Types of Malicious Software (Malware)

Malware is derived from Malicious Software that intentionally designed to harm or damage or destroy your data or disables system, server or computer network sometimes it gives limited or full access of the system to the malware creator. Malware can be used against individuals to gain information and steal data such as personal identification numbers or details, bank or credit card numbers, and passwords. Malware is also broadly used against government or corporate websites to gather information or to disrupt their operation. 

According to AV-test.org 780 Million malware found in 2018, AV-TEST Institute registers over 350,000 new malicious programs (malware) and potentially unwanted applications.

There is category of Malware

Virus:    Virus is programm to design to cause harm your system. When executed, replicates itself by modifying other computer programs and inserting its own code.. Key character of virus is different from Worms if virus infects your system it attached to the file. You copy or move the infected file, virus automatically moves with it.

Worm: Worm is malware computer program similar to viruses but they replicate it in order to spread to other computers or network. Worms are standalone software it not requires a host program or human interaction help to propagate.

Trojan: Trojan is type of malware that allow creator to gain unauthorized or remote control of a victim machine to attacker. Trojan server install on the victim machine which open a port for attacker to connect and Trojan Client installed on the attacker which used to execute the command to victim machine.

The term is derived from the Ancient Greek story of the deceptive wooden horse that led to the fall of the city of Troy. Read More and Watch the Video to better understand.

There are few command ports used by Trojan

Spyware: Spyware stand for Spying Software. Spyware is software that installs itself on your computer, its runs on the background monitoring your online behavior, collecting information such as your credential or sensitive data without your knowledge or permission.

Adware:  Adware is derived from Advertising Software its impact the system in the form of pop-up. You visit the website the pop-ups appear all over the page, sometimes pop-up destruct to your regular or sometime they steal your information, with help of malicious code or payload run behind.

If you disable popup from your browser but some sites to say if you want to use this site, you should enable the popup to access the site.  Prevent from the popup you should use ads blocker or stop JavaScript code execution.

Rootkits: Rootkits derived from Root (Linux/Unix term equivalent to the Windows Administrator) + Kits (A set of programm) the one of the most difficult types of malware that difficult to detect and remove use to eavesdrop system, keyloggers, or to remotely control your computer as administrative privileges without informing the user.

Rootkits usually composed with three components: 1) Dropper (executable program or file that installs the rootkit), 2) Loader and 3) Rootkit itself

There are several types of rookit such Kernal Rootkit, Hardware or Firmware Rootkit, Hypervisor or Virtualized Rootkit, Bootloader Rootkit or Bootkit, Memory Rootkit, User-mode or Application Rootkit, Zero Access Rootkit as so on.

Botnet: Botnets are a group of compromised systems which are controlled by hackers, cyber criminal groups looking to disrupt or break into their target system. In other words Botnet is a logical collection of internet-connected devices such as computers, smartphones or IoT devices whose security has been breached by the third party.  Each such compromised device, known as a “Bot”. The controller of a botnet is able to direct the activities of these compromised computers through network protocols.

Backdoor: A backdoor is a method of bypassing normal authentication or encryption in a computer system, a product, or an embedded device used for securing remote access to a computer, or obtaining access to plaintext in cryptographic systems.

Backdoor could be implemented by a malicious person or even by Administrator. developers might want to correct the programm or such issues on the code but they don’t want to login every time so they put the Backdoor. A malicious person could plant the backdoor on the system so they use the Backdoor to get unauthorized access to the system to perform their operations.

Ransomware: Ransomeware is the newest form of the attack, once the system infected it lock you entire system, usually denying you access to your data with warning page and ask money transfer to get unlocked. Attacker demands a ransom amount from the Victim promising to restore access to the data upon payment.

Logic Bombs or Slag Code: a Logic bomb is a piece of codes that intentionally planted in to the Software for future updates and events. Impact of logic could be Denial of Service, Delayed-action computer virus or Trojan horse.

Polymorphic Malware: Polymorphic derived from Poly (many) and Morphic (to change form) a type of malware that every time move from media to another change it form, this malware is mutating, antivirus might not be detecting by its mutating property so mostly it used to avoid detection from Anti-Malware.

Armoured or Crypter: Armoured or crypter a type of malware that encode the malicious and self cryting property so Anti Malware difficult to detect.

Shahrukh Rafeeq

I'm an Entrepreneur, Freelance Security Consultant, Bug Hunter having years of experience with a deep interest in InfoSec Industry. I love to speak and write about web and mobile application pen-testing, bug bounty. You can reach me at

Leave a Reply

Your email address will not be published. Required fields are marked *