--:-- --
↓ Scroll for more

Unit 9.5

Understanding Malware: Viruses, Worms, and Trojans

IT 231: IT and Application

Learning Objectives 🎯

By the end of this chapter, you will be able to:

  • ✅ Define what malware is and its purpose.
  • ✅ Differentiate between a virus, a worm, and a Trojan horse.
  • ✅ Describe the significant threat of ransomware.
  • ✅ Identify the primary method of protection against malware.

What is Malware? 🔍

Malware, short for malicious software, is any software intentionally designed to cause damage to a computer, server, client, or computer network.

It's a general term for a wide variety of digital threats.

  • Viruses
  • Worms
  • Trojan Horses
  • Ransomware
  • Spyware

The Virus 🦠

A piece of malicious code that attaches itself to a legitimate program or file.

  • Needs a Host: Cannot exist or spread on its own. It requires a host program to run.
  • Replication: When the host program is executed, the virus runs and can replicate itself to infect other programs on the system.
  • Example: An infected Microsoft Word macro that runs when you open a document.

The Worm 🐛

A standalone program that can replicate itself and spread to other computers, typically over a network.

  • Standalone: Does not need to attach to another program to run or spread.
  • Network Propagation: Exploits vulnerabilities in operating systems or networks to travel from one computer to another without human intervention.
  • Impact: Often consumes significant network bandwidth, causing network slowdowns or crashes.

The Trojan Horse 🐴

A program that disguises itself as something useful or harmless to trick the user into installing it.

  • Deception is Key: Appears to be a legitimate application (e.g., a game, a utility, a software patch).
  • User-Activated: Relies on the user to download and execute the program.
  • Payload: Once installed, it can perform malicious actions like stealing data, installing a backdoor, or downloading other malware.

📊 At a Glance: Virus vs. Worm vs. Trojan

Virus 🦠

  • Attaches to a host file
  • Needs user action to spread (e.g., running the file)
  • Spreads locally first

Worm 🐛

  • Standalone program
  • Self-propagates over a network
  • Spreads rapidly

Trojan Horse 🐴

  • Disguised as legitimate software
  • Tricks user into installation
  • Doesn't self-replicate

The Modern Menace: Ransomware 💰

A type of malware that encrypts a user's files and demands a ransom payment in exchange for the decryption key.

⚡ Threat: Your data becomes inaccessible. Even if you pay, there is no guarantee you will get your files back.

  1. Infection: Often delivered via a Trojan (e.g., a malicious email attachment).
  2. Encryption: Silently encrypts documents, photos, and other important files.
  3. Demand: A ransom note appears on the screen demanding payment, usually in cryptocurrency.

Practical Application: The Threat in Nepal

Real-World Example

In recent years, Nepal has seen a rise in phishing and ransomware attacks targeting individuals and businesses.

  • Phishing Scams: Fake emails or SMS messages pretending to be from banks or popular services like eSewa or Khalti, trying to steal login credentials.
  • Business Impact: Small businesses and even government portals have been targeted by ransomware, disrupting services and leading to data loss.
  • Lesson: Always be skeptical of unsolicited messages and verify the source before clicking links or downloading attachments.

🛡️ Primary Defense: How to Protect Yourself

The single most important defense is up-to-date antivirus software.

Antivirus software performs several critical functions:

  • Scans: Actively checks files and programs for known malware signatures.
  • Removes: Quarantines or deletes malicious files it discovers.
  • Prevents: Monitors system activity to block new infections in real-time.

Also critical: Keep your operating system and all applications updated with the latest security patches!

Summary & Key Takeaways

  • Malware is a broad term for any software designed to cause harm.
  • A virus needs a host program to spread, while a worm is a standalone program that can spread on its own across networks.
  • A Trojan horse deceives you into installing it by pretending to be legitimate software.
  • Ransomware is a dangerous form of malware that encrypts your files and demands a payment for their release.
  • Your primary defense is using up-to-date antivirus software and practicing safe computing habits.

Thank You!

Any questions?

Next Topic: Chapter 6 - Network Security Fundamentals

Back to Course Home | Download Slides