Want to know the difference between a virus and a worm or what a Trojan horse is? Here's how to find out what these and other Internet menaces do.
There are a number of different terms that are used in describing harmful software. Average home PC users are often confused about what distinguishes these various types of malware. Here is a brief explanation of some malware terms.
- Short for "malicious software", this is a commonly used catch-all term for any type of harmful software.
- Originally, the term "virus" was used for a self-replicating program that spread by inserting copies of itself into programs or documents that already existed on a computer and using the functions of the existing programs to rapidly reproduce many copies of itself.. The name was an analogy with biological viruses that use an infected cell's own DNA to reproduce. This was the original form of malware. Viruses, in this original sense, are now rare. They were supplanted by a variant called a worm and other forms of malware. The term “virus” is now mostly used in a generic sense to mean any kind of malware.
- Technically, there is a difference between a virus and a worm but common practice often refers to worms as viruses. Originally, a worm was distinguished from a virus because it contains all the code it needs to carry out its purposes and does not depend on using other programs. Worms are designed to replicate rapidly and to use the Internet or other networks to spread with great facility. A worm may include a Trojan horse as part of its payload. Some of the most notorious malware outbreaks have been worms.
- Trojan or Trojan horse
- The term "Trojan horse" (often shortened to just "trojan") is applied to malware that masquerades as a legitimate program but is in reality a malicious application. It gets its name from the ruse used by the Greeks against the Trojans in Homer's Iliad. It may simply pretend to be a useful program or it may actually contain a useful function as cover for a destructive one. Another variant simply hides on the system while carrying out surreptitious malicious actions such as making the infected PC a member of a botnet. (See "zombie computer".) Technically speaking, Trojans are not self-replicating. However, they are often combined with a worm to spread the infection. Many Trojan horses have been sent out as email attachments. Others have been part of malicious downloads from infected Web sites or hidden on media such as USB keys.
- Key logger
- A special kind of trojan that records the keyboard and/or mouse activity on a PC and relays the information over the Internet to someone wishing to record passwords or other personal information.
- Software that is usually installed by the computer user because of some free feature. The software developer gets revenue by reporting your web activity to advertisers so that targeted ads can be displayed to you, often in pop-up windows.
- "Spyware" is a somewhat nebulous term with a number of meanings. Originally, it referred mostly to adware. However, many forms of spyware differ little from a trojan in that it is an application that carries out an intended function while it also collects information about users without their knowledge.
- A rootkit is hidden malware that operates at the most basic level (the" root") of the operating system.
Because they operate at a privileged level, rootkits are difficult to detect and eradicate and require special methods beyond ordinary anti-malware programs.
- Zombie computer
- A Trojan horse is used to plant malware on an unsuspecting PC owner's system that allows a remote computer to use that system to send out spam or to perform other malicious tasks on the Internet without the owner's knowledge.
- A network of zombie computers. A remote computer uses a collection of infected computers to carry out concerted malicious actions on the Internet, usually without the knowledge of the infected computers' owners.
- The automatic download of software to a user’s computer triggered simply by visiting a Web site or viewing an HTML formatted email. The download occurs without the user’s consent and often without any notice at all.
- Related to Scareware. If you fall for the phony warning about your PC being infected and click on the link. it installs malware that demands payment and threatens to wipe out your files if you don't pay.
- Web beacon or web bug
- A small, usually 1×1 pixel, transparent image that is placed somewhere in a web page or e-mail. Due to its small size and transparency it is visually undetectable by the reader. Because the computer has to make a request to an external server in order to load this image, whoever planted the image knows that you have visited the web page or opened the e-mail. The server records the date and time of the request, along with any other information it receives such as your IP address and browser version.