The Terminology of Malware – What You Need to Know

Computer Virus

A computer virus is a malicious software program loaded onto a user’s computer without the user’s knowledge and performs malicious actions. In more technical terms, a computer virus is a type of malicious code or program written to alter the way a computer operates. A virus operates by inserting or attaching itself to a legitimate program or document that supports macros (software code inside of a Word document) to execute its code. In the process, a virus has the potential to cause unexpected or damaging effects, such as harming the system software by corrupting or destroying data.


A worm is a program that spreads across the computers in a network to include network file shares using network connections. Hence the name Worm as the app tunnels around your network. It also spreads by creating duplicates of itself on other drives, systems, or networks.

Trojan Horse

Trojan horse is any malicious computer program/email which misleads users of its true purpose.


Ransomware is a type of malware that prevents or limits users from accessing their system, either by locking the system’s screen or by locking the users’ files using encryption unless a ransom is paid. More modern ransomware types, collectively categorized as crypto-ransomware, encrypt specific file types on infected systems and force users to pay the ransom through certain online payment methods to get a decryption key.


A botnet is a collection of internet-connected devices, which may include PCs, servers, mobile devices, and internet of things devices that are infected and controlled by a common type of malware. People are often unaware of that device is a member of a botnet.


rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or areas of its software that would not otherwise be allowed (for example, to an unauthorized user) and often masks its existence or the existence of other software.


Keystroke logging known as keylogging or keyboard capturing is the action of recording (logging) the keys struck on a keyboard, typically covertly, so that the person using the keyboard is unaware that their activities are being monitored. Data can then be retrieved by the person operating the logging program. A keylogger can be either software or hardware.


A backdoor is a means to access a computer system or encrypted data that bypasses the system’s security mechanisms.


Spyware is software that aims to gather information about a person or organization without their knowledge, that may send such information to another entity without the consumer’s consent, or that asserts control over a device without the consumer’s knowledge.


Adware is any software package that automatically renders advertisements to generate revenue for its author.

Remote Access Trojan (RAT)

A type of malware, specifically under the Trojan category allows a remote attacker to gain full control of an infected device.    

Phishing vs. Spear Phishing


Phishing is a fraudulent attempt, usually made through email, to steal your personal information.

Spear Phishing

Spear phishing is an email attack that targets a specific organization or individual, seeking unauthorized access to sensitive information. Spear-phishing attempts are not typically initiated by random hackers but are more likely to be conducted by perpetrators out for financial gain, trade secrets or military intelligence.


Exploits vs. Vulnerabilities vs. Zero-day Flaws


A software tool designed to take advantage of a flaw in a computer system, typically for malicious purposes such as installing and executing malware.


vulnerability is a weakness that allows an attacker to reduce a system’s defenses.

Zero-day Flaws

zero-day vulnerability refers to a hole in the software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it-this exploit is called a zero-day attack.

Leave a Reply