Security for Beginners
by Sergey Okinchuk
Chapter 6: MalwareThe Malware Family
Topic 25

What Malware Is

Concept

You have probably heard that a device can be "infected," and the word makes it sound almost like a disease that strikes out of nowhere. The reality is plainer and, once you see it, far less mysterious.

Malware is shorthand for malicious software — any program written to do something against your interest, on a device that is supposed to be working for you. It is not magic and it is not a random fault. It is software, running like any other program, with a hostile purpose.

Think of a kitchen appliance that has been secretly rewired to do harm. It still plugs in and switches on like a normal appliance; it still runs the way appliances run. What changed is that someone built or altered it to work against you instead of for you. Malware is software in exactly that position — ordinary in how it operates, hostile in what it was made to do.

What every piece of malware has to do
Get onto the devicearrive somehow
Runget executed
Carry out its goalsteal · spy · damage

Software With a Hostile Job

A program is just a set of instructions a computer follows. A photo app follows instructions to show pictures; a music app follows instructions to play sound. Malware follows instructions too — the difference is only in what those instructions are for.

Instead of serving the person at the device, malware is written to steal information, spy on what someone does, damage files, or hijack the machine for the attacker's own use. The mechanics are completely ordinary. The purpose is the whole problem.

This is why "it ran like a normal program" is not reassuring. Running like a normal program is exactly how malware does its work. Nothing about it has to look broken or strange while it operates.

It Needs to Get In, and It Needs to Run

Every piece of malware faces two separate tasks. First it has to arrive on the device — a program sitting on someone else's computer can do nothing to yours. Then it has to run, because instructions that never execute are just an inert file.

Arriving happens in many ways. A downloaded file is one, but an email attachment, a malicious ad, a tampered-with website, or a plugged-in USB stick are all routes too. We will look at how malware gets in more closely later in this chapter.

Running is the second hurdle. Often the attacker needs the person to open the file or install the app, which is why so much malware is dressed up to look worth opening. Defenders work on both tasks at once: make it harder for malware to arrive, and make it harder for it to run once it does.

Named by What It Does

Malware comes in types, and the names you may have heard — virus, worm, trojan, spyware, ransomware — describe behavior: what the program does and how it spreads. They are not named after who wrote them or where they came from.

A virus is one of these types, not a synonym for the whole group. "Malware" is the umbrella word that covers all of them, and each member earns its name from the way it acts. The rest of this chapter walks through the family one branch at a time.

Why "It Is Just a Program" Matters

Seeing malware as ordinary software, rather than a mysterious force, changes how you reason about it. If it is a program, then it had to get onto the device and start running — and those are exactly the points where defenses can step in.

This plain framing turns a vague dread into something concrete. Malware is hostile, but it is not unstoppable; it follows the same rules every other program follows, and that is precisely why the defenses we will meet later are able to work against it.

Common Confusions
  • "Malware is a glitch or a bug." A glitch is an accidental fault. Malware is software written on purpose, with a hostile goal in mind — the harm is the point, not a mistake.
  • "Only shady downloads carry malware." Downloads are just one route. Malware also arrives through email attachments, ads, tampered-with websites, and USB devices — not only the files that look obviously bad.
  • "A virus and malware are the same word." A virus is one type of malware. Malware is the umbrella term covering viruses, worms, trojans, spyware, and more.
Why It Matters
  • A clear definition replaces a vague fear with something you can reason about: malware is hostile software, and software follows rules.
  • Framing malware as ordinary, stoppable software sets up the whole rest of the chapter — both the family of types and the defenses that catch them.
  • Knowing malware must arrive and then run tells you exactly where defenses get their chance to step in.

Knowledge Check

What does the word "malware" actually mean?

  • Software written with a hostile purpose
  • An accidental fault that crept into a program
  • Another name for a computer virus specifically
  • A physical breakage inside the machine

Before malware can do its job, which two things does it always have to manage?

  • Get onto the device, and then get itself to run
  • Be purchased first, then signed into an account
  • Encrypt the disk, and then connect to the internet
  • Show a warning, and then ask for permission

Why is it useful to think of malware as "just a program"?

  • Because it follows ordinary rules, so defenses can stop it
  • Because it means malware can't actually cause any real harm
  • Because it shows malware is mostly a myth that rarely exists
  • Because programs that run normally are always safe to ignore

You got correct