People talk about malware all the time, but there seems to be a lot of confusion over exactly what it is.
Malware – short for ‘Malicious Software’ – is essentially a program that does something you do not want it to do. It might be as comparatively benign as to add a toolbar to your browser, slightly impacting your system’s performance. It could be more aggressive by showing you pop-up ads, or sending you to pages with ads instead of to the web page you were trying to view. Particularly nasty ones may say that your system is infected and plead for money to make it go away.
There are a few different classifications of malware – adware, spyware, ransomware, and viruses, to name some of the more well-recognized classes. Adware is ad-supported software that displays the advertisements in an undesirable or undisclosed way. A good amount of free software – particularly on smartphones – includes subtle ads as a trade for the software not costing you anything. But adware is often evasive about what it will be doing, burying the details in the ‘End User Licence Agreement’ – the long string of text we often don’t read before proceeding with the install. Or the software will automatically install ad-generating software from another vendor. It is when the advertising is unexpected that it gets dumped into the malware category.
Spyware is software that, using various means, attempts to track certain aspects of your computer usage. The most benign of these usually employ mechanisms to send you targeted advertisements. If you are on a web site about shoes, then visit an affiliated web site that has nothing to do with shoes, you may see advertisements for shoes on the page. The more malicious types can actively record the keys you are typing on your keyboard, looking for usernames and passwords.
Ransomware is particularly mean. These types of programs threaten to leave your computer broken or to restrict access to your own files on your system until you pay a fee. There is no guarantee that paying the fee will recover your data or your access, either. The last category, viruses, could encompass an entire article in itself. These are programs that make your computer misbehave in other ways, and may attempt to spread themselves without your involvement. Some malware packages employ several of these techniques. But the function of the program itself does not necessarily make it acquire the name ‘malware’. A program that is designed to format (blank) your computer is a legitimate utility. If the program instead claims that it is a fancy new screen saver, but then formats your drive, it has performed the same operation – only the intent was different. (This might be considered a Trojan – it pretends to do one thing while actually doing another.) Thus, when certain types of what a user might consider to be malware are installed on a system, various anti-malware monitoring utilities may not detect it. Particularly if the behavior of that program was defined in its License Agreement. Otherwise, the maker of the anti-malware itself might find themselves facing a lawsuit from the original program’s developers.
That’s malware in a nutshell. A program that does things you don’t want it to do, possibly while it also does the things you did want it to do. And that’s also why it’s hard to prevent it, for the computer cannot judge intent.