Askeal Logo

Malware

Malware is malicious software designed to infiltrate, damage, or exploit computer systems without the user’s consent.

What is malware?How it typically works?Common techniques & variantsImpactFurther reading

What is malware?

The term malware is a contraction of “malicious software.” It covers a wide range of hostile programs created to disrupt systems, steal information, or enable unauthorized access. Unlike ordinary software, malware runs against the interests of the user and often operates covertly. Malware has existed since the earliest days of computing, but it has evolved into a central weapon for cybercriminals and state actors. From early viruses spread on floppy disks to today’s complex ransomware operations, malware continues to adapt and exploit both technical flaws and human behavior. Notable campaigns such as **WannaCry**, which disrupted hospitals and corporations worldwide, and **Emotet**, which grew into a global distribution platform for other malware, highlight its persistent role in cybersecurity incidents.

How it typically works?

  1. Delivery: malware is introduced into a system through phishing, drive-by downloads, software vulnerabilities, or malicious USB devices.
  2. Execution: the code is run, often without the user noticing. It may disguise itself as a legitimate process.
  3. Persistence: malware ensures it remains active after reboots by modifying system settings or exploiting startup mechanisms.
  4. Payload: depending on its type, malware can encrypt data, steal credentials, spy on users, or spread to other systems.

Common techniques & variants

  • Trojans: disguise as legitimate software to trick users into installation. Famous families include Zeus, Emotet, and TrickBot.
  • Worms: self-replicating malware that spreads automatically. Examples include Conficker and SQL Slammer.
  • Ransomware: encrypts files and demands ransom. Major outbreaks include WannaCry, NotPetya, and LockBit.
  • Spyware: monitors activity and steals data. Notable cases include Pegasus and FinFisher.
  • Fileless malware: runs in memory and abuses legitimate tools. Kovter and PowerShell-based attacks are well-known examples.

Impact

Malware can cause data breaches, financial losses, operational downtime, and reputational harm. The consequences extend beyond technical disruption: ransomware can halt hospitals, worms can paralyze corporate networks, and spyware can compromise government officials. For SecOps teams, malware is a top concern because it is constantly evolving, used in both broad criminal campaigns and advanced persistent threats. Its diversity—from stealthy spyware to destructive ransomware—means defenders must prepare for multiple attack vectors and maintain layered defenses.

Further reading

Related topics

TrojansWormsRansomwareSpywareFileless Malware