User:Kotuby/sandbox

'''This article is in progress for an English writing class. It's in the editing + peer review process at the moment; while I welcome and appreciate edits/suggestions, please wait til after November 17th to do so.'''



Malware, short for malicious software, is a type of software that can be installed on a computer without approval from the computer's owner. There are different kinds of malware that can hurt computers, such as viruses and spyware. These programs can steal passwords, delete files, collect personal information, or even stop a computer from working at all. Computer security or anti-malware software is usually good at stopping malware from installing itself, but when security software isn't installed, malware can get into the computer. Getting rid of malware can be difficult, even when using programs designed to remove it.

History
People first started writing malware in the 1970s and early 1980s. Computers were very simple then, so there wasn't any interesting information for malware to take. Instead, people wrote malware for fun or just to show that they could. Even the most common piece of malware from this time didn't do damage to people's computers. In fact, malware was so rare that the word "malware" wasn't even coined until 1990 or used a lot until a few years after that.

More people started using the computers in the late 1990s and early 2000s, and computers were getting more complex just as fast. People saw that they could use malware to get useful information now, like passwords and credit card information, so more programmers started writing malware. The number of malware programs on the Internet has grown very quickly ever since then the late 1990s and is still growing today. Experts even think that 31.5% of the world's computers have some type of malware installed.

Purposes
The main reason people write malware is to hurt others and make money, usually by stealing or deleting important information. The Cryptolocker computer virus, for example, makes it so a person can't use their own computer until they pay the malware writers for a software key to unlock it. Another virus, CIH, tries to make it so the victim can never use their files or even turn on their computer again. Malicious keystroke logging software remembers everything a user types in and gives it to the malware author to read.

Even world governments have written malware to hurt their enemies. Experts think that the United States government made a virus named Stuxnet to stop an important place in Iran from working. The Chinese government probably used a virus to stop people from protesting its decisions.

How malware gets installed
There are a lot of ways malware can get onto someone's computer. One common way is through email attachments, which are usually sent from other computers that already have malware on them. When you download and open the attachment, the virus installs and uses your computer to send itself to even more people.

Another way malware installs itself is when a victim gets malware just by going to a website with the malware hidden on it, called drive-by downloading. You don't even have to click anything for your computer to get infected from a drive-by download. This kind of malware attack is usually found on websites that aren't used a lot or whose security methods are very old. However, even current websites that people use all the time without a problem can host drive-by downloads when someone hacks the site.

People who write malware also get their programs onto computers by attaching them to real programs that people want. This is most common with pirated programs, since the downloader was doing something illegal and can't complain to the authorities without getting in trouble themselves. However, some non-piracy websites also put malware (or other unwanted programs that are almost as bad as malware) in a download with real, legal software in a process known as bundling. Computer security experts complain about websites that bundle real software with malware, but this doesn't always stop the websites from doing it.

Kinds of malware
There are many different kinds of malware, and each acts a different way.


 * Viruses are a kind of malware that need a user-run program to work. They can't copy themselves or move from one computer to another without a program to host it. Viruses are very common in pirated programs and can harm computers in many different ways, like deleting files and stealing passwords.


 * Worms are a lot like viruses and can cause the same kinds of damage. However, they're able to move through the internet and copy themselves onto computers without help from a host program, which makes them even more dangerous than a virus. Worms are usually found in emails and drive-by downloads.


 * Trojan horses are like a much more dangerous version of a virus. They need a user to agree to run a program to work and cannot copy themselves from one computer to another. However, trojan horses can make the same problems a normal virus can make, and can allow the malware writer to control the victim's computer, install more malware, steal bank data, and more. For example, ransomware is a type of trojan horse that stops a victim from using their files until they pay the person who wrote the malware. Experts think that trojan horses are the most common type of malware in existence.


 * Adware is a type of malware that earns the program authors money with advertising. These programs show users ads and force them to use websites that make money for the malware writers. Adware will even find personal information about the victim (such as their age, race, and job) so they can sell it to other people. A user can usually uninstall adware easier than most malware, but this is still difficult to do without a specially-designed program.


 * Spyware is a more dangerous kind of adware that steals more information from a user. Spyware can steal someone's Internet traffic, account passwords, and anything they've typed into their computers. Spyware is also much harder to uninstall than adware is.

Why computers get malware
There are a few reasons why computers get programs a user didn't mean to install. One common reason is because of regular programs that have software bugs. Malware can use bugs, such as a buffer overflow, to make a program do something it wasn't designed to do. Malware can also get onto a computer if it tricks a user into putting it there themselves. This can happen when you plug in a USB flash drive that has a virus on it already. Malware also commonly uses social engineering to get users to run it, like pretending to be an important email attachment for work. Some malware even pretends to be an anti-malware program to get people to run it.

How malware is stopped
Since malware is such a big problem, many companies make programs to try to stop it. These anti-malware programs have a lot of different ways to find malware. One is static analysis, which looks at the source code of a program before it's run. Then, if the program is similar to malware the static analysis program has seen before, the anti-malware program will stop the code from running. Another way of finding malware is dynamic analysis. Dynamic analysis runs only part of a program it's checking. If this part of the program tries to do anything that could be bad or harmful, the anti-malware program will stop it and not let the entire program run.

Malware can also be stopped without a program. This can be done by not letting a computer connect to the Internet or other computers, called creating an air gap. However, these computers can still get malware if someone puts it there another way, like plugging in a USB drive that was already plugged into a computer with a virus.