Computer worm vs viruses

A class of malware designed specifically to automate cybercrime. Crimeware distinct from spyware and adware is designed to perpetrate identity theft through social engineering or technical stealth in order to access a computer user's financial and retail accounts for the purpose of taking funds from those accounts or completing unauthorized transactions that enrich the cyberthief.

Alternatively, crimeware may steal confidential or sensitive corporate information. Malicious attempts by one or more people to cause the victim, site, or node to deny service to its customers. A computer file that contains a sequence of instructions to run an automatic task when the user clicks the file icon or when it is launched via a command.

Applications for personal or business communication that are built around the concept of online presence detection to determine when an entity can communicate. These applications allow for collaboration via text chat, audio, video or file transfer.

The action of recording logging the keys struck on a keyboard, typically covertly, so that the person using the keyboard is unaware that their actions are being monitored. Data can then be retrieved by the person operating the logging program.

A keylogger can be either software or hardware. Software that uses system resources to solve large mathematical calculations that result in some amount of cryptocurrency being awarded to the solvers. There are two ways that mining can be performed: either with a standalone miner or by leveraging mining pools. Mining software relies on both CPU resources and electricity. Once a system has a miner dropped on it and it starts mining, nothing else is needed from an adversary perspective.

The miner generates revenue consistently until it is removed. The part of the data transmission that could also contain malware such as worms or viruses that perform the malicious action: deleting data, sending spam, or encrypting data. While packet headers indicate source and destination, actual packet data is referred to as the "payload.

A type of malicious software that is used by cybercriminals to target point of sale POS terminals with the intent to obtain credit card and debit card information by reading the device memory from the retail checkout point of sale system.

POS malware is released by hackers to process and steal transaction payment data. The card information, which is usually encrypted and sent to the payment authorization, is not encrypted by POS malware but sent to the cybercriminal. Software that a user may perceive as unwanted. This may include adware, spyware, or browser hijackers. Such software may use an implementation that can compromise privacy or weaken the computer's security. Companies often bundle a wanted program download with a wrapper application and may offer to install an unwanted application, in some cases without providing a clear opt-out method.

Programs that hide the existence of malware by intercepting i. Rootkits or rootkit enabling functionality may reside at the user or kernel level in the operating system or lower to include a hypervisor, master boot record, or the system firmware.

Adversaries may use rootkits to hide the presence of programs, files, network connections, services, drivers, and other system components. Anytime perceived trust is used to elicit information from groups or individuals, it is referred to as "social engineering.

Software that aims to gather information about a person or organization without their knowledge, that may send such information to another entity without the consumer's consent, or that asserts control over a device without the consumer's knowledge. Programs that systematically browse the internet and index data, including page content and links. These web crawlers help to validate HTML code and search engine queries to identify new web pages or dead links.

A type of destructive malware that contains a disk wiping mechanism such as the ability to infect the master boot record with a payload that encrypts the internal file table. Wipers render the attacked process or component useless to the end user. Cisco Annual Cybersecurity Report. This document is provided on an "as is" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information on the document or materials linked from the document is at your own risk.

Cisco reserves the right to change or update this document at any time. This document is part of the Cisco Security portal. Cisco provides the official information contained on the Cisco Security portal in English only. Your use of the information in the document or materials linked from the document is at your own risk. Cisco reserves the right to change or update this document without notice at any time. Ransomware Ransomware is a type of malicious software that threatens to publish the victim's data or perpetually block access to it unless a ransom is paid.

Security Center Malware What is a computer worm, and how does it work? Written by a NortonLifeLock employee. Join today. Cancel anytime. Start Free Trial. How do computer worms work? How to tell if your computer has a worm If you suspect your devices are infected with a computer worm, run a virus scan immediately. Keep an eye on your hard drive space. When worms repeatedly replicate themselves, they start to use up the free space on your computer.

Monitor speed and performance. Has your computer seemed a little sluggish lately? Are some of your programs crashing or not running properly? That could be a red flag that a worm is eating up your processing power. Be on the lookout for missing or new files. One function of a computer worm is to delete and replace files on a computer.

When the infected application or file runs in the computer, the virus activates and executes in the system. It continues to replicate and spread by attaching replicas of itself to other files and applications in the system. A virus spreads when the infected file or program migrates through networks, file collaboration apps, email attachments, and USB drives. Once a user opens the infected file or program, the vicious cycle repeats itself all over again. Typically, the host program continues to function after the viral infection, but some viruses overwrite entire programs with copies of themselves, which corrupts and destroys the host program altogether.

Worms are a self-replicating type of malware and a type of virus that enter networks by exploiting vulnerabilities, moving quickly from one computer to another. Because of this, worms can propagate themselves and spread very quickly — not only locally, but have the potential to disrupt systems worldwide.

In , the WannaCry worm attack caused damage worth hundreds of millions to billions of dollars. Also known as WannaCry ransomware, this attack is a hybrid of ransomware and a worm — specifically cryptoworm.