All savvy computer users know that viruses, spyware, bots, worms and Trojan Horses (collectively known as “malicious software,” or “malware”) are bad, and that they need special programs to deal with these problems. What’s not commonly known, or even taught by major computer manufacturers, are the reasons why malware is bad, and why a person should even care.
Regarding computer viruses, we find the following from Wikipedia.org: “…a virus is a self-replicating program that spreads by inserting copies of itself into other programs. Thus, a computer virus behaves in a way similar to a biological virus, which spreads by inserting itself into living cells. Extending the analogy, the insertion of a virus into a computer program is termed infection, and the infected file is called a host.”
Spyware is typically defined as software that secretly gathers information about a computer user, and then sends this information to someone else. Malicious “bots” (as in “robots”) are automated programs that repeatedly perform certain tasks, such as covertly sending spam email, and are often used to remotely control computers. Like viruses, worms are self-contained and do not need to be part of another program in order to spread across a network. Trojan Horses are simply malware disguised as something else (beware of what you download).
Malware succeeds largely because of two things: user interaction and programming flaws. All it takes to infect a computer is to open a malicious email attachment, or visit the wrong website. Some malware succeeds by exploiting security flaws in operating systems like Microsoft Windows, or programs such as Internet Explorer.
What malware does once deployed is similar to a well-planned museum burglary that you might see in a movie. Take, for example, the Beagle worm, also known as W32.Beagle@mm. The Beagle worm is a mass-mailing worm that sends email to addresses harvested from infected systems, and is launched by opening an email attachment. It quickly goes to work disabling antivirus and firewall programs. It then changes the system settings so that the worm runs when Windows is started. It next attempts to download and run a file from a remote website, and then installs a file named something like “crack,” “porno” or “leak.” It also disables the Windows Security Center (a feature of Windows XP) and opens a “backdoor” to the Internet. After scouring the computer for email addresses, such as those in an email address book, it then sends spam email to those addresses with the subject of “Re:,” “Hello,” “Hi,” “Thanks :)” or “Thank You.” The emails are sent with the Beagle worm attached, and can contain links to websites that host pornography or financial scams. All of these actions occur without the knowledge of the computer owner.
Other nasty malware actions include disabling Automatic Updates, changing network settings, installing bogus “certificates” to make fake websites appear legitimate, inviting in other malware, installing keyloggers that record everything that you type, recording every visited website and forms that are filled out, turning on computer microphones or cameras for snooping, pretending to be antivirus or antispyware tools, editing search results to include spyware-generated ads, renaming malware (called “morphing”) to prevent detection and removal, stealing or encrypting documents and holding them for ransom, and capturing information sent across networks (known as “sniffing”) from other computers in order to steal passwords, credit card numbers, etc. Now you know.