0

Computer Viruses Definition

KZero Staff
Jul 27, 2023

What are Computer Viruses?

Malware is a general term for malicious software, and there are numerous different types of malware. In general, malware is classified based on its purpose or how it achieves its goals.

A virus is a specific type of malware. Namely, viruses are designed to replicate themselves by infecting other files.

How Computer Viruses Work

Computer viruses are malicious programs designed to replicate and spread by infecting other computer systems and files. Like biological viruses, computer viruses can self-replicate and attach themselves to legitimate files or programs, allowing them to spread to other computers through various means such as email attachments, infected websites, or removable storage devices.

A virus can propagate itself in a few different ways. Some examples include injecting malicious code into running programs or embedding malicious code or Word macros into otherwise benign programs.

Note that viruses attach themselves to files, which enables them to independently spread themselves but not automatically infect systems. For the malware to actually be executed on a computer, a human needs to open or run the infected file, launching the malicious code.

After a virus has infected a computer, it can have various malicious purposes. For example, the malware may be designed to steal and exfiltrate sensitive data. Alternatively, viruses can download other types of malware, enabling the infection to act as a launch point for other types of attacks.

Virus vs. Worm

Viruses and worms are both types of malware defined by their ability to self-propagate. However, these two types of malware differ in how they propagate themselves and their levels of self-sufficiency.

As mentioned above, viruses spread themselves by attaching to files. They can’t achieve code execution by themselves and rely on a person to open the infected file and run the malicious code.

Worms, on the other hand, can spread themselves and achieve code execution all by themselves. Often, this is accomplished by exploiting vulnerabilities in a system that enable remote code execution.

For example, WannaCry is an example of a famous ransomware worm. In addition to incorporating ransomware functionality — the ability to encrypt data and demand a ransom for the decryption key — WannaCry also was a worm. The original version of WannaCry spread using the EternalBlue exploit that took advantage of a vulnerable version of the Windows SMB protocol. The malware identified vulnerable systems and sent carefully crafted requests that enabled it to deliver and execute its malicious code on the system without any human interaction required.

Conclusion

Computer viruses are a type of malware defined by how it can infect systems and propagate itself by infecting files. A virus can have various malicious functions, such as data theft or encrypting data (i.e. ransomware).

Protecting against computer viruses involves implementing endpoint security best practices. For example, users should be trained to identify and avoid phishing emails and websites. Additionally, installing and running an antivirus or other endpoint security solution on a device can help with detecting, blocking, and removing computer viruses and other malware from a computer.

KZero Staff

Explore more insightful content from the knowledgeable KZero staff on our blog and guides section.

Glossary Terms

Stay up to date with the most recent #infosec topics

Trending Topics

Share the page: