About Malware? Check Out The History of Computer Viruses & Malware

The Goal of Malware Attacks

Attackers use malware to achieve various goals. Some of these include stealing information, vandalism, gaining access to resources, monetary gain, or just to cause chaos:

• Intelligence gathering: An attacker can gather information about the user, system, or network, exfiltrate data such as emails and documents, or steal sensitive information like passwords or personally identifiable information (PII).
• Destruction or vandalism: Malware, such as logic bombs, can remain hidden in an infected system until a specific condition is met. Then, the malware releases the payload that can delete files, destroy computer systems, and damage your network infrastructure.
• Steal computer resources: Attackers install software on your computer to use its resources. This could include using a PC’s computing power to run botnets and crypto-mining programs (crypto-jacking) or accessing the victim’s email client to send spam emails.
• Monetary gain: Malicious actors can install ransomware on a victim’s system or network and demand payment to relinquish control. Alternatively, they can steal proprietary data or your organization’s intellectual property and sell it on the dark web.

To better understand how bad actors leverage different malware in their attacks, we’ll explore some common types and how they function.

Common Types of Malware

Each type of malware has unique characteristics and methods of infection. These malicious programs can disguise themselves as legitimate software to exploit vulnerabilities to record keystrokes, steal data, encrypt files, install additional malware, or access sensitive data and resources:

• Trojans: Named after the Trojan Horse from Homer’s Odyssey and Virgil’s Aeneid, trojans function similarly by convincing users to install them on their devices via social engineering schemes. This can include downloading free programs like games or screensavers, visiting questionable video-hosting websites, or opening an attachment infected with the trojan. However, trojans are less of a malware type and more of a tool used to deliver malware into a system.
• Keylogger: Once it infects your device, a keylogger will start tracking every keystroke you make and sending a log of those keystrokes to the hacker, allowing them to reconstruct any sensitive information you might have entered after infection, such as your PIN, password, or social security number.
• Adware: Easily one of the most frustrating types of malware, adware is software designed to harass users with unwanted or malicious ads. Adware is often installed onto a device by users who don’t know what they’re downloading or by hiding it in other software like browser toolbar plugins. Adware advertisements might appear where ads typically don’t appear, likely unrelated to the software you’re using, or even perform unwanted tasks on your device.
• Spyware: As the name implies, spyware hides on your devices to monitor and transmit your data to the attacker(s) who deployed it. This information can include what websites you visit, your download history, or even your bank PIN. This software can function similarly to Facebook or Google’s targeted ad technology that tracks which websites you visit and provides ads based on that history.
• Ransomware: This is one of the most dangerous kinds of malware. Ransomeware can slip into a network or device and encrypt sensitive files or lock down the entire device unless the victims pay the attacker a fee or “ransom” to regain access to the device, decrypt the files, and prevent the data from being leaked to the public.
  
  If you need to learn more about how to keep your data safe, take a look at Ransomware Prevention: How to Protect Against Ransomware

• Rootkits: Rootkits are stealthy malware that infects the system’s core or “root” without being detected. They usually contain several malicious tools to spy on users, use bots to launch cyberattacks like a distributed denial-of-service (DDoS) attack, or install a backdoor the attacker can use to gain access to the machine. Rootkits are incredibly difficult to find with a regular virus scanner. However, tools like rootkit scanners can help detect and remove them.
  
  Need more intel on rootkits? Check out Top 6 Rootkit Threats and How to Protect Yourself

As mentioned, malware attempts to remain hidden in a victim’s system and can sometimes evade detection tools like anti-virus scanners. However, there are ways to check if your system has been infected.

Common Signs of Malware Infection

While malware comes in various forms, it shares some characteristics. One of these is its effect on a computer’s functionality.

Malware can cause a computer to perform poorly, make random or unwanted changes to your files and applications, restrict access to system tools and settings, or crash your computer altogether.

• Perform unwanted tasks: Computers infected with malware may randomly open new browser tabs or pop-ups, visit random websites without you clicking on anything, change your browser’s homepage, or install new toolbars and plugins.
• Restrict system access: Malware may change system settings and user access to these settings without your knowledge. You may be infected if you could once access system settings like the control panel or task manager and suddenly cannot.
• Virus protection disabled: Malware can disable antivirus and other protections so they can’t detect it.
• Corrupted files: Files can be accessed, altered, deleted, or even encrypted to restrict access to regular users.
• Slow performance or computer crashes: Your computer suddenly starts running extremely slowly or randomly freezes and crashes. This can be a sign that malware is infecting it and using too much RAM or resources.

If you suspect your computer or network is infected with malware, there are tools and techniques you can use to remove the infection and get your system back to normal.

Need to Know More About How Malware Can Infect Your Device? Take a Look at 8 Ways Malware Creeps Onto Your Device.