What is Malware?

Malware is a combination of two words – "malicious" and "software". This umbrella term describes any form of malicious code, regardless of the way it afflicts victims, how it behaves or what damage it causes.

4 min read

4 min read

What is malware?

The definition of malware encompasses all sorts of online threats – common types of malware include Trojan horses, ransomware, viruses, computer worms, and banking malware. Most malware cannot damage physical hardware or networks, but it can steal, encrypt, or delete data, hijack core computer functions, and spy on a user’s computer activity.

For a regular user, it is hard to say which file is malware and which isn’t. An updated anti-malware program is the best defence – these maintain vast databases of previously seen malware and continually scan to counter new ones.

Types of malware

Trojan horses – a type of malware that disguises itself as a normal file or program to trick users into downloading and installing it. Once installed, a cybercriminal can take control of the infected computer – allowing them to steal data, access sensitive information, or install more malware.

Ransomware – this specific kind of malware is used for extortion, blocking the screen or encrypting a user’s data so it can’t be accessed. Ransomware holds the computer system captive and demands payment from the user in order to regain access.

Viruses – this is a type of malware that is capable of copying itself and spreading to other computers, much like a human virus. It modifies legitimate host files or programs, and executes its code when the user launches the infected program.

Computer worms – these can be classified as a type of virus – the key difference is that worms are self-replicating and can spread independently while viruses rely on human actions to spread. Computer worms exploit vulnerabilities in the user’s operating system and can steal data, delete files, or create botnets.

Banking malware – banking malware disguises itself as a legitimate app or program, tricking the user into installing It on their device. Once installed, the program will ask for banking details, which then allows the cybercriminal to steal credentials or transfer money from the victim’s bank account.

Read more

There are various ways that malware operators monetise their malicious activities. Some types of malware sneak inside a system and steal sensitive data, which is then sold or used to extort the victim. Ransomware is a particularly popular method among cybercriminals.

Additionally, there are cybercriminal groups that go after specific targets, not necessarily for financial gain. It’s difficult to say how they earn money to fund their activities, but some of these operations are clearly sophisticated, highly organised, and well-funded.

How to protect against malware?

The first step is to keep all software up to date, including the operating system and all applications. As well as improving the software and fixing bugs, updating your software will also patch vulnerabilities that could be exploited by cybercriminals.

You can detect and remove threats for free using our easy-to-use online scanner. The one-time scan is quick and easy, can be used without installation and is a great way to identify vulnerabilities and remove these in the short-term.

Even today one of the most effective vectors for infection is the weakest link in the chain - the human being. Well-crafted emails with malicious attachments have proven to be an efficient yet cheap way to compromise a system. And it only takes one wrong click to achieve it.

The first step is to keep all software up to date, including the operating system and all applications. Not only to add features and improvements and fix bugs, but also to patch vulnerabilities that could be misused by cybercriminals and their malicious code.

Therefore, a reliable anti-malware software is the best way to stop potential attacks.

Regular backups stored on an offline hard drive are another way to counter malware, allowing the user to easily replace any data that might have been damaged, corrupted or encrypted by the attackers. 

Brief history

The first ever recorded PC virus was Pakistani Brain in early 1986. It tried to stay as stealthy as possible. Pakistani Brain infected the boot sector of floppy disks and spread globally in a matter of weeks – which is pretty remarkable, given that it was distributed only via 5.25" diskettes.

Since then, malware has evolved into various forms, its creators always finding new ways of afflicting victims. Internet use has made its distribution much easier and enabled malware authors to spread their “evil wares” to a global network of potential victims. 

Notable examples

Some malware families, such as WannaCryptor, spread indiscriminately, encrypting files and causing damage globally. Others go after a more limited group of victims, such as businesses in one country, as in the case of Diskcoder.C aka Petya.

A recent example of targeted malicious code was Industroyer. Discovered by ESET, this malware attacks industrial control systems used in the electric grid and most probably caused blackouts in Ukraine by misusing unsecured but legitimate protocols. It is one of the few malware families that fall into the same category as Stuxnet - the first cyberweapon ever known to be used.

ESET offers you an award-winning antivirus

ESET HOME Security Premium

Powerful, multilayered protection to encrypt sensitive data, manage passwords easily, secure online transactions and more. A user-friendly solution for enhanced privacy online. Secures Windows, macOS, Android, and iOS devices.


Ultimate digital security for business

Protect your company endpoints, business data and users with ESET's
multilayered technology.

Ultimate digital security for business

Protect your company endpoints, business data and users with ESET's multilayered technology.