Viruses,Trojans, and Rootkits… Oh my!

When it comes to computers, the term used to describe nasty infections is “Malware.”

But what exactly is malware?

Well, it’s a nebulous term touted by techies, bloggers, and even mainstream media outlets for nearly everything created to harm your system. But that definition is a bit too vague to understand. In an effort to clear up the confusion, we’ve put together a handy glossary of terms spelling out the differences between things like adware, spyware, and (dun dun dun) scareware.

Malware is meant to disable or otherwise damage a computer. It’s really an umbrella term for all the bad stuff created to mess up your day. Short for “malicious software,” it includes viruses, trojan horses (trojan for short), rootkits, worms, and all those other wares we mentioned above. Now for some specifics…

When talking tech, a virus is actually a piece of code that attaches itself to a file in order to perform some (usually malicious) task. Technically speaking, viruses are not self contained programs; they’re just fragments and can’t function on their own. But what they can do is piggyback on a program, infect it, and then spread the damage to other programs. Viruses were the big threat back in the 80’s and 90’s, but these days malware is a bit more sophisticated.

A worm is a self contained program which can scan for vulnerabilities and move from machine to machine autonomously. Quick history lesson: the first real Internet worm was released in 1988 and has become known as the “Morris Worm”, released by Cornell student Robert Morris. He created a program to find a vulnerable computer and copy itself, with no intention of actually harming the system. However, it ended up causing a ton of unexpected damage. The story of this worm was even picked up by local and national news outlets (even if they got the terminology wrong by calling it a “virus”). We won’t comment on why an Atari 2600 game is shown as an example. But hey, it was the 80’s.

A lot of Windows 95 users are familiar with the term “trojan horse,” which is a self-contained program that masks itself as harmless software. These horses are often a delivery vehicle of viruses, fooling the end user into running a new screensaver or something similar. But what it ends up doing is something completely unrelated to the advertised function. Today, Java applications running on websites are big offenders as they can secretly redirect browsers into downloading malicious code. We’d say it’s not Java’s fault, but they’ve been pretty slow to improve security flaws since these trojans started appearing in the go-go 90’s. Get it together, guys.

Ah, rootkits. They’re big trouble. These program allow hackers to gain “root” level access to an operating system, giving them complete control over the infected computer. And they do a pretty good job of covering their tracks by deleting any log entries. Because of the level of access they achieve and the tricks they employ in remaining hidden, Rootkits are some of the toughest infections to remove. Unfortunately, the best option is a usually complete reformatting of the hard drive. You just can’t trust the system once a rootkit has infected it, so make sure your data is backed up on the regular.

Adware generally refers to a small piece of software that, when installed on a computer, litters your workstation with annoying pop ups. Think of it like desktop spam. This was a real problem 7 or 8 years ago, but has since died down. Might be because nobody wants to buy something that’s advertised by way of flashing GIFs, or maybe it’s ’cause there’s now a trickier way of getting people’s money.

That trickier way of getting people to pay is called scareware, and has become the method of choice for most those looking to wreak havoc on innocent internet users. Often referred to as “rogue” or “fake” antivirus software, scareware appears as notification windows saying something like “Your computer may be infected with harmful spyware. To scan, click ‘Yes’ below,” and then tries to get the user to pay for a program to remove the detected spyware. Ironically, the rogue antivirus software is, itself, the infection, and the pop up alerts are all bogus. Some scareware will even block Internet access to websites with legitimate antivirus software. Others will turn off your access to the Task Manager, making it very difficult to stop the rogue software from running. And the worst of the worst will encrypt your data files and hold them hostage until you pay up. Definitely bogus.

What can you do to prevent these types of malware from ruining your day? Well, that’s the subject of our next installment. Til then, don’t “Click here to claim your prize.

comments powered by Disqus -
« Previous Post
Next Post »