Skip to content
NeoGuard

Malware

An umbrella term for any malicious software designed to damage, disrupt, or gain unauthorized access to a computer system, including viruses, trojans, spyware, and ransomware.

Malware (malicious software) is a catch-all term for software designed to harm. It includes viruses, worms, trojans, spyware, adware, and ransomware. Each type behaves differently, but they share a common goal: unauthorized access to or damage of your systems and data.

Common Types

  • Ransomware: Encrypts your files and demands payment. The most financially damaging form for businesses. See Ransomware.
  • Trojans: Disguise themselves as legitimate software to gain access. Often delivered through phishing emails.
  • Spyware: Silently monitors your activity, capturing keystrokes, screenshots, or credentials.
  • Worms: Self-replicating malware that spreads across networks without user interaction.
  • Infostealers: Targeted malware that extracts saved passwords, browser cookies, and authentication tokens from infected devices.

How Malware Spreads

  • Phishing emails: The dominant delivery method. Attachments or links that install malware.
  • Drive-by downloads: Visiting a compromised website triggers an automatic download.
  • Infected software: Pirated or compromised applications carrying embedded malware.
  • USB drives: Physical media used for targeted attacks (less common but still used).
  • Supply chain: Legitimate software updates compromised at the source.
  • Zero-day exploits: Exploiting unpatched vulnerabilities in operating systems or applications.

Protection

  • Endpoint protection / antivirus: Modern solutions use behavioral analysis, not just signature matching, to detect unknown malware.
  • Firewalls: Block unauthorized inbound and outbound connections that malware uses to communicate with command servers.
  • Password managers: Infostealers target saved browser passwords. A password manager with encryption is far harder to compromise.
  • 2FA: Even if credentials are stolen by spyware, 2FA prevents account takeover.
  • Patch management: Keep operating systems and applications updated to close known vulnerabilities.

AI-powered malware is an emerging concern: tools that can adapt behavior to evade detection, generate convincing phishing lures, and automate reconnaissance. The barrier to entry for attackers is dropping, which means smaller organizations are increasingly viable targets.

Related Terms

RansomwarePhishingZero-Day