In the past three blog posts we have discussed three distinct types of malware or “malicious software”: 1) virus, 2) worm and 3) Trojan. In many ways the differences between these types of malware are subtle but for those that really want to understand how malware is classified it is worth understanding the subtleties.
A virus infects a legitimate application (e.g., Microsoft Word) to spread and reproduce itself. In contrast, a Trojan masquerades as a legitimate program but actually it is not; you could even call it a fake program. In both cases, the virus or Trojan is often attached to an email or downloaded from a malicious website. The result of either can be similar and may include installing spyware/adware or executing a ransomware attack.
A worm is different from the other two because it is designed to replicate itself without human interaction (e.g., downloading an email attachment) and it does not need a file to do damage. Worms most often exploit some inherent software vulnerability and use that as a vector to spread far and wide within an organization. Worms can cause damage to many computers and servers in an organization and thus are often unleashed on high value targets.