What is a computer virus?
A computer virus is a type of malware or malicious software that embeds itself into a program, and can replicate and spread throughout the device. When a malicious programme is activated, it reaches other systems, which are then damaged.
Viruses are designed to destroy files or gain control of the device in a discreet and stealthy way. Their behaviour resembles biological viruses in that they make copies of themselves and spread throughout the device.
How do computer viruses work?
The term computer virus is a very general one, but there are different types and their mechanisms work in different ways. To understand how they work, it is useful to categorise them into two: those that infect and replicate as soon as they enter the operating system, and those that remain dormant, until the user unintentionally executes code.
Although the way viruses work may vary, they all share four life-cycle phases. First, the software remains hidden on the system waiting to be activated. Next comes the propagation phase when the malware starts to self-replicate in an attempt to avoid detection. The different types of malware are programmed to activate after a certain time at rest, and in the final phase they release their payload by damaging the device.
Types of computer viruses
There is a wide variety of computer viruses that cause different types of problems, depending on the cybercriminal’s target. In addition to the most common classification according to the type of attack – malware, ransomeware or Trojan – they can also be classified according to their characteristics. There are many, but among the most frequent are the following:
Direct-acting virus: This is the easiest virus to design, which is why it has become one of the most widely used. It is placed in EXE or COM files, and starts working when a user opens the file or searches for similar files. The positive side of this malware is that it is easy to remove by installing antivirus software.
Resident viruses: This virus resides in the computer’s memory, usually lodged in the device’s RAM. It is therefore activated when the user manipulates a particular file and is very difficult to detect and remove. As new programs are opened, the malware replicates itself. -Overwrite viruses: These viruses overwrite or delete information from files that have been infected. The only way to clean the file is to delete it completely, losing the contents of the file. Although they are easy to recognise, they cause a lot of damage to the owners of the files.
Boot sector virus: This virus affects the boot system of the computer, and in order to remove it, it is necessary to format the entire device. They are mainly transmitted via infected CDs, although nowadays it is more common to find them on USB sticks or in e-mail files.
- Web script virus: This virus is capable of changing device configurations, altering or damaging private data, impersonating identity, etc. Within this type there are two categories: non-persistent web script viruses, which perform activity in the background; and persistent script viruses, which can impersonate the user’s identity.
- Macro viruses: These viruses hide and execute in specific files, e.g. Word or Excel documents. The term framework in computer science is preceded by macro-embedding, i.e. this malicious software is composed of sequential instructions that are activated using only one execution command.
Examples of famous computer viruses
Millions of malicious software can be found on the internet, but only a few gain notoriety and manage to infect a large number of devices. Here are some examples of popular computer viruses:
- Morris worm: the first piece of malware to disrupt the internet, it became known at the end of 1988 when it altered more than 6,000 servers. Since then it has continued to evolve, and is now not only able to spread across the network, but can replicate itself and jump from one computer to another.
- ILOVEYOU: spread via e-mail with the subject ILOVEYOU. In May 2000, it affected 50 million computers in less than 5 hours, causing millions of dollars in losses in Asia, Europe and the United States.
- Stuxnet: considered one of the most dangerous viruses and difficult to mitigate with cybersecurity strategies, it is capable of attacking large physical structures. It was created in 2010, although previous research dates back to 2005. Its main objective is to damage operating systems via USB drives.