How does malware work?

Malware is a broad term that refers to any malicious software designed to cause harm to your systems, steal information, gain unauthorized access, or stage other attacks. Viruses, ransomware, browser hijackers, spyware, and trojans are all types of malware. Malware can be designed to do many things:

  • Spy on, collect, and exfiltrate sensitive data

  • Encrypt, lock and hold your files for ransom

  • Record your keystrokes (the keys you type) in order to steal passwords and other information

  • Gain remote control over a device

  • Use an infected device to send spam and malware to other people or machines

  • Use an infected device to kick off a multi-stage attack on other devices or other networks

Malware can be hidden in websites, links, files/attachments, images, or even ads. You can encounter it almost anywhere online – email, SMS text, social media, chat DMs, or simply while browsing the web.

Malware often goes hand in hand with phishing. Malware can lead to phishing, or phishing can lead to malware. For example, your device may become infected with malware designed to create pop-ups that, when clicked, lead to phishing sites attempting to capture your account credentials. Or, a phishing message may prompt you to open a file or attachment which, when opened, secretly installs malware onto your machine.

It may not be immediately apparent when malware installs on your device. For example, you may receive an email (appearing to be from your co-worker) that invites you to view a document via Google Doc, Dropbox, or Docusign. Once clicked, the document doesn’t open properly and you see an error message. It may seem that there was simply a glitch with that file. But secretly, in the background, opening the file actually allowed malware to install on your computer.

Mobile malware (designed to infect phones and tablets) has been seen to use ads and pop-ups in legitimate apps and mobile games to trick users into downloading other malicious apps. For example, while playing a mobile game you may see an ad or pop-up, like “Install this cool mod” or “Get this free add-on” or “Try this free game.” Although posing as a legitimate program, when clicked and installed this game-disguised malware gains permission on the mobile device, enabling it to secretly install other malware or collect data from your mobile device and send it back to attackers.

“Command and control” is a term used to describe connections established by malware that gives the attacker complete control over a device in order to stage additional phases of an attack. When infected with this sort of malware, the infected device sends a signal to the attacker’s server looking for its next instruction. The infected device will carry out the commands from the attacker’s server and may install additional software. The attacker now has complete control of the device and can execute any code. The malicious code will typically spread to more computers, creating a botnet – a network of infected machines. In this way, an attacker who is not authorized to access a company’s network may be able to attack work devices from infected personal devices within the home.

Symptoms of a malware infection

If you notice some of the following behavioral changes on your device, you may have malware present on your machine. (Read our article on “Removing Malware from a Device” for more help.

  • Sudden performance issues such as a recent, significant slowdown in processing, crashes and freezing, or problems starting or shutting down your computer

  • Missing or corrupted files

  • Programs and apps that you don’t recognize and don’t remember installing

  • Alerts (pop-up warning messages) claiming your device is infected and prompting you to pay for a service or download another program in order to remove the threat

  • Increase in pop-up ads

  • Browser redirects (sending you to sites and pages you didn’t navigate to)

Did this answer your question?