Malware: CNBC Explains

It's hard to stay out of trouble on the Internet. Even if you avoid sites with questionable content, there are plenty of pitfalls and traps that subtly install programs which then wreak havoc on your computer.

Hand using mouse with laptop
Altrendo | Getty Images
Hand using mouse with laptop

It's known as malware — a generic term for the various ways your PC can be infected, compromised, and crippled.

In the best-case scenario, a bout with malware means your computer will try (and fail) to fight off an abundance of pop-up ads and sluggish operating speeds, but sometimes malware results in stolen personal data or the complete shutdown of your computer.

Security firms say about 50 percent of the computers their software has scanned contained malware.

What is Malware?

Malware is a collective term for the wide number of programs, viruses, and other methods hackers use to gain access to your system. The most common type is called a Trojan – a destructive program that appears to be some sort of application, such as a screensaver (and may, in fact, actually perform the function you think it does) or is attached to a legitimate download (such as a Word or Excel file).

Other types of malware include computer viruses and worms (which can copy themselves onto other machines through a network and infect them), adware (which forces ads, – usually pop-ups, — on your screen) and backdoor programs (which allow hackers to bypass any authentication method you have in place).

Regardless of the type, it's malicious software (thus the malware condensation) that exploits security weaknesses on your computer, giving third-parties access to your hard drive – and often your online accounts as well.

What Does It Do?

The effects of being infected by malware depend on the type of program. Adware is annoying, given the volume of ads it can display onscreen, but the program itself is harmless. It's meant to generate ad impressions, and thus revenue, for the programmer behind it. Often, though, adware is paired with other, more invasive programs.

Some malware logs keystrokes on your computer, subtly sending a copy of everything you've typed back to the programmer. This can give them access to your online passwords –particularly dangerous should you log on to your bank or credit card's website.

Other programs take over your PC without your knowledge, using it to send spam emails, to host data (ranging from pirated movies to child pornography), or to assist in attacks on company websites.

The programs also generally give hackers full access to your hard drive, letting them thumb through any financial records, photos, videos or other files you store there.

Who Creates Malware – and Why?

Malware creators used to be people who had mastered a programming language and created the programs to show off their skills. Today, that's rare. It's more often professional, tech-savvy criminals who are looking to profit through the intrusion into your system.

Some might sell your information on the black market (log-ins for bank accounts, for example, are sold for well over $1,000). Others might steal from you directly by accessing your accounts. And others, as mentioned previously, might use your computer to store data that's illegal.

Of course, the hooligans who just want to cause mischief are still out there as well. They may not use any of your personal information for their own gain, but they'll happily repost it online or use your system as a proxy as they attack others.

The first known virus to emerge was known as the "Creeper virus" in 1971. Created by Bob Thomas, an engineer at BBN Technologies, it wasn't invented with any malicious intent, but to show the capabilities of a mobile application. The virus would essentially wander around a network, start to print files, then hop to another machine (rather than replicate itself). It was shut down with what became the first anti-virus program — called The Reaper.

By 1974, malicious software using the same technology had emerged, known as the Wabbit virus, which would clog a computer's resources until it crashed.

How Does Malware Get on My Computer?

Most of the time, people inadvertently load malware onto their systems without knowing it. Trojans — (also called Trojan horses), the most prevalent form of malware, are malicious programs that are disguised as something useful.

You're safe when it comes to buying any sort of software from the store, and generally when you download software from a major company's site (i.e. Microsoft,Adobe, etc.). But when you see something advertised on a website you're unfamiliar with or in an ad, it's best to proceed with caution.

Screensavers, toolbars and files from BitTorrent sites (frequented by people looking to download pirated movies, music, books and television shows) are the most common hiding places for malware. And those pop-ups that warn you your system is infected as you browse the web? They're usually a scam.

Also, if you happen to log onto a network that's infected, you run the risk of your machine becoming infected as well as the virus will quickly replicate onto any non-infected terminal it can find. (There's generally no way for outsiders to know, however, if that network is compromised.)

How Can I Prevent My Computer From Being Infected?

Good anti-virus software is one of the first — and most important — programs you should install on any computer. There are plenty of trusted brands on the market, such as Norton, McAfee, avast! and Panda. Some are free, while others charge an annual fee. But each offers a necessary layer of protection. Also, be sure to keep them updated, as new types of malware emerge everyday.

If you use any recent version of Windows, the operating system ships with a firewall meant to prevent unauthorized access to your machine as well. Keep this up and running at all times. This is a good shield, but not a perfect one and should be used in conjunction with anti-virus software.

Ultimately, it comes down to common sense, though. If you're unsure about a website, don't download anything from there. Do a thorough search on the program you were going to use before taking action. Don't open attachments from any email in which you don't know the sender – and, even if you do, it's best to verify they sent it if you weren't expecting it.

Similarly, don't click anything in a pop-up ad except for the "X" in the upper right corner. (Clicking anywhere inside the ad —even the box that says "Cancel" or "Close" can start a download without your knowing it.)

Finally, keep your software updated to the most recent versions. Publishers send out patches to both fix small troubles with the software and to close any loopholes that hackers may use. This is doubly important for your computer's operating system.