DEFINITION of 'Malware'

Malware is a software designed to allow an outside party access to a computer without the knowledge of the computer owner.

Malware is a portmanteau of “malicious” and “software”.


Malware refers to a category of software designed specifically to obtain access to a computer without the knowledge of the owner of the system. It is thus differentiated based on the intent of the creator.

Malware comes in a variety of forms, with the most well-known type called a virus. Other types of malware include Trojans, bots, spyware, and ransomware. Viruses and worms make copies of themselves and attempt to infect other computers; spyware seeks to capture and transmit sensitive information; and ransomware locks out the computer owner from the device until money in the form of Bitcoin is paid.

The most common way that malware is able to infect a computer is through file downloads. A computer user may open an email attachment thinking that it is from a trusted source, only to download a malware file instead. Malware may also be downloaded from websites if a user clicks on a link, or by sharing files with outside parties, such as through a peer-to-peer (P2P) network. The malware may be an executable file, meaning that it won’t be activated until it is opened on a computer. To increase the odds of the file being activated, malware designers may disguise the file as being something benign.

Malware is most commonly created in order to make money. One way this is done is by stealing information found on a computer, such as credit card information or other sensitive or confidential material. The malware creators may also ransom the information stolen by demanding payment in exchange for not making the information public, or, if the software takes control of a computer, for returning access to the owner. Malware creators may sell the information to third-parties rather than try to collect money from the owners of infected computers directly.

The rise in the number of devices relying on software – from cell phones and computers, to cars and televisions – has increased the threat posed by malware. The emergence of the “internet of things”, in which computerized devices including everyday objects, are connected to the internet, means that outside parties can use malware to gain access to sensitive information by first attacking the weakest link in the security chain. Devices that were once not computerized, such as refrigerators, are turned into smart devices by connecting them to the internet, but with software not designed with security in mind.

Protecting computers from malware is a multibillion-dollar industry. Individuals and businesses seeking protection from malware can purchase software that blocks known threats. Corporate information technology (IT) departments may limit the computer administrative rights of employees, making it more difficult for them to accidentally download programs that may be harmful. While protective software can help reduce threats, educating employees on how to recognize ways that malware may infect a computer is also important. For example, educating employees on how to recognize potentially harmful website links or suspicious download files from unknown email senders can reduce the threat of malware.