The name "malware" refers to the English term "malware", formed from two words: "malicious" and "software". There are other, more rare options - "badware", "computer contaminant", "crimeware". In the lexicon of some specialists, there are slang names "malicious", "malware". In everyday life, all malicious programs are often called computer viruses, although this is terminologically incorrect.
Malicious programs include any software that unauthorizedly penetrates computer equipment. Such applications cause direct or indirect damage - for example, disrupt computer operation or steal user's personal data.
Pests are created to achieve two main groups of goals. One of them boils down to gaining benefits from the injection into the victim's computer. For example, an attacker gains control over a computer, steals classified information, and carries out extortion. The second group of goals is not related to material gain. Writing malicious code can be a manifestation of the desire of the author who created the program to assert his skills, ordinary hooliganism or a joke.
According to Article 273 of the Criminal Code of the Russian Federation, computer programs or other information that are deliberately intended for unauthorized destruction, blocking, modification, copying of data or for neutralizing their protection should be considered as malicious objects.
Microsoft believes that malware is any piece of software designed to harm an individual computer or an entire network, a server. It does not matter at all whether such software is a virus, a trojan or a kind of spyware.
Classification of malware
The main types of malware are listed below.
1. Botnet agents. A botnet is a group of infected computers that receive commands from an attacker; the corresponding malicious program is responsible for receiving and executing these commands. Such a network can number from a few units to millions of computers, it is also called a zombie network.
2. Exploits - hacker utilities designed to exploit vulnerabilities in software.
3. Backdoors - programs for remotely connecting to a computer and managing it.
4. Computer viruses. It is customary to call a virus a program that injects its code into other applications (“infects” them), so that every time an infected object is launched, this code is executed.
5. Rootkits - means of hiding malicious activity (for example, other applications will not be able to detect files belonging to unwanted software).
6. Network worms are malicious programs with a wide variety of functional loads, which are capable of independently spreading over computer networks.
7. "Trojan horses" ("Trojans") - a wide class of malicious objects for various purposes, which usually do not have their own propagation mechanism (that is, they cannot infect files or replicate their copies over the network). The name comes from the early tactics of their infiltration - under the guise of a legitimate program or as a hidden addition to it.
Ransomware can be distinguished into a special group. The scenario of such malicious programs is that they in any way block the user's access to his data and demand a ransom for unblocking.
Objects of influence
Malware attacks spread to almost all Internet users. The purpose of the impact depends on the type of attacker: a bully, a petty thief or a cybercriminal. The consequences differ accordingly: one infection simply interferes with the normal operation of the computer, the other leads to financial losses, the third ends with the leakage of information constituting a commercial secret.
In recent years, various companies and organizations have often suffered from malware - primarily because of their ability to pay. A typical attack is to encrypt, for example, an accounting database and then demand payment to recover this business-critical information. Website servers are attacked by exploits, trojans and worms, from where cybercriminals steal information about customers and users, including bank card data, which threatens to lose finances, databases, and other corporate information.
Ordinary Internet users are also targets of malware injection. Of interest are personal data, information about bank accounts, email, passwords to access social networks. Quite often, the target of infections are gamers who have a large amount of game currency and rare artifacts.
Source of threat
The most dangerous and sophisticated malware programs are custom-built by government intelligence agencies or their associated cybercriminal groups. Such objects have a pronounced specificity and are aimed at a specific victim or group of victims. The purpose of their work can be the collection and theft of classified data or direct sabotage.
However, most malicious programs are created by common attackers not affiliated with organized cybercrime or intelligence agencies. By introducing their developments on a victim's computer, they can steal data to access bank accounts, carry out network attacks from an infected device, extort ransoms, advertise dubious products, or send spam. The source of the spread of pests is petty criminals who steal logins, passwords and other personal information (for example, the accounts of participants in online games) for the purpose of unauthorized use or sale.
Researchers who are in the process of inventing other methods of infection and countering anti-virus products can introduce malicious programs. The purpose of these programmers is not to gain profit, but to study the computer environment and test their ideas.
Risk analysis
Malware is often not viewed as a serious threat by PC users, although it is often the victim of credential theft or ransom lockdowns. Business, on the contrary, speaks of infections as a significant threat to their activities.
The spread is received by malicious programs that enter the devices of the Internet of Things. For example, a British company created a ransomware virus for a thermostat connected to Wi-Fi. Having gained control over the equipment, he is able to lower the temperature to a critical level and demand money. You can read more about the new malicious program in the article “Ransomware viruses got to the thermostats”.
There is no absolute protection against infections, but you can reduce the risk of a threat being realized. To do this, you need to install new versions of operating systems, monitor the update of all programs, use antivirus solutions from reliable manufacturers, prevent unauthorized persons from accessing the PC, do not open suspicious links, letters and files, and take a number of other protective measures.
Malicious programs include any software that unauthorizedly penetrates computer equipment. Such applications cause direct or indirect damage - for example, disrupt computer operation or steal user's personal data.
Pests are created to achieve two main groups of goals. One of them boils down to gaining benefits from the injection into the victim's computer. For example, an attacker gains control over a computer, steals classified information, and carries out extortion. The second group of goals is not related to material gain. Writing malicious code can be a manifestation of the desire of the author who created the program to assert his skills, ordinary hooliganism or a joke.
![85999_1.jpg](https://www.anti-malware.ru/files/85999_1.jpg)
According to Article 273 of the Criminal Code of the Russian Federation, computer programs or other information that are deliberately intended for unauthorized destruction, blocking, modification, copying of data or for neutralizing their protection should be considered as malicious objects.
Microsoft believes that malware is any piece of software designed to harm an individual computer or an entire network, a server. It does not matter at all whether such software is a virus, a trojan or a kind of spyware.
Classification of malware
The main types of malware are listed below.
1. Botnet agents. A botnet is a group of infected computers that receive commands from an attacker; the corresponding malicious program is responsible for receiving and executing these commands. Such a network can number from a few units to millions of computers, it is also called a zombie network.
2. Exploits - hacker utilities designed to exploit vulnerabilities in software.
3. Backdoors - programs for remotely connecting to a computer and managing it.
4. Computer viruses. It is customary to call a virus a program that injects its code into other applications (“infects” them), so that every time an infected object is launched, this code is executed.
5. Rootkits - means of hiding malicious activity (for example, other applications will not be able to detect files belonging to unwanted software).
6. Network worms are malicious programs with a wide variety of functional loads, which are capable of independently spreading over computer networks.
7. "Trojan horses" ("Trojans") - a wide class of malicious objects for various purposes, which usually do not have their own propagation mechanism (that is, they cannot infect files or replicate their copies over the network). The name comes from the early tactics of their infiltration - under the guise of a legitimate program or as a hidden addition to it.
Ransomware can be distinguished into a special group. The scenario of such malicious programs is that they in any way block the user's access to his data and demand a ransom for unblocking.
Objects of influence
Malware attacks spread to almost all Internet users. The purpose of the impact depends on the type of attacker: a bully, a petty thief or a cybercriminal. The consequences differ accordingly: one infection simply interferes with the normal operation of the computer, the other leads to financial losses, the third ends with the leakage of information constituting a commercial secret.
In recent years, various companies and organizations have often suffered from malware - primarily because of their ability to pay. A typical attack is to encrypt, for example, an accounting database and then demand payment to recover this business-critical information. Website servers are attacked by exploits, trojans and worms, from where cybercriminals steal information about customers and users, including bank card data, which threatens to lose finances, databases, and other corporate information.
Ordinary Internet users are also targets of malware injection. Of interest are personal data, information about bank accounts, email, passwords to access social networks. Quite often, the target of infections are gamers who have a large amount of game currency and rare artifacts.
Source of threat
The most dangerous and sophisticated malware programs are custom-built by government intelligence agencies or their associated cybercriminal groups. Such objects have a pronounced specificity and are aimed at a specific victim or group of victims. The purpose of their work can be the collection and theft of classified data or direct sabotage.
However, most malicious programs are created by common attackers not affiliated with organized cybercrime or intelligence agencies. By introducing their developments on a victim's computer, they can steal data to access bank accounts, carry out network attacks from an infected device, extort ransoms, advertise dubious products, or send spam. The source of the spread of pests is petty criminals who steal logins, passwords and other personal information (for example, the accounts of participants in online games) for the purpose of unauthorized use or sale.
Researchers who are in the process of inventing other methods of infection and countering anti-virus products can introduce malicious programs. The purpose of these programmers is not to gain profit, but to study the computer environment and test their ideas.
Risk analysis
Malware is often not viewed as a serious threat by PC users, although it is often the victim of credential theft or ransom lockdowns. Business, on the contrary, speaks of infections as a significant threat to their activities.
The spread is received by malicious programs that enter the devices of the Internet of Things. For example, a British company created a ransomware virus for a thermostat connected to Wi-Fi. Having gained control over the equipment, he is able to lower the temperature to a critical level and demand money. You can read more about the new malicious program in the article “Ransomware viruses got to the thermostats”.
There is no absolute protection against infections, but you can reduce the risk of a threat being realized. To do this, you need to install new versions of operating systems, monitor the update of all programs, use antivirus solutions from reliable manufacturers, prevent unauthorized persons from accessing the PC, do not open suspicious links, letters and files, and take a number of other protective measures.