Hackers use a variety of methods, but their creativity means they’re always finding more.
Malware comes in a variety of forms, and they are not mutually exclusive concepts.
Appearance
“Viruses” masquerade as other programs.
- In fact, many virus scanners are actually spyware.
“Trojan horses” or “trojans” masquerade as non-executing documents.
OS Propagation
“Rootkits” infect the core files of the operating system.
“Worms” self-replicate and infect other computers. These can be particularly nasty on computer networks.
- The primary difference between a worm and a virus is that a virus needs user interaction.
“Bots” are hidden software that won’t activate until later. They’re often easy to install quietly onto computers that people don’t use often (such as a smart fridge).
Tracking
“Spyware” tracks what someone is doing.
- It could include a “keylogger” that tracks what someone types or clicks, capture screenshots, or monitor where someone is using their network.
- The point of spyware is to stay hidden, so it’s only detectable with a virus scan.
- However, most people do consent to spyware by legal tech companies, which don’t openly extort people but still violate their rights.
Modification
“Adware” bloats a computer with ads. These are often extremely obvious because your computer has many ads you never expected to see.
“Ransomware” is meant to scare the user into paying an extortion fee, which can often be through cryptocurrency to hide the paper trail. Most ransomware attacks will repeat themselves after the ransom was paid.
Combined
Naturally, like with any other programmming, the quality of the program is based on the quality of its code, and therefore based on the logical talent of the programmer.
Malware often has multiple purposes. For example, an intelligent hacker can create an adware worm packaged as a virus that sends trojan rootkits that serve as spyware, which is also a bot that activates ransomware at the hacker’s command.
An RAT (remote-access trojan) is when a hacker sends a trojan masquerading as a software update or stream of data (such as video or music).
Timing
Not all malware executes immediately.
The software may send information routinely over a network, or may wait until a certain specified time or triggered command.
Also, the software may be fire-and-forget to activate at a certain time, or could be a “remote access tool” (RAT) that can remotely activate software or control a computer over a network.