This malicious software tries to do damage in the background while your computer continues to languish. […]
Pixabay.com
Computer virus definition: A computer virus is a form of malware that hooks itself into the code of a legitimate application in order to spread and reproduce. Like other types of malware, a virus is used by attackers to damage or take control of a computer. Its name derives from the method it uses to infect its targets. A biological virus like HIV or the flu cannot replicate itself; he must hijack a cell to do this work for himself, causing great damage to the infected organism in the process.
Likewise, a computer virus itself is not a standalone program. It's a snippet of code that plugs into another application. When this application runs, it executes the virus code, with results ranging from annoying to catastrophic.
Virus vs Malware vs Trojan vs Worm
Before we continue, a quick note on terminology. Malware is a general term for malicious computer code. As mentioned earlier, a virus is a special type of malware that infects other applications and can only run if they are running. A worm is a malware program that can run, reproduce, and spread on its own, and a trojan is malware that tricks people into starting it by disguising itself as a useful program or document. Sometimes the term "virus" is used indiscriminately for all types of malware, but in this article we'll use the narrower definition.
What do computer viruses do?
Imagine an application on your computer is infected with a virus. (We'll discuss the various ways this can happen in a moment, but for now let's just take the infection for granted).
How does the virus do its dirty work? Bleeping Computer provides a good overview of how the process works. The general process goes something like this: the infected application runs (usually at the user's request) and the virus code is loaded into CPU memory before the legitimate code is executed.
Now the virus spreads itself by infecting other applications on the host computer and injecting its malicious code wherever it can. (A resident virus does this with programs open, while a nonresident virus can infect executable files even if they are not running).
Boot sector viruses use a particularly malicious technique at this stage: they place their code in the boot sector of the computer's system disk, ensuring that it runs before the operating system is fully loaded, making it impossible to "clean" the computer operate. (We'll go into more detail about the different types of computer viruses later).
Once the virus has lodged itself in your computer, it can begin executing its payload, which is the piece of virus code that does the dirty work its creators designed it to do.
This can include all sorts of nasty things: viruses can scan your computer's hard drive for banking information, log your keystrokes to steal passwords, turn your computer into a zombie launching a DDoS attack against the hacker's enemies, or even your data encrypt and demand a ransom in Bitcoin to restore access. (Other types of malware can have similar effects.)
How do computer viruses spread?
In the early days before the Internet, viruses often spread from computer to computer via infected floppy disks. The SCA virus, for example, spread among Amiga users via floppy disks containing pirated software. It was mostly harmless, but at any given time up to 40% of Amiga users were infected.
Viruses now spread via the Internet. In most cases, applications infected with virus code are transmitted from computer to computer like any other application. Because many viruses contain a logic bomb—code that ensures the virus's payload runs only at a specific time or under specific conditions—users or administrators may be unaware that their applications are infected, and may transmit or install without hesitation.
Infected applications can be emailed (accidentally or intentionally – some viruses hijack a computer's mail software to email copies of themselves); they can also be downloaded from an infected code repository or an infected app store.
All of these infection vectors have one thing in common: they require the victim to run the infected application or code. Remember that a virus can only run and multiply when its host application is running! With the spread of malware via email being so widespread, many people wonder: can I catch a virus if I open an email?
The answer is that you almost certainly can't get infected just by opening a message; you have to download and run an attachment infected with virus code. For this reason, most security experts advise to be very careful when opening email attachments, and most email clients and webmail services have virus scanning capabilities by default.
A particularly insidious way a virus can infect a computer is when the infected code runs as JavaScript in a web browser and manages to exploit security flaws to infect locally installed programs. Some email clients execute HTML and JavaScript code embedded in email messages, so opening such messages could technically infect your computer with a virus.
However, most email clients and webmail services have built-in security features that prevent this from happening, so this isn't an infection vector to fear in the first place.
Can all devices be infected with viruses?
Virus developers focus their attention on Windows machines because of their large attack surface and install base. However, that doesn't mean other users should be careless. Viruses can affect Macs, iOS and Android devices, Linux machines and even IoT gadgets. If it can run code, that code can be infected with a virus.
Types of computer viruses
Symantec provides a good overview of the different types of viruses, which can be categorized in different ways. The main types to know about are:
Note that these categorization schemes are based on different aspects of a virus' behavior, so a virus can fall into more than one category. A resident virus can B. also be polymorphic.
How to prevent and protect yourself from computer viruses
Antivirus software is the most well-known product in the category of anti-malware products. CSO has compiled a list of the best antivirus software for Windows, Android, Linux, and macOS, keeping in mind that antivirus software is not a one-size-fits-all solution.
When it comes to more advanced enterprise networks, endpoint security offerings offer comprehensive protection against malware. Not only do they provide the signature-based malware detection you expect from an antivirus, they also offer spyware protection, personal firewall, application control, and other types of host intrusion prevention. Gartner offers a list of its best products in this space, which includes products from Cylance, CrowdStrike, and Carbon Black.
One thing to note about viruses is that they usually exploit vulnerabilities in your operating system or application code to infect your systems and allow you to work unhindered; if there are no vulnerabilities to exploit, you can avoid infection even when running virus code.
That's why you should ensure all your systems are patched and updated, keep an inventory of your hardware so you know what you need to protect, and continuously scan your infrastructure for vulnerabilities.
Symptoms of a computer virus
How do you know that a virus has overcome your defense mechanisms? With a few exceptions, such as B. ransomware, viruses are not keen on letting you know that they have infected your computer. Just as a biological virus tries to keep its host alive so that it can continue to use it as a vehicle for its reproduction and spread, a computer virus tries to do its damage in the background while your computer is still running.
But there are ways to tell you're infected. Norton has put together a good list; symptoms include:
Unusually slow performanceFrequent crashesUnknown or unfamiliar programs that start when you turn on your computerMass emails sent from your email accountChanges to your home page or passwords
If you suspect that your computer is infected, you should run a virus scan. There are plenty of free services to start your search with: Safety Detective has a round-up of the best.
Remove computer viruses
Once a virus is installed on your computer, the removal process is similar to any other type of malware – but it's not easy.
If you're looking for tools to clean up your system, Tech Radar has a good compilation of free offerings, which includes some well-known names from the antivirus world as well as newcomers like Malwarebytes.
Also, it's a smart move to always back up your files so that you can restore from a known-safe state should the need arise, rather than trying to extract virus code from your boot record or paying a ransom to cyber criminals.
Computer virus history
The first real computer virus was Elk Cloner, created as a joke by fifteen-year-old Richard Skrenta in 1982. Elk Cloner was an Apple II boot sector virus that could jump from floppy disk to floppy disk on computers with two floppy drives (of which there were many). Every 50th time an infected game was launched, a poem announcing the infection was displayed.
Other important viruses of the past were:
Jerusalem: A DOS virus that nested on computers, launched every Friday the 13th and deleted applications.Melissa: A mass-mailing macro virus that brought the underground virus scene into the mainstream in 1999. It earned its creator 20 months in prison.
However, most of the well-known malware programs you've heard of in the 21st century were strictly speaking worms or trojans, not viruses. That doesn't mean there aren't viruses, though – so be careful what code you run.
*Josh Fruhlinger is a writer and editor based in Los Angeles.
