Skip to content Skip to navigation Skip to footer

Malware and Types of Malware Attacks

What is Malware?

Malware is software designed to steal data or inflict damage on computer or software systems. Therefore, in the context of this malware definition, it refers to the various types of malicious software, such as viruses, spyware, and ransomware. Cyber-criminals use these tools to gain access to a network and its devices to steal data or damage systems.

What is malware?  There are some telltale signs you can learn that typically indicate you have been the victim of a malware attack, including:

  1. A slow computer. Malware often affects the speed of your device while you are using the internet or applications.
  2. A computer that frequently crashes or freezes during normal use.
  3. A ton of pop-up ads. These often indicate that adware, a type of malware, has gotten into your system. If you see these, it is important to not click on them because they could launch code that causes further damage.
  4. A loss of disk space. If you feel your available disk space has suddenly diminished, it could be because malware is on your hard drive.
  5. A swell in internet activity on your network. Some automatically access the internet, causing an unusual increase in internet activity that does not correlate with user behavior.
  6. When your system is working harder than it normally would. This could be due to malware taking up valuable resources.
  7. Your browser is showing new toolbars, extensions, or a different homepage.

History of Malware

1. 1982

A plain and simple "unwanted software" is the most widely accepted malware definition, and the first example was Elk Cloner, which was spread through floppy disks to Apple II systems in 1982. While this didn’t necessarily harm computers, it represented an unwanted intrusion, fitting the malware meaning most people embrace. 

2. 1990s

Then, in the 1990s, because Windows was such a popular operating system for personal computers, hackers began writing code using the macro language used by the common application Microsoft Word. These spread across the vast ecosystem of Windows PCs, giving birth to the concept of a malware-dominated threat landscape.

3. 2002

Between 2002 and 2007, with the advent of instant messages, attackers started developing worms—which can replicate on their own—and they infected computers through AOL, MSN Messenger, AIM, and Yahoo Messenger. 

The message would entice recipients with a catchy lure, such as, “Who’s that with you in this pic???” When the target clicked on a link in the message, they would get malware downloaded on their system. The malware would then send links to every name on the victim's contact list, effectively weaponizing their computer.

4. 2005

Adware reared its annoying head from 2005 to 2009, starting out as legitimate software used to promote products. But as the ads drifted from somewhat true to fallacious, software publishers started suing adware producers for fraud. As a result, many shut down. But the full-screen, unclosable ad inherent in adware has survived until today.

5. 2007

Social networks saw a boom in popularity from 2007 to 2009. Malware developers used Myspace, Twitter, and Facebook to propagate malicious links, applications, and advertisements.

6. 2013

One of the most dangerous malware types arose in 2013: ransomware. It was spread using Trojans, which consist of malware hidden in apparently benevolent software, as well as exploits and malvertising. Ransomware has continued as a prime malware attack vector to this day. 

7. 2017

In 2017, cryptojacking, which involves hackers using people’s devices to mine crypto, emerged, riding the wave of popularity still enjoyed by cryptocurrencies. Ransomware, cryptojacking, and adware are still trending in the malware sphere. There is no sign they will slow down anytime in the near future.

Different Types of Malware

Although many consumers presume malware threats only attack desktop and laptop PCs, from the perspective of the most widely accepted malware meaning, they can actually infect several types of endpoints. These include phones, mobile devices, and other connected products.

Here are the different types of malware that may impact your online network or attached devices.

1. Viruses

Viruses are perhaps one of the most well-known malware types. A computer virus links its malicious code with clean code and waits for a user to execute it. Viruses spread quickly through a variety of systems, affecting how they work. They also corrupt website content files and prevent users from accessing their computers. They are often hidden inside an executable file.

2. Worms

Worms are one of the more common malware types. A worm moves through a network by forming connections with one machine after another. In this manner, they move between connected computers and can quickly exploit the whole network if not stopped.

3. Trojan Viruses

Trojans are named after the Trojan horse from Greek mythology. Similar to Greek soldiers hiding inside an apparently innocent structure, Trojans appear to be legitimate software. Because they seem innocent, they are accepted into the user’s computer. There, they create backdoors, allowing other advanced malicious software to gain remote access to the 

4. Spyware

Spyware keeps track of what a user does on their computer. Even though spyware may not overtly damage your system, it still fits the malware definition. Spyware hides, like a spy, in the background of a user’s computer, collecting information without the user’s knowledge. This may include sensitive data like credit card details and passwords.

5. Ransomware

Ransomware can lock down a computer or an entire network and prevent users from accessing it until they pay a ransom to the attacker. After the ransom is paid, the attacker provides password information on how the user can take back their system.

6. Adware

Adware results in tons of unwanted advertisements and features appearing on your screen, often while you are using a web browser. Adware may gain access by appearing to be an innocent ad or by attaching itself to another app, gaining access to your system when downloading the apparently benevolent program.

7. Rootkit

Rootkit gives the attacker the same privileges an administrator would have. It stays hidden, allowing the attacker to access the computer and make the kinds of changes normally only accessible to someone with administrator credentials.

8. Keyloggers

A keylogger has the ability to record the keystrokes a user makes on the keyboard. It can then store this information and send it to an attacker. The attacker can then use the data to figure out passwords, usernames, and payment details.

9. Cryptojacking

Cryptojacking involves using a computer or other devices to mine for cryptocurrencies. An attacker uses the computing power of the target’s device to solve the complicated equations needed to generate digital currencies.

10. Rogue Software

Rogue software pretends to offer targets help with getting rid of viruses and other kinds of malware. It then coerces them into inadvertently installing—and paying for—malware.

11. Scareware

Scareware uses social engineering to frighten or shock a user into thinking their system is vulnerable to an attack or potential hacking. However, no danger has actually been detected— it is a scam. The attacker succeeds when the user purchases unwanted—and dangerous—software in an attempt to remove or eliminate the “threat.”


FortiNAC product demo request

Test Your System's Malware Detection Capabilities

Request a Test Right Now!

Malware Detection

Once you have identified what is malware, you have to know how to find it. To detect malware, you can use an intrusion prevention system (IPS), firewalls, and sandboxing systems, which allow you to attract then study attacks. Some malware, such as ransomware, reveals itself through its attack methods because it starts encrypting your files.

On the other hand, some malware uses more subtle tactics, such as installing itself on the target system, paving the way for a hacker to access it later. To detect this kind of malware, your best bet is to use traffic filtering systems that can detect malicious software through examining the profiles of known threats or the behavior patterns of malicious software.

What is Malware in the Business World?

Although anyone with a device is susceptible, businesses are often the preferred targets. This is due to a few different reasons.

When executing a malware infiltration on a business, there exists the potential for a larger-scale attack. For an attacker, they want to get as much “bang for their buck” as possible, and the more devices they can access with infectious code, the better. Most businesses have multiple devices connected to a central network. They may also share a central server, such as one that houses data or email services. If an attacker is able to get past an organization's defenses, it can spread malware to all devices connected to the network.

Another reason why businesses are often the target of choice for malware-armed criminals is the potential for profits. This is particularly true when it comes to ransomware. Attackers know that if a company’s operations are interrupted, each minute that goes by costs them money. In the case of a ransomware attack, the business may be tempted to shell out the cash the attacker is asking for, simply because that expense is less than what they are losing as the attack progresses.

In a larger company, these risks are multiplied because the attack surface is expanded, as are the opportunities. As the size of an organization goes up, so does the number of devices, users, servers, and other entry points for malware. The plethora of potential vulnerabilities often makes larger enterprises more attractive targets than smaller ones.

Do Mobile Phones Get Infected by Malware?

Yes, mobile phones—including Apple iPhones and Android devices—are a prime target for malware attackers. There are around 6 billion mobile phone users today, and many have a hard time recognizing a malware attack, making the mobile realm an attractive target for hackers.

Malware Protection: How to Guard Against Malicious Software Attacks

It is important to be proactive when trying to avoid having malware infected systems in your organization. This involves a combination of prevention, preemptive mitigation, and education.


How to guard against malicious software attacks

1. Avoid Malware

Most malware is relatively easy to spot if you know the signs. The most common places to encounter it are within spam emails, malicious websites, and pop-ups that appear on your device either while using the internet or in the course of normal operation. 

Phishing schemes that seek to trick users to disclose sensitive data could also use malware so that even if you do not provide the information the phisher needs, you still end up clicking something that gives them access to your system. Therefore, it is a good idea to never click on anything that appears randomly on your screen or open anything in an email—attachment or otherwise—that seems suspicious.

2. Back Up Data

Backing up data is a form of preemptive mitigation that will be invaluable if a malware attack is successful. All endpoints and servers should have backups that are shielded from malware. If an attack is successful, you can use the backup to restore your infected device after wiping it.

3. Educate Employees

All employees should have a working understanding of what malware is, how it penetrates a system, its harmful effects, and tips for how to best avoid it. This may include arming them with preventative knowledge such as the value of multi-factor authentication (MFA) and developing strong passwords. Employees should also know to look for red flags in an email or pop-up, as well as who to notify and what to do—or not do—if they suspect their endpoint has been exposed.

4. Check for Vulnerabilities

Have a full cybersecurity system that can help you find the places where malware might enter your network. A proactive security system can closely monitor all endpoints (including mobile devices) as well as a variety of servers—both on-premises and in the cloud.

5. Isolate Viruses with Sandboxing

Sandboxing can block a malware attack by isolating and confining malware—such as a malicious email attachment—to a protected environment. Inside a sandboxed area, the IT team can observe how the malware behaves and how it reacts to security measures taken to neutralize it. All the while, other devices and sections of the network are protected from infection. You can control and isolate malicious software with FortiSandbox.

6. Use Firewall Protection

) technology prevents malware delivery by filtering network traffic. This includes traffic entering and exiting the network. Two-way malware protection is important because malicious programs within your system can be leveraged to affect users, devices, and networks that connect to yours. NGFWs incorporate packet filtering, network monitoring, Internet Protocol (IP) mapping, IP security (IPsec), and secure sockets layer virtual private network (SSL VPN) support. It also uses deeper inspection measures to protect a company from intrusion or from having applications hijacked.

The Fortinet NGFW solution is constantly updated to stay ahead of the latest threats in the cyber universe. Each update provides the NGFW with the data it needs to filter the latest and most dangerous threats. Protect against malware and more with FortiGate.

7. Detect Malware with Antivirus

The FortiGuard Antivirus Secruity Service leverages the power of the FortiGuard Labs Global Threat Intelligence system. In the span of a minute, FortiGuard eliminates, on average, 95,000 malware programs for real-time protection. FortiGuard does this by incorporating knowledge of the different types of malware within the global threat landscape. Countermeasures are engineered to neutralize each type of threat, and then they are automatically enacted by FortiGuard, thereby protecting the networks under the FortiGuard umbrella.

The FortiGuard Antivirus  can attach to FortiGate, FortiSandbox, FortiMail, FortiWeb, and FortiClient.

8. Malware Removal

The best way to remove malware from an infected computer or personal device is by running antivirus security software. Using data about each kind of threat, antivirus apps can detect, remove, and quarantine malware on the different devices you use: desktop, laptop, smartphone, or tablet. Antivirus programs use data from its most recent update to locate the widest possible range of threats, so it is best to choose a solution that constantly updates.

Rundown Of The Biggest Insights Into Malware Facts

  1. A big problem: the average number of malware attacks worldwide annually is 5.4 billion.
  2. Malware (17%), phishing attacks (17%), and ransomware (19%) are currently the most common causes of cyberattacks.
  3. The number of detected malware has grown from 28.84 million ten years ago to nearly 678 million by some estimates.
  4. Recent trends show that these threats are becoming stealthier—such as increasing use of fileless malware and also encrypted malicious files.
  5. Check all your connections for malware infection. Linux-based Internet of Things (IoT) devices saw a 35% increase in malware attacks last year.
  6. Your mobile device may also be a target. Mobile malware on iPhone and Android devices has been on the rise in some regions.

How Fortinet Can Help?

The FortiGate NGFW is powered by FortiGuard malware intelligence, which ensures it can detect and mitigate the latest malicious software on the threat landscape. In addition, FortiGate has machine learning capabilities that enable it to detect malware based on its behavior, instead of relying merely on existing profiles. In this way, FortiGate can prevent zero-day attacks as well.


What is Malware?

Malware refers to the various types of malicious software, such as viruses, spyware, and ransomware. Cyber-criminals can use these tools to gain access to a network and its devices to steal data or damage systems.

What are examples of malware?

Here are the different types of mobile malware that may impact your online network or attached devices. 

  • Viruses
  • Worms
  • Trojan viruses
  • Spyware
  • Ransomware

What does a malware do?

There are some telltale signs you can learn that typically indicate you have been the victim of a malware attack, including:

  1. A slow computer. Malware often affects the speed of your device while you are using the internet or applications.
  2. A computer that frequently crashes or freezes during normal use.
  3. A ton of pop-up ads. These often indicate that adware, a type of malware, has gotten into your system. If you see these, it is important to not click on them because they could launch code that causes further damage.