Virus or Worm ?

line Tags: ,

This is a quick note to myself really, as a security professional I get asked these questions a lot, and sadly each time I forget a nice simple answer, well this is what I think:

What’s the difference between a Virus and a Worm ?
A Virus is an application of malicious code.
A Worm is malicious code that can reproduce it’s self.
Following Feedback: Better Suggestions

  • A Virus infects another application for propagation.
  • Worms are self propagating code.

What’s the difference between spy-ware and malware ?
Spy-ware is hidden software specifically designed to monitor something without the user knowing ?
Malware is software posing as one thing, but with a hidden activity; so malware could cover both spy-ware and Trojans.

nick

 

This entry was posted on Thursday, 6th April, 2006 at 9:27 pm and is filed under Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

4 Comments

  1. kurt wismer Says:
    7th April, 2006 - 10:59 pm

    wow, are you ever off the mark…

    viruses are self-replicating programs that attach themselves to host programs in such a way that when an attempt is made to run the host program the virus is executed as well or instead of the host…

    a worm is a self-replicating program that is able to make copies of itself that are not attached to other host programs..

    you’re mostly right about spyware, essentially it’s software that spies on you, but your definition of malware is actually the definition of trojan horse programs… malware is an umbrella term that covers basically all bad software including trojans, rootkits, viruses, worms, etc…

  2. [NICK] Says:
    8th April, 2006 - 12:42 pm

    Off the mark ? I was trying to stick to a “simple one liner”. ;-)

    Viruses may be self-replicating, but your comment isn’t clear enough for what I was trying to say, perhaps:

    Virus’s require some kind of user intervention where as worms are self-replicating self-propagating.

  3. kurt wismer Says:
    8th April, 2006 - 3:27 pm

    simple one-liners

    viruses are self-replicating programs that infect other programs
    worms are self-replicating programs that don’t necessarily infect other programs
    malware is bad software
    trojans are programs that do bad things without telling you
    spyware is software that spies on you…

    worms are no more inherently self-propagating than viruses are… email worms, p2p worms, both typically require the user to run them - sometimes they require the user to extract them from password protected archives and then run them (and yes those still succeed in the wild, users can be pretty dumb sometimes)…

  4. [NICK] Says:
    8th April, 2006 - 4:25 pm

    thanks.

    I can see now why you didn’t like my first statements, I was trying to emphasise on viruses requiring “help” to propagate, where as worms don’t.

    (Reproduction was entirely the wrong word to use.)

    Thoughts on:
    A Virus infects another application for propagation.
    Worms are self propagating code.

    (caveats are not good for non-IT people to remember.)

Got something to say?

 

Some other things that might interest you...

---
« links for 2006-04-04
links for 2006-04-07 »