What Is Malware? How to Stay Protected

Our digital devices can also get infected, but with pieces of software called malware. Like a human virus, malware has warning signs, it spreads, it impairs function, but it can also be remedied and prevented. Learning more about malware can help you keep your devices ‘healthy’ and your data secure.

What is malware?

Malware—or malicious software—is an umbrella term for any kind of software designed to harm or exploit a programmable device, server, or network. Malware invades, damages, and/or disables computer systems, often by taking partial control of its operations. In the same way the human flu interferes with the normal functioning of the body, malware interferes with the functioning of a computer system or network.

Most cyberattacks—including viruses, ransomware, spyware, trojans, or worms, to name a few—are forms of malware. (Yes, all viruses are a form of malware, but not all malware are viruses.) Because malware is wide-ranging, its capabilities are quite extensive; it can crack weak passwords, lock up files, spam you with ads, and spread through networks. Malware attacks can lead to data theft and the destruction of entire computer systems.

In most cases, cybercriminals use malware to extract personal data they can then leverage for money, including healthcare records, financial information, emails and passwords. In other cases, malware is used to sabotage productivity, shutdown a machine or network, make political statements, or mine cryptocurrency.

You’re vulnerable to malware whenever you’re online, and your vulnerability has a lot to do with the sites you visit, the links you click on, and the files you download— although it’s still possible to get infected when taking the right precautions.

Does malware affect Macs?

Macs aren't as safe as they used to be. While they’re immune to most computer viruses, and while Apple regularly issues operating system updates to patch security holes, there are more and more Mac-specific forms of malware to be wary of. According to Apple, “One common way malware is distributed is by embedding it in a harmless-looking app.” That’s because Apple’s built-in malware protection doesn’t block all malware bundled with fraudulent apps. The first fully functional ransomware seen on the OS X platform was detected in 2016. Today, the average number of threats per Mac device is about twice that of the average for Windows.

Does malware affect mobile devices?

Any device with an internet connection can pick up malware, including your mobile phone or tablet. There are more than six billion smartphones worldwide today. Cyber attackers are poised to take advantage of the growing mobile market and leverage their efforts. Think about it: your phone is a highly sophisticated handheld personal computer that follows you everywhere; it holds troves of valuable and intimate data; it’s got a camera and a microphone that can record what you say, and a GPS that tracks your every move. Now imagine these capabilities in the wrong hands.

Most mobile users don’t protect their phones as well as their computers; they don’t install security software or update their operating systems, making their mobile devices easy targets. While iOS is a more malware resistant operating system than Android, Apple devices aren’t impervious to threats. You can still infect your device by, say, downloading a questionable app.

13 common types of malware

Different forms of malware impact computer systems differently, and some are easier to detect than others. Common types of malware include:

1. Adware is designed to spam you with ads—usually pop ups within your web browser—in order to generate revenue for the attacker or to collect data on your activity. It’s often installed in exchange for another service, like the right to use another program for free. Adware also gives other types of malware an easy way into your system; it can direct your browser to unsafe sites and contain other, more dangerous malware, like trojans or spyware.
2. Spyware runs in your system’s background and observes your activity without your knowledge or permission. It then reports sensitive or personal data back to the spyware’s author. Spyware can collect everything from your internet browsing habits, passwords, GPS location, and even financial data.
   1. Keyloggers are a specific form of spyware that hide on your device to record your keystrokes on the keyboard, which can reveal personal information, like login credentials, passwords, or credit card details, all of which is then sent back to the keylogger’s author.
3. Viruses, perhaps the most well-known form of malware, are designed to disrupt a computer system’s operation. These usually come attached to a host file or program, commonly via email attachments. Once downloaded and opened—often inadvertently—the virus can spread uncontrollably, replicating itself by infecting other files and programs with its code. Computer viruses can damage your system’s core functionality, as well as cause significant operational issues and data loss.
4. Worms are like viruses in that they’re self-replicating and can severely disrupt your system’s operations. But unlike viruses, worms don’t need to attach themselves to host files or programs, nor do they require your interaction to initiate an infection. By exploiting security weaknesses, a worm can rapidly replicate on its own, spreading to other devices with a network at an exponential rate.
5. Trojans are one of the most dangerous types of malware. A trojan masquerades as harmless, legitimate software, tricking you into downloading and opening it. Once installed, the trojan’s authors gain unauthorized access to your device. They can modify, delete, or steal your personal data, including financial information, spy on your activities, crash your system, or install other forms of malware, usually ransomware.
6. Ransomware is one of today’s most pressing malware threats. It locks you out of your device and damages, encrypts or renders your sensitive files otherwise inaccessible, then demands a ransom and threatens to destroy your data unless you pay (usually in untraceable cryptocurrency). Ransomware attacks are profitable and hard to trace, making them cybercriminals’ weapon of choice.
7. Rootkits burrow deep into your device to provide the attacker with full administrative privileges on your infected system, known as ‘root access’ to your hard drive—i.e. the ability to control your personal computer. A rootkit is designed to stay hidden from you, your operating system, and other software, making it particularly hard to detect and one of the most dangerous types of malware. Rootkits can be removed with dedicated rootkit removal tools, or, in the worst cases, may require a complete erasure of the hard drive.
8. Scareware uses fake security alerts—a tactic known as social engineering—to trick you into thinking your device is infected, and to get you to download rogue apps, like scam security software, which tends to be additional malware.
9. Botnets—though not technically malware—are networks of infected computers working in unison for an attacker. Botnets are often used to send out spam or perform denial of service (DDoS) attacks.
10. Malicious cryptomining, sometimes called cryptojacking or drive-by mining, is when an attacker loads malware— in this case, cryptomining code—onto your system and uses your computing power to mine cryptocurrency. In other words, a malicious crypto-miner steals your computing resources to make money.
11. Logic bombs are pieces of code—inserted into a software app, operating system, or computer network—designed to execute once a specific condition is met, or at a given time or date. When the condition is met, the logic bomb is triggered, setting off its effects, sometimes corrupting data, deleting files, or clearing hard drives.
12. Exploits are a form of malware designed to take advantage of bugs, security weaknesses, and other software or hardware vulnerabilities in order to give an attacker access to your system.
13. Fileless malware resides in and operates from your system’s memory—not from files on your hard drive. This means there are no malware files to scan for and no ‘footprints’, making fileless malware harder to detect and remove than other types of malware.

Signs of a malware infection

Malware reveals itself in a variety of ways. If you notice your device working abnormally, it may be infected. The more of these common symptoms you observe, the more likely it is your device has malware:

• Slower than usual performance. Malware can occupy a good deal of your device’s processing power, causing its operation system to slow down. You may notice this when browsing the internet or when using local apps. A whirring fan in your computer is another indication that usage of your system’s resources are abnormally high.
• Changed browser settings. A malware attack can alter your web browser’s settings. If your browser takes you to sites you aren’t intending to visit, a malware attack may have altered your DNS settings. You may also notice your homepage is different, or that you have new browser toolbars, extensions of plugins installed.
• Peculiar messages popping up. These might be outright infection warnings, sometimes accompanied by solicitations to buy something to fix the problem. The message can also be a ransom note demanding payment for your data or files back.
• Frequent crashes and freezing. Malware can cause your device to freeze, crash, or encounter a fatal error. Some do this by consuming too much RAM or CPU power.
• Loss of disk space. Malware can hide in your hard drive and take up space, sometimes considerable amounts.
• Increase in internet activity. Once some forms of malware—such as trojans, spyware, or botnets—land on your system, they reach out to the attacker’s server to download secondary infections, like ransomware, resulting in a spike in your system’s internet activity.
• Frequent pop-up ads. The purpose of some malware, notably adware, is to inundate you with invasive ads, even when you're not using your web browser. Some redirect you to undesirable pages, others might pretend to be security software. These ads typically carry other malware threats—don’t click on them.
• Unfamiliar apps. The appearance of apps or programs you didn’t install is a telltale sign of malware, which can load these onto your device without your knowledge.
• Contacts receiving strange messages. Some types of malware spread by email or messaging suspicious links to your contacts. Mobile malware might send malicious text messages, whereas social media malware might make posts as if they were your own, and infect friends who click links in the posts.
• Antivirus product stops working. Malware can sneak past and disable antivirus software, particularly if your program’s settings are wrong, or if it isn’t up to date.
• Deleted or corrupted files. Types of malware that seek to damage your data or hold it for ransom might delete or corrupt your files.

How to remove malware

Each type of malware infects and damages computer systems and data differently. Strategies for removing malware likewise differ from one type to the next. Here are a few general steps for removing malware from your system, depending on your device.

Windows PC

1. Disconnect your PC from the internet to prevent it from communicating with the malware server, and to prevent the malware from spreading further.

2. Go into safe mode to prevent the malware from loading.

• Restart your PC.
• On the sign-in screen, hold the shift key and click Power > Restart.
• Once your PC restarts, go to Choose an option and click Troubleshoot > Advanced Options > Startup Settings.
• Click Restart and let it load.
• When a menu appears with numbered startup options, click 4 or hit F4 to start your PC in safe mode.

3. Refrain from logging into accounts to avoid sharing login info and personally identifiable information.

4. Delete temporary files that may have been installed by malware by searching for and running the Disk Cleanup tool.

5. Check your activity monitor for malicious software.

• In Type to search type “resource monitor” into your search bar.
• Right-click the app or program in question and click End Process.

6. Run a malware scanner to remove most standard infections.

• If you don’t already have a malware scanner on your PC, or if your current software failed to detect malware initially, download one from a reliable source and run it.
• Install security software or antivirus software that works constantly in the background.

7. Fix your web browser to prevent malware from reinfecting your PC.

• Verify that your homepage address is correct.
• Check for malicious browser extensions.

8. Clear your web browser’s cache.

• On Chrome
  • Click History > Clear Browsing Data.
  • Check All Time and click Clear Data.
• On Internet Explorer
  • Click Tools > Safety > Delete browsing history.

Mac

1. Disconnect your Mac from the internet to prevent it from communicating with the malware server, and to prevent the malware from spreading further.

2. Go into safe mode to prevent the malware from loading.

• Restart your Mac, then immediately press and hold the Shift key.
• Release the Shift key when you see the login window.

3. Refrain from logging into accounts to avoid sharing login info and personally identifiable information.

4. Delete temporary files that may have been installed by malware.

• Quit any apps you have open.
• Click Go in the menu bar.
• Click Go To Folder and type or paste “~/Library/”.
• Click the Cache folder and move all of its files to the Trash.
• Empty the Trash.

5. Check Activity Monitor for malware.

• Open Finder and click Applications > Utilities > Activity Monitor.
• Double-click the app in question and click Quit.

6. Run a malware scanner to remove most standard infections.

• If you don’t already have a malware scanner on your Mac, or if your current software failed to detect malware initially, download one from a reliable source and run it.
• Install security software that works constantly in the background.

7. Fix your web browser to prevent malware from reinfecting your Mac.

• Verify that your homepage address is correct.
• Check for malicious browser extensions.

8. Clear your web browser’s cache.

• On Chrome
  • Click History > Clear Browsing Data.
  • Check All Time and click Clear Data.
• On Safari
  • Click Safari in the menu bar.
  • Click Preferences > Privacy > Manage Website Data > Remove All.

Note: These steps might not remove all types of infections. If you still think your device is compromised, you may need to take more drastic measures: wipe your hard drive and reinstall your operating system, apps, etc. If this is the case, it’s best to back up your files to an external drive and consult Microsoft Support or Apple Support to ensure you're taking the right steps.

Android device

1. Go into safe mode to prevent third-party apps from running.

• Press and hold the power off button.
• When a popup appears, confirm you want to Reboot to Safe Mode.
• If you no longer encounter the problem in safe mode, a third-party app may be the issue.

2. Identify and delete the malicious app.

• Open Settings and tap the Manage apps or Apps & notifications tab.
• Tap the Downloaded apps or Installed apps tab.
• Identify any suspicious apps; apps you don’t remember downloading or apps that shouldn’t be running.
• Tap the Uninstall button next to the app in question.
• If the Uninstall button is greyed-out, the malware may have administrator access to your device, preventing you from uninstalling it.
  • In this case, go back into Settings and tap Security.
  • Tap Device Administrators, and see if any malicious apps have access.
  • Remove access by unchecking the blue box or tapping Deactivate.
  • Go back and uninstall the app.
• Restart your Android device

3. Clear your cache and downloads.

• Open Settings and tap Apps > Chrome > Storage & cache > Clear cache > Clear storage > Clear all data, then confirm.

4. If you still think your device is infected, you may need to reset it to its factory default settings.

• Open Settings and tap System > Reset options > Erase all data (factory reset) > Erase all data, then confirm.
• Restart your Android device.

iOS device

It’s unlikely that your iPhone or iPad is infected—iOS is, thankfully, mostly impervious to malware. However, attackers can use software developer kits (SDKs) to make apps that can infect iOS devices. These are usually downloaded from outside the official App Store. If you suspect an app on your device is malicious, try to first uninstall it by tapping and holding its icon, then tapping Remove App. If this doesn’t do the trick, follow these steps:

1. Clear your browser history and data to remove adware-like infections.

• Open Settings.
• Scroll down and tap the Safari tab.
• Tap Clear History and Website Data.

2. Power off and restart your device.

3. Restore your device from an earlier backup.

4. If you still think your device is infected, you may need to reset it to its factory default settings.

• Open Settings.
• Tap General > Reset > Erase All Content and Settings.

How to protect against malware

Protect your devices

• Keep your software up to date. Update your devices’ operating systems and apps when you can. Outdated software creates security vulnerabilities that are routinely patched with software updates. The latest version is the safest version.
• Only download software from trustworthy sources. Avoid downloading apps or software from unreliable websites or peer-to-peer networks. The same goes for mobile apps, which should come from the Google Play Store or Apple App Store, or directly from the vendor. Be especially careful with security software, which should always come from a reputable provider and only from their website, an official app store, or a retail store. It’s also good practice to read through reviews before downloading an app, and to regularly uninstall apps you don’t use.
• Install security software. Download and install an app that actively scans and blocks malware threats, both on your computer and your mobile device. McAfee, AVG, Norton, or Panda Security are a few reliable options. Once installed, perform regular checks.
• Back up your data regularly. Backing up your files—to an external drive, a cloud, or both—won’t stop malware from getting onto your device, but it’s the best defence against an attacker locking you out of your data, such as with ransomware attacks.

Be careful online

• Avoid clicking on popups and ads. As tempting as some might be, don’t click on popup ads while browsing the web, and never click on a link in a popup. Attackers can load malware into ads, even those on popular websites. This is one of the easiest ways to avoid threats.
  • Use an ad blocker or “content blocker.” These typically come as browser extensions that remove ads from ad-supported sites. Less online ads, less chances one gives you malware.
• Beware of suspicious messages, emails, and attachments. Don’t click on unknown links in emails, texts, or social media messages, especially from a sender you don’t recognize. Never open an attachment unless you know what it is.
• Be careful where you browse. Malware often resides on websites with poor backend security. Stick to reputable, trusted sites, and pay attention to domain names—avoid sites without top-level domains, like .com, .net, .org, or .edu.
• Check your downloads. Malicious websites can automatically download malware without your consent the moment you load a webpage—sometimes called drive-by downloads. Remove these files from your device, and never open software or files you didn’t intentionally download.

Set strong passwords and use multi-factor authentication. The stronger your passwords, the better protected your system is from attackers and malware. Maintain strong, unique passwords for all accounts on your devices, and consider a password manager, like 1Password or LastPass to help you stay on top of them. For critical online accounts like bank accounts, your email, and storage accounts, set up two-factor authentication.

Ready to protect your privacy online and use products that benefit you, not scammers and advertisers? Try Neeva, the world’s first private, ad-free search engine. We will never sell or share your data with anyone, especially advertisers, and we are committed to showing you the best results for every search. Try Neeva for yourself, at neeva.com.