SOLUTIONS
Deliver Superior Online Experiences
Mitigate DDoS AttacksStop Malicious Bot AbuseAccelerate Internet ApplicationsEnsure Application AvailabilityOptimize Web ExperiencesStream Videos On-Demand
Secure Employee Applications and Devices
Deliver Zero Trust Access to ApplicationsImplement Secure Access Service Edge (SASE)Protect Users Accessing the InternetProtect Corporate NetworksManage Secure Contractor AccessReplace Virtual Private Networks (VPNs)Secure Your Remote WorkforceStop Zero Day Attacks with Browser Isolation
 
Protect and Accelerate Networks
Solutions-Solutions-Protect and Accelerate Networks-Cloudflare's Network ServicesMitigate L3 DDoS AttacksConnect network infrastructure with CloudflareTransform Corporate Networks
Code on the Network Edge
Build a Serverless ApplicationDeploy a Static WebsiteConfigure a CDNDefine Conditional Request Routing
Manage a Secure Cloud
Secure Hybrid, Cloud, & SaaS PlatformsEnable SSL for SaaS ApplicationsReduce Cloud Data Transfer Costs
Register a Website
Register or Transfer a Website
INDUSTRIES
eCommerceFinancial ServicesGamingHealthcare and Life SciencesMedia and EntertainmentPublic SectorSaaSEducation
PUBLIC INTEREST
Election CampaignsAthenian ProjectProject GalileoProject Fair Shot
FOR INFRASTRUCTURE
Application & Network Security
DDoS ProtectionWAFBot ManagementMagic TransitMagic WANRate LimitingSSL / TLSSSL/TLS for SaaS ProvidersCloudflare SpectrumNetwork InterconnectCDNDNSArgo Smart RoutingLoad BalancingStream DeliveryChina NetworkWaiting Room
FOR TEAMS
Cloudflare for TeamsAccessGatewayBrowser Isolation
FOR DEVELOPERS
Serverless Applications
Cloudflare WorkersCloudflare Workers KV
Domain Registration
Cloudflare Registrar
Website Development
Cloudflare PagesCloudflare Stream
SaaS Developers
Cloudflare for SaaS
FOR EVERYONE
1.1.1.11.1.1.1 with WARP (App)1.1.1.1 for Families
INSIGHTS
AnalyticsCloudflare LogsWeb AnalyticsCloudflare Radar
PRIVACY
Data LocalizationCompliance
FOR INFRASTRUCTURE
Advanced Security
Bot ManagementFirewall rulesMagic TransitSpectrum (TCP/UDP)SSLWAFCDNDNSImage ResizingLoad BalancingStream (Video)
 
Insights
Analytics
Domain Registration
Registrar
FOR SERVERLESS APPLICATIONS
Workers Quick StartCloudflare PagesSample Workers ProjectsWorkers TutorialsCommand-line (Wrangler)Runtime
FOR TEAMS
Cloudflare for Teams
EXPLORE CLOUDFLARE API
Cloudflare APIAPI Authentication
DOCUMENTATION HUB
Dev Documentation Hub
RESOURCES
Resource HubWhitepapersWebinarsSolutions & Product GuidesCase StudiesAnalysts
EXPLORE
What's New?Network MapCloudflare in ChinaGDPR
GET STARTED
Register Your WebsiteWelcome CenterGet Help
LEARN
Learning CenterSecurityDDoSBot ManagementSSLIdentity and Access ManagementPerformanceCDNDNSCloudServerlessNetwork Layer
CONNECT
BlogCommunity
TRUST
Trust HubPrivacy & Data ProtectionCertificationsTrust & SafetyGDPRLegal Documentation
CONTACT
+1 650 319 8930
CHANNEL & ALLIANCE PARTNERS
Partner NetworkPartner Portal
TECHNOLOGY PARTNERS
OverviewAnalytics PartnersBandwidth AllianceEndpoint Security PartnershipsInterconnect PartnershipsNetwork On-ramp PartnershipsPeering Portal
PRICING BY PLAN
FreeProBusinessEnterprise
COMPARE AND EXPLORE
Need Help Choosing a Plan?Add OnsCompare All Plans

What is malware?

Malware is software that is designed to disrupt normal operations of a device.

Learning Objectives

After reading this article you will be able to:

  • Define Malware
  • Explore and differentiate between common malware attacks
  • Understand potential risks for malware attacks, and how to reduce vulnerability

Related Content

Denial Of Service

What is IP Spoofing?

OSI Model

UDP Flood Attack

High Orbit Ion Cannon

Copy article link

What is malware?

Malware, a portmanteau from the words "malicious" and "software," is a general term which can refer to viruses, worms, Trojans, ransomware, spyware, adware, and other types of harmful software. A key distinction of malware is that it needs to be intentionally malicious; any software that unintentionally causes harm is not considered to be malware.

The general goal of malware is to disrupt the normal operations of a device. This disruption can range in purpose from displaying ads on a device without consent to gaining root access of a computer. Malware may attempt to obfuscate itself from the user in order to collect information quietly or it may lock the system and hold data for ransom. In DDoS attacks, malware such as Mirai affects vulnerable devices, turning them into bots under the control of the attacker. Once modified, these devices can then be used to carry out DDoS attacks as part of a botnet.

The creation of malware arose as the result of experiments and pranks by computer programmers, but discovery of the commercial potential it creates has turned malware development into a lucrative black market industry. Today, many attackers offer to create malware and/or launch malware attacks in return for compensation.

What are some common types of malware?

  • Spyware - As the name implies, spyware is used to spy on a user’s behavior. Spyware can be used monitor a user’s web browsing activity, display unwanted ads to the user, and modify affiliate marketing streams. Some spyware uses what’s called a keylogger to record the user’s keystrokes, giving the attacker access to sensitive information including usernames and passwords.
  • Viruses - A virus is a malicious program that can be embedded in an operating system or a piece of software; the victim needs to run the operating system or open the infected file to be affected.
  • Worms - Unlike viruses, worms self-replicate and transmit themselves over a network, so the user doesn’t have to run any software to become a victim, just being connected to the infected network is enough.
  • Trojan Horses - These are pieces of malware that come hidden inside other useful software to entice the user to install them. Pirated copies of popular software are often infected with trojan horses.
  • Rootkits - These software packages are designed to modify an operating system so that unwanted installations are hidden from the user. A famous example is the 2005 Sony rootkit scandal, when Sony sold 22 million music CDs that came infected with a rootkit that would secretly install software intended to disrupt CD-copying on the purchaser’s computer. This rootkit opened up the door for other attackers to target infected computers with additional malware.
  • Ransomware - This software can encrypt files or even an entire operating system on a computer or network and keep them encrypted until a ransom is paid to the attacker. The emergence of bitcoin and other cryptocurrency has created a surge in the popularity of ransomware attacks, as attackers can anonymously accept currency and minimize the risk of getting caught.

What are the risk factors for malware infection?

  • Security bugs - Software such as operating systems, web browsers, and browser plugins can contain vulnerabilities for attackers to exploit.
  • User error - Users opening software from unknown software or booting their computers from untrusted hardware can create a serious risk.
  • OS sharing - The use of a single operating system by every computer on a network also increases malware infection risk; if all the machines are on the same OS, then it is possible for one worm to infect them all.

How can you stop malware?

No one can be completely impervious to malware attacks; new attacks are constantly being developed to challenge even the most secure systems. But there are plenty of ways to minimize vulnerability to malware attacks, these include:

  • Anti-virus and anti-malware software - Running regular scans on a computer or network is crucial to detecting threats before they can spread.
  • Website security scans - People who have websites should be aware that malware can target a website’s software to view private files, hijack the site, and potentially even harm that site’s visitors with forced malware downloads. Running regular security scans on a website can help to catch these threats.
  • Web Application Firewall (WAF) - Another good resource for webmasters is a WAF, which can block malware at the edge of a network and prevent it from reaching a site’s origin server.
  • Air gap isolation - Considered to be a last resort, air gap isolation means cutting a computer or network off from all outside networks and Internet communication by disabling any hardware that would make communications possible. Even this isn’t a foolproof defense and has been compromised by tactics such as the ‘dropped drive’ attack, where usb drives are dropped in a company’s parking lot in hopes that a curious employee will find one and plug it into a computer on the network, infecting the isolated network with malware.

Sales

About DDoS Attacks

DDoS Attacks

DDoS Attack Tools

DDoS Glossary

Learning Center Navigation

© 2021 Cloudflare, Inc.Privacy PolicyTerms of UseDisclosureCookie PreferencesTrademark