What's the Difference: Computer Virus vs Malware, vs Spyware, etc?

00:00

computer viruses malware spyware trojans

00:03

worms are all these terms referring to

00:06

the same thing and the answer is

00:07

technically no they are different and

00:09

we're going to go over what these

00:10

differences are whether it's how they

00:12

spread or what these things do to your

00:14

computer so maybe it's just out of

00:16

curiosity or it can help you protect

00:18

your computer going forward the first

00:21

term we can go over is pretty simple

00:22

which is malware and this refers to any

00:25

and all kinds of malicious software it's

00:27

an all-encompassing term for any type of

00:29

software that does harm to a computer

00:32

and all the terms we're going to be

00:34

talking about in this video could be

00:36

considered malware it's like an umbrella

00:38

term but there are lots of subgroups so

00:40

we're going to go over the different

00:41

categories and types of malware there

00:43

aren't really too many but when it comes

00:45

down to it all malware usually has the

00:48

same goal which is to make money

00:50

illegally for the creator of the malware

00:52

the first term we can talk about is a

00:54

computer virus which is usually the term

00:56

that most people use all the time but

00:58

it's not actually the most common type

01:00

of malware we'll get to that in a bit

01:02

but regardless a computer virus is

01:04

basically the name for malicious

01:06

software that when executed replicates

01:09

itself by modifying files for other

01:12

programs and possibly including the

01:14

operating system itself so that way

01:16

because these files are modified to now

01:18

include the virus whenever that program

01:20

or the operating system is started then

01:22

it will also run the virus code and this

01:25

could be for any number of reasons

01:27

stealing personal information taking

01:30

control of the computer and using its

01:31

computer power or storage for something

01:33

that the author of the virus wanted lots

01:35

of typical virus stuff you can imagine

01:38

but really the main differentiator for a

01:39

virus is that it remains dormant until

01:42

it's actually run by the user and then

01:44

when it is it replicates itself in some

01:47

way and this file may come in the form

01:49

of an exe file which is executed

01:51

directly or perhaps it's embedded in a

01:54

macro in a microsoft word document or

01:57

something like that so when you run the

01:59

program microsoft word it exploits that

02:01

and executes and then embeds itself in

02:03

the rest of the computer that way so

02:05

again downloading the file is not enough

02:07

to infect your computer but once you do

02:09

run it presumably thinking it's

02:10

something else then it does its virus

02:13

thing and it may spread itself by

02:16

sending out an email to all your

02:17

contacts the same way it was infecting

02:20

you that way perhaps or maybe it puts

02:23

itself in the upload folder for

02:25

bittorrent so then it also uploads

02:27

itself to

02:28

the file sharing service so other people

02:31

will download it something like that so

02:32

really the term virus has two qualities

02:35

it describes how it's spread which is

02:37

itself replicates and it's also run

02:40

manually by a user now the next term

02:42

might seem a bit similar and that is a

02:44

computer worm so this also self

02:46

replicates but it also has a very

02:49

important difference in that unlike a

02:51

virus which needs to be manually run by

02:53

user a computer worm can spread itself

02:56

automatically without user intervention

02:59

so this means it doesn't need a host

03:01

program to run like ms word or the exe

03:04

file that you need to run it can do this

03:06

automatically it basically scans for

03:09

other computers on the network that it

03:10

can infect and then it does so

03:12

automatically if it's able to of course

03:15

a worm will probably also have the

03:16

ability to be run manually by user and

03:19

infect computers that way that might be

03:21

how it initially gets started within a

03:23

network and then spreads automatically

03:25

from there from that first person doing

03:27

it and worms actually spread using

03:28

vulnerabilities and exploits of

03:30

operating systems themselves to infect

03:32

all the computers in a network so once

03:34

one computer is infected it scans like i

03:36

said all the other computers on network

03:38

sees if any other computers have that

03:40

same vulnerability and then infects them

03:42

automatically without any user

03:45

transferring files or anything like that

03:46

it all happens automatically in the

03:48

background from the virus itself and if

03:49

you're wondering wait a minute how can

03:51

the

03:52

worm spread to other computers if the

03:54

user isn't actually even running it well

03:57

it shouldn't be able to and that's why

03:59

it is an exploit of a vulnerability the

04:01

operating system is not designed to work

04:03

like that but for whatever reason the

04:06

worm is able to trick the operating

04:08

system in not only downloading that file

04:10

and downloading the worm but also

04:12

running it with zero user intervention

04:15

because of that exploit now again the

04:17

term worm only describes the software

04:20

based on how it spreads and replicates

04:22

it doesn't actually say or define what

04:25

it does once it does infect things in

04:27

fact apparently most computer worms

04:30

don't actually contain a so-called

04:32

payload which is like side code that

04:35

will do virus stuff that you typically

04:37

think of like spying on it or damaging

04:41

the computer so it might just spread

04:43

just for the heck of spreading but that

04:45

doesn't mean that it won't harm the

04:47

network it still uses up cpu power and

04:50

bandwidth and stuff like that but if it

04:52

does happen to have a payload it could

04:54

do any number of things that you

04:55

typically associate with malware such as

04:57

encrypting files for ransomware spying

05:00

and stealing credit card information or

05:02

even installing a so-called back door

05:05

which might allow the computer to be

05:06

controlled by the creator of the worm

05:09

and then added into a botnet to do all

05:12

sorts of malicious things as a group

05:14

with other computers and worms are just

05:16

one more example of why you need to keep

05:18

your operating system up to date because

05:20

that's just one example of software that

05:22

can take advantage of exploits in your

05:24

operating system usually older versions

05:26

after they've been discovered and people

05:28

don't update and it's a hacker's dream

05:30

to be able to take advantage of these

05:32

things and really it's so easy to avoid

05:35

just keep your software up to date so

05:36

both viruses and worms spread themselves

05:39

and replicate themselves in one way or

05:41

another whether it's manually by user or

05:43

automatically through a worm but there

05:45

are plenty of other types of malware

05:47

that don't replicate themselves but are

05:48

just as destructive so the next type we

05:51

can mention are trojans or trojan horses

05:54

which is a type of malware that

05:55

misrepresents itself as a normal or

05:58

benign program but really it in the

06:00

background will be doing malicious

06:02

things so it basically tricks the user

06:04

into installing it because it thinks

06:06

it's something else it thinks it's

06:08

something legitimate and typically

06:09

trojans are the most common type of

06:12

malware out there and they may actually

06:14

look like real programs they may run

06:17

they may do their intended purpose like

06:19

if it's a calculator app or something it

06:21

might actually be able to calculate

06:23

things and look like a calculator but

06:25

it's main purpose is to get you to

06:27

download it thinking it's just a

06:28

calculator and then it does all this

06:30

other stuff behind the scenes without

06:32

you knowing another really common

06:33

example are fake antivirus programs that

06:36

tell you oh look how many computer

06:38

viruses and infections we found you

06:40

better buy our premium package to remove

06:42

all these when in reality that antivirus

06:45

program itself is the virus it's fake

06:48

and these trojans can be spread in any

06:50

number of ways that you can imagine such

06:51

as spam email attachments that come out

06:54

of the blue they might be fake

06:56

advertisements or through social media

06:59

stuff like that but again the main

07:00

differentiator between a trojan and say

07:02

a virus is that a trojan doesn't inject

07:05

itself into other files of other

07:07

programs and doesn't replicate itself

07:10

and send it to other people or anything

07:12

like that if it did it would be

07:13

considered a virus so those three

07:15

categories viruses worms and trojans

07:17

typically describe the way that the

07:20

malware spreads but they don't talk

07:22

about how much or necessarily what

07:24

damage they do once they do infect and

07:26

there are categories for that that we

07:28

can talk about next the first of these

07:29

is spyware which just like the name

07:32

suggests is software or malware that

07:34

spies on you or collects information

07:37

from the computer and then sends it

07:38

somewhere else now technically spyware

07:41

could include programs that aren't even

07:44

illegal like you do give them permission

07:47

to spy on you and collect information

07:49

but usually the vast majority of the

07:51

time when someone says spyware they're

07:53

referring to malware that did not get

07:55

your permission to collect any

07:57

information at all and it is malicious

07:59

and spyware could come in lots of

08:00

different flavors it could be a key

08:02

logger which literally collects every

08:04

single letter that you type in hoping to

08:07

collect passwords or credit card numbers

08:09

or bank accounts and stuff like that it

08:11

may also monitor what you're doing

08:13

online and what monitoring your web

08:15

traffic to be able to inject things into

08:17

it such as advertisements or maybe

08:19

replacing links with affiliate links or

08:22

advertisements to websites that it

08:24

wasn't necessarily going to direct to

08:26

and usually malware that adds

08:29

advertisements to your computer in one

08:31

way or another is typically referred to

08:33

as adware so it may be that some of the

08:35

malware that we talk about in this video

08:37

may actually fall under multiple

08:39

categories another couple big categories

08:41

are scareware and ransomware ransomware

08:44

may be considered a subcategory of

08:46

scareware we'll get to that but

08:48

scareware is typically some sort of

08:51

malware that tricks a user into paying

08:53

money or doing something by scaring them

08:56

or threatening them so one example might

08:58

be a virus or a trojan or whatever that

09:01

pops up on the screen a big thing that

09:03

says you're being arrested by the fbi

09:05

unless you pay up this money as a fine

09:07

or something like that it scares you

09:09

like oh my god i don't want to get

09:10

arrested and then some people might

09:12

actually pay or a lot like those irs

09:14

scams that you get on the phone it might

09:16

be something similar on the computer it

09:18

says if you don't send this much bitcoin

09:21

to this address then the irs is going to

09:23

arrest you and you're going to go to

09:24

jail but it doesn't necessarily have to

09:26

threaten you it could be again just to

09:27

scare you a lot of advertisements for

09:29

example that are kind of sketchy you've

09:31

probably seen them it says your computer

09:33

is infected with so many viruses click

09:35

here to clean your computer and all that

09:38

sort of thing obviously it doesn't know

09:40

if your computer is infected or not it's

09:41

just trying to scare you into doing it

09:43

and that would be scareware now

09:44

ransomware is a form of scareware that

09:47

will typically hold your computer

09:49

hostage in one way or another until you

09:51

usually pay some sort of amount of money

09:54

sometimes ransomware may just be kind of

09:56

bluffing and it only locks your computer

09:59

in a way that's pretty easy to reverse

10:01

if you know what you're doing and it

10:02

doesn't actually affect any of your

10:03

files but other times ransomware does

10:06

have teeth and it actually will encrypt

10:08

your files for example and it says if

10:11

you don't pay us this amount of money

10:12

within this amount of time we're going

10:14

to destroy the decryption key and your

10:16

files will actually be gone and the

10:18

reason they do this is because if people

10:21

know that their software out there that

10:23

this one isn't bluffing then they're a

10:25

lot more likely to pay up to get their

10:27

files back if they haven't backed up for

10:28

example all right now the final type of

10:30

malware we're going to talk about in

10:31

this video at least is root kits and

10:34

root kits usually take over the computer

10:36

by gaining elevated privileges or

10:38

administrative

10:39

privileges and the name rootkit comes

10:41

from the term root privileges which just

10:44

means something that has control over

10:46

the deepest most secure parts of the

10:49

operating system and because this type

10:51

of malware does have such deep control

10:53

over the computer it can hide itself

10:55

very well it literally has control over

10:58

everything it can even hide itself by

11:00

not even including itself in the list of

11:02

processes like in the task manager or

11:04

something like that complete control and

11:06

this obviously means it's going to be

11:08

very very hard to remove if not

11:10

impossible because it will even have

11:12

control over the programs that are meant

11:15

to remove it such as anti-virus programs

11:17

it could prevent you from installing

11:19

anti-virus programs it can stop those

11:21

anti-virus programs from running stuff

11:23

like that so a lot of times especially

11:26

if the root kit is embedded in the

11:28

kernel which is the core of the

11:29

operating system usually if you get a

11:31

root kit the best thing is to just

11:33

completely wipe the drive and reinstall

11:36

the operating system from scratch

11:37

because you don't know if you actually

11:39

removed everything and if it's actually

11:41

still hiding and waiting to reinstall

11:43

itself later and rootkits usually are

11:45

able to install themselves using

11:47

operating system vulnerabilities and

11:48

exploits like we kind of talked about

11:50

before or stealing admin credentials or

11:54

using credentials it found to then take

11:56

over now at this point you might be

11:58

worried you're like oh how do i protect

12:00

myself and there's really three things

12:01

you can do that will almost certainly

12:03

protect you 99 of the time and the first

12:06

of these is to of course keep your

12:08

operating system and software up to date

12:10

i've said this so many times do not skip

12:12

windows updates update as soon as you

12:14

get the ability to and that way if you

12:16

get like a zero day vulnerability which

12:18

is something that was just discovered

12:20

and released immediately to the public

12:22

and hackers will be jumping on that to

12:23

try and get people who don't update

12:25

right away so keep stuff up to date and

12:27

you'll be protected from any exploits

12:29

the next thing which is really important

12:30

i've said this before again is to back

12:32

up your data have backup copies of your

12:34

data

12:35

hopefully on a external hard drive that

12:38

is not connected to the computer so a

12:41

ransomware can't encrypt the backup as

12:43

well or using something like cloud

12:45

backup that is off site this way if you

12:48

do get malware that harms your files or

12:50

does something else to your computer

12:51

that requires a reinstallation of your

12:53

os it'll be way easier to recover them

12:56

especially in the case of ransomware and

12:58

finally the third major thing is to use

13:01

some sort of antivirus i mean it's

13:03

better than nothing to have the one

13:04

that's built into your computer such as

13:06

windows defender whatever it's called

13:08

now again better than nothing if you

13:10

know you're doing but ideally you use a

13:13

type of antivirus that has something

13:15

called internet security which usually

13:17

kind of scans for things coming across

13:19

the network and usually can block things

13:21

before they ever even get to your

13:22

computer and a lot of these antiviruses

13:24

also have anti-ransomware features that

13:27

will stop a program from running if it

13:29

sees that it's modifying files like

13:31

ransomware might do if you're looking

13:32

for suggestions for some options for

13:34

antiviruses one good option is

13:37

bitdefender full disclosure they did

13:39

sponsor a previous video of mine but

13:41

they're not sponsoring this one there's

13:43

no sponsor for this video another good

13:45

option is eset knob32 i've used them in

13:47

the past haven't had any problems but

13:50

really you can just go on google and

13:52

search best antivirus current year at

13:54

the end of it and look at tests and see

13:57

what one is the best for the current

13:59

year so hopefully that clears things up

14:01

if you didn't know about the differences

14:03

between names of other types of malware

14:05

now you do and you might have a better

14:07

understanding of how certain types of

14:09

malware spread so you can better defend

14:11

your computer against it you'll kind of

14:13

know what you're up against if you guys

14:14

want you can keep watching by clicking

14:16

some other videos i have on here and on

14:18

my channel and be sure to let me know

14:20

that you think down in the comment

14:22

section did you know about these or is

14:24

there something i forgot about we could

14:25

talk about that down in the comments so

14:27

again hopefully you guys enjoyed this

14:28

video if you want to subscribe i make a

14:30

few new videos every week so until next

14:32

time be seeing you