See all Security articles
See all Privacy articles
See all Performance articles
Select language
Select language

What is Malware?

Ever since the birth of computing, people have fought the threat of malware. But what exactly is malware? In this article we define malware, introduce its many different types, and explain how it works. We also describe the warning signs of an infected device and explain how to prevent it with Avast One, our world-class, anti-malware protection.

Editors' choice
Editor's choice
Top Rated

Malware is an umbrella term for any type of “malicious software” that’s designed to infiltrate your device without your knowledge. There are many types of malware, and each works differently in pursuit of its goals. However, all malware variants share two defining traits: they’re sneaky, and they’re actively working against your best interests.

Hamburguer menu icon

This article contains:

    Adware, spyware, viruses, botnets, Trojans, worms, rootkits and ransomware all fall under the definition of malware. And it’s important to note that malware isn’t just a threat to your PC – Macs and mobile devices can also be targeted.

    So malware is just a computer virus?

    Is malware a virus? Yes and no. While all computer viruses are malware, not all malware are viruses. Viruses are just one type of malware. You’ll hear a lot of people using the two terms interchangeably, but from a technical point of view, viruses and malware are not the same thing.

    Think about it this way: Malware is malicious code. Computer viruses are malicious code that spreads across computers and networks

    How does malware work?

    No matter the type, all malware follows the same basic pattern: The user unwittingly downloads or installs the malware, which infects the device.

    Most malware infections occur when you inadvertently perform an action that causes the malware to be downloaded. This action might be clicking a link in an email, or visiting a malicious website. In other cases, hackers spread malware through peer-to-peer file sharing services and free software download bundles. Embedding a bit of malware in a popular torrent or download is an effective way to spread it across a wide user base. Mobile devices can also be infected via text messages.

    Another technique is to load malware into the firmware of a USB stick or flash drive. Because the malware is loaded onto the device’s internal hardware (rather than its file storage), your device is unlikely to detect the malware. This is why you should never insert an unfamiliar USB drive into your computer.

    Once the malware has been installed, it infects your device and begins working towards the hackers’ goals. What separates the various types of malware from each other is how they go about doing this. So how does malware work? What is a malware attack? Let’s find out.

    Common types of malware

    The vast majority of malware falls into the following basic categories, depending on how it functions:


    Ransomware is the malware version of a kidnapper’s ransom note. It typically works by locking or denying access to your device and your files until you pay a ransom to the hacker. Any individuals or groups storing critical information on their devices are at risk from the threat of ransomware.


    Spyware collects information about a device or network, then relays this data back to the attacker. Hackers typically use spyware such as Pegasus to monitor a person’s internet activity and harvest personal data, including login credentials, credit card numbers or financial information, for the purposes of fraud or identity theft.


    Worms are designed with one goal in mind: proliferation. A worm infects a computer, then replicates itself, spreading to additional devices while remaining active on all infected machines. Some worms act as delivery agents to install additional malware. Other types are designed only to spread, without intentionally causing harm to their host machines – but these still clog up networks with bandwidth demands.


    Adware’s job is to create revenue for the developer by subjecting the victim to unwanted advertisements. Common types of adware include free games or browser toolbars. They collect personal data about the victim, then use it to personalize the ads they display. Though most adware is legally installed, it’s certainly no less annoying than other types of malware.


    Ancient Greek poets told of Athenian warriors hiding inside a giant wooden horse, then emerging after Trojans pulled it within the walls of their city. A Trojan Horse is therefore a vehicle for hidden attackers. Trojan malware infiltrates a victim’s device by presenting itself as legitimate software. Once installed, the Trojan activates, sometimes going so far as to download additional malware.


    A botnet isn’t a type of malware, but a network of computers or computer code that can carry out or execute malware. Attackers infect a group of computers with malicious software known as “bots,” which are capable of receiving commands from their controller.

    These computers then form a network, providing the controller access to a substantial degree of collective processing power, which can be used to coordinate distributed denial of service (DDoS) attacks, send spam, steal data, and create fake ads on your browser.


    What does malware do?

    Ransomware is the most confrontational and direct form of malware. While other types operate undetected, ransomware makes its presence known immediately, demanding payment in exchange for returning access to your device or files.

    In most cases, malware is much harder to observe, toiling quietly behind the scenes. Some types are malicious for the sake of spite, wiping important data from the infected machines. With no fraud or theft committed, the hacker’s sole reward is the frustration and setbacks experienced by their victims.

    Other instances of malware result in more serious consequences. Machines infected with these types of malware capture the user’s personal or financial information, then forward it to the hacker, who uses it for purposes of financial fraud or identity theft. At this stage, simply removing malware is insufficient to remedy these offenses.

    Because malware relies on the processing power of the infected device, victims often experience significant performance issues. A sudden slowdown can be a symptom of malware infection.

    Which devices can be affected?

    No device is immune to malware. Android devices and Macs can get malware, just like PCs. And while iOS malware is rare, iPhones and iPads are susceptible to security threats.

    A recent instance of Mac malware is even sophisticated enough to actively evade security countermeasures. Known as CrescentCore, it checks the victim’s device for several commonly used antivirus programs. If CrescentCore finds these, it immediately stops running in order to avoid detection.

    Both Android and iOS mobile devices can be infected with malware. Many types of mobile-specific malware are spread via SMS, in addition to standard email vectors. If you’re wondering how you get malware on your phone, these are two of the most common techniques.

    Make sure all your devices are protected.

    How will I know if my device has been infected?

    Here are a few universal symptoms that may indicate the presence of malware on your device:

    • Your device begins running slower than usual. If you’ve noticed a sudden slowdown with no apparent cause, it could be due to a malware infection. As the malware takes over your device’s processing resources, there’s less power available for everything else.

    • You notice a shortage of available storage space. Many types of malware will download and install additional files and content onto your device. A sudden decrease in the amount of free storage could be a sign that you’ve picked up some malware.

    • Pop-ups and unwanted programs appear on your device. This is one of the strongest signs that you’re experiencing a malware infection. If you’re getting slammed with pop-up ads or finding strange new programs on your device, it’s likely that malware is the culprit.

    If your device is showing any of those symptoms, get strong antivirus software immediately to scan your device and get rid of any malicious software.

    Slow performance and reduced storage space don’t always point to malware. Over time, your device may naturally get clogged with unneeded files. It’s always a good idea to clean things up from time to time, and if performance returns to normal, you likely don’t have a malware infection.

    Avast Cleanup can automatically remove unnecessary clutter from your device so that it’s primed to perform at optimal levels. We also have tips on how to speed up your PC.

    Is it possible to get rid of malware?

    In most cases, it’s possible to remove malware from your computer and restore your device to normal. Follow the steps in our expert guides for removing malware from your Mac or getting rid of malicious software from your Android device.

    Some malware, however, can be very difficult to remove once it’s gotten its hooks into a system. A malware removal tool is the easiest and most reliable way to ensure that malware is gone for good. They’re specially designed to automatically detect malware and excise it from your device.

    Keep your devices safe from malware

    Our free cybersecurity suite is praised by top independent reviewers like PC Mag for its extensive anti-malware protection and wide range of additional features that keep your devices both safe and private.

    The strongest defense against malware is a robust antivirus app from a provider you can trust. Avast One goes beyond antivirus with an all-in-one solution for online security and privacy. Protect against all types of malware, defend against phishing attacks and dangerous websites, secure your data with a VPN, and more — all 100% free.

    Protect your Android against malware and data leaks with Avast One


    Protect your iPhone against malware and data leaks with Avast One

    Ivan Belcic