What Is Malware and What Does It Do?

Most people have heard of viruses and malware, but may not know what malware programs can do. Here’s what you should know about the different kinds of malware and how it works.
We receive compensation from the products and services mentioned in this story, but the opinions are the author's own. Compensation may impact where offers appear. We have not included all available products or offers. Learn more about how we make money and our editorial policies.

You may already use some precautions when you’re online and think you’re diligent about online security. Even so, hackers are hard at work creating new malware every day. In 2022, more than 34 million new malware programs have been discovered so far.

Malware is intrusive software that’s designed to disrupt computer programs. Some malware is designed to steal personal data, like banking information. Once it gets installed, it steals your credentials. Sometimes malware even poses as an antivirus program — cybercriminals attempt to change up malware tactics to trick users and exploit any security vulnerabilities.

Since computer hackers don’t give up easily, you should stay alert to prevent malware infections. Continue reading to learn more about why malware is dangerous and how to stop an infection from spreading to your device.

In this article
What is malware?
10 different types of malware
How do malware infections happen?
How do I get rid of malware?
Malware FAQs
Bottom line

What is malware?

Malware stands for “malicious software” and is software designed with the intent to harm or destroy computer systems and programs. The software gets developed by cybercriminals who are known as hackers.

Hackers use malware attacks to steal data. Malware can sneak into your computer and look for sensitive information, like banking accounts and credit card numbers. Cybercriminals can use this information to steal your identity and make purchases in your name or steal the money from your account.

Malware can also spread through computer networks where numerous devices are connected. When it does, it wreaks havoc by halting programs, stealing mass amounts of data, and sometimes holding systems hostage until a ransom gets paid.

Malware can be a nuisance in some situations, but in many cases it can be catastrophic and cost tons of money and productivity. The best malware protection and antivirus programs work to prevent that from happening, but you should stay informed so you’ll recognize malware if it attempts to sneak into your computer. 

10 different types of malware

You may already know there are computer viruses all over the internet, ready to deploy infections. The complex and sometimes confusing part is knowing there are several types of malware to look for and prevent.

The following list shows you the various malware types that are most popular and describes how they work to exploit your data.

1. Adware

Adware collects data regarding your browser usage and attempts to provide advertisements to you based on that usage. It may not always be dangerous, but it can be frustrating in any situation. 

You may get a ton of annoying pop-up ads while online, and your web browser may slow down to a point of being almost unusable. You could even get new extensions and toolbars added to your browser.

This malware can redirect your web browser to sites that may contain viruses. Also, when there are significant amounts of adware on your device, it can slow down and cause system performance issues. Most antivirus software protects against adware by constantly scanning for these programs.

2. Computer virus

A computer virus is a type of malware that can cause severe operational issues. These viruses get designed to spread through systems, files, and programs. They usually work by attaching to an executable host file that runs when the file is opened.

The code that contains the virus could spread from a document or software through means of file-sharing programs, external media devices, email attachments, and computer networks. When you have the best anti-malware software, it works with your specific operating system, like Windows, iOS, or Android, to help prevent computer viruses.

3. Cryptojacking

Cybercriminals can use your computer without your knowledge to generate cryptocurrency like Bitcoin.

The way cryptojacking works is you might install a malicious program that allows the hackers access to your device. The programs are called coin miners and they’re used for creating cryptocurrencies. Coin miners may cause your device to run slowly because the program uses high levels of computer power.

4. Exploits

Exploits are codes that look for security or software vulnerabilities, like a way to get past your firewall. The malware gives a hacker backdoor access to your device or a network. Once they gain access, the hacker gets elevated privileges to target your data.

Some of these are known as zero-day exploits. That means the exploit finds a vulnerability that’s identified but not patched. The open vulnerability allows the intruder to access your device. Once in, they can drop in more malware. Updating antivirus software is important to fix any security vulnerabilities.

5. Keylogger

A keylogger is spyware that records everything you type on your keyboard and then sends the information to the hacker controlling the malware. A keylogger tracks every keystroke made, including sensitive data like passwords, emails, browser searches, and banking information.

A keylogger’s most prevalent symptom is a slow browser or lagging keystrokes and mouse movements. This software can often get installed by clicking on adware, which is another reason to keep your antivirus updated.

6. Ransomware

Ransomware attacks are particularly annoying and dangerous because they gain access to your sensitive information and encrypt it so you can no longer access it. Then the hacker holds that information hostage until you agree to pay a ransom demand for it.

Many times, ransomware is part of a phishing attack or scam. You may click on a disguised link thinking it’s from someone you know. Once the link gets clicked, the ransomware gets downloaded and your data is stolen until the hacker receives payment to unlock it.

Beware of scareware

Scareware tries to trick you into downloading malware by using scare tactics. These could include a pop-up ad that says your computer has a virus and you need to click a link to download antivirus software. 

One of the best ways to avoid falling for a scareware scam is to not click on any suspicious links and instead go straight to the website of well-known and reputable software companies to download an antivirus program.

7. Rootkit

A rootkit program gives administrator-level access to your device. This malware conceals its existence and actions from you so that it can remotely execute files and even change system configurations on your machine.

Once the rootkit infects the device, it can spy on your usage by accessing the computer log files. It gives continued privileged access to your files while you have no knowledge the malware is present.

8. Spyware

Spyware is malicious software that runs on your device in secret. It reports your sensitive information back to the hacker who controls it. Spyware may not disrupt your applications immediately because it wants to remain in hiding. Eventually, it can grant remote access to the cybercriminal and target your private data.

This form of malware can affect the speed and performance of your device. It can also be the culprit of identity theft, causing financial and legal issues in the form of a data breach before the malware gets sorted out.

9. Trojan horse

A Trojan horse gets downloaded onto your computer when it’s disguised as legitimate software. The malicious code gets hidden in an attachment or email that gets transferred onto your device.

Once the Trojan horse gets installed, the code gives the attacker access to your files, online activity, and other data. This malware gets its name from Greek mythology. As the story goes, enemies of Troy got inside the gates by using a horse they pretended was a gift.

10. Worms

A worm is malicious software that spreads rapidly to any device on a network and doesn’t need a host program like viruses do. A worm gets downloaded or spreads by a network connection and then multiplies at an enormous rate.

Worms can cause data loss and severe operation disruptions. Since they self-replicate so fast, they can take up large amounts of hard drive space space and system memory. Worms can install other malicious programs, too, and give hackers access to your data.

How do malware infections happen?

Malware infections happen to the best of us. It doesn’t always mean you haven’t been careful, but hackers are stealthy and can make malware look like legitimate software. With so much malware around, it can seem inevitable that you’ll be a target at some point.

The most common ways to get malware are through internet use and email. ou could browse a legitimate site that’s been hacked and now shows malicious ads (sometimes called malvertising).  Sometimes you can download infected files by opening a malicious email attachment.

There are some signs to look for to avoid malware. Be cautious when these present themselves, as they can be infections waiting to access your device.

  • Email that looks similar to a legitimate source but is not exactly correct. It may even be misspelled. One of the best examples is accidentally typing Goggle.com instead of Google.com. The misspelled site then tries to install malware posing as security software.
  • Malicious URLs that are hidden in linked text — hover over them to see the actual URL.
  • Websites that ask you to sign in to access features or to post a comment. Make sure the login request isn’t a phishing attempt to get your username and password.
  • Virus alerts claiming to be from large companies. Microsoft and other companies likely won’t contact you over the phone or by email to remove a virus. And if they do, hang up and call the number on the official site to make sure it’s a legit alert.
  • Social engineering scams — hackers could pretend to be from your company’s IT department in an attempt to trick you into handing over sensitive data. 
  • Transfer of malware from an infected computer — if your friend’s laptop has malware on it and they save some infected files to a USB drive, that malware could be transferred to your computer if you plug in the USB drive.

Do Windows devices get more malware than Macs?

It's true, Windows computers tend to be a bigger target for malware than Macs or other Apple devices. But that doesn't mean your Macbook or iPhone can't get malware, so stay alert. And if you do happen to end up with an infected device, here's how to get rid of malware on your iPhone.

How do you know if you have malware?

You may know you have malware by recognizing some common symptoms that could mean infection. There are some typical indicators that you have malware. For a more in-depth guide, you can read our article on how to detect malware on your computer.

Some of the usual suspects are:

  • Your device is suddenly slow.
  • You have tons of pop-up ads appearing while using the internet.
  • Your device crashes or freezes frequently.
  • Sudden loss of disk space making it impossible to save new files.
  • You get locked out of your files or the entire device.

How do I get rid of malware?

Now that you know the signs of malware, what do you do if you think you have malicious software on your computer? Fortunately, there are apps to help you remove malware from your device.

The most important asset you can use is good antivirus software. Antivirus and anti-malware programs help block malicious sites looking to access your machine. You also want to keep your software, operating system, and browser updated. Often the latest versions contain patches that include fixes for new viruses.

You should delete any malware your antivirus software finds.

Malware FAQs


Can malware steal passwords?

Yes, malware can steal passwords. One of the uses of Trojan horses and phishing emails is to steal your usernames and passwords. Keylogger malware also tracks keystrokes, so if you type in a password, it can access it.


Can malware read my emails?

Yes, malware like spyware, rootkits, and worms can allow a cybercriminal to take over your email account. The hacker may use your email account to send spam, steal your personal data, or try to impersonate you.


What are the 10 most common types of malware?

The 10 most common types of malware are:

  1. Adware
  2. Computer virus
  3. Cryptojacking
  4. Exploits
  5. Keylogger
  6. Ransomware
  7. Rootkit
  8. Spyware
  9. Trojan horse
  10. Worms

Bottom line

Malware is any malicious software that attempts to invade your device. Malware is the umbrella term that describes any harmful code or program that disrupts a device’s system or operations.

The motives behind the malware can vary, but none of them are good. It could get used to sabotage your work and cost you time and productivity. In other cases, it’s designed to steal, delete, or encrypt your data and hold it for ransom for financial gain. Sometimes malware is a tool to spy on your computer activity without your permission.

The good news is, with the help of a good antivirus or anti-malware tool, you’ll have much better protection from malware threats. It may also help you get rid of malware in cases of infection.

Online Protection With VPN Access and Identity Monitoring
Editorial Rating
Learn More
On McAfee's website
Save $90 on a 2-year plan
  • Inclusive antivirus, scam, and web protection with the added privacy of a VPN, identity monitoring, and secure password manager
  • Get a real-time Protection Score that measures your online safety and offers guidance to improve security
  • Added peace of mind with 24/7 expert online support and McAfee’s Virus Protection Pledge
  • Multiple pop-ups for text notifications can be annoying

Author Details
Patti Croft is a seasoned writer who specializes in all things technology. She holds a B.S. in Computer Science and carries a wealth of hands-on experience thanks to her background as a technical analyst and security specialist.