What is a Computer Worm?
Top 5 Types & Examples
When someone mentions worms, you will probably think of the wriggly creatures that children play with and adults use as bait when fishing. Like them or not, worms are completely harmless – unless you’re thinking of computer worms. They may not be as destructive as computer viruses, but computer worms can be just as dangerous.
Key takeaway: A computer worm is a piece of software that copies itself from one computer to another. Unlike a virus, it is a standalone program that doesn’t require a host. It usually doesn’t target files on an individual computer. Instead, it takes on entire networks in an attempt to create large botnets. Read on to learn more.
What is a Computer Worm?
A computer worm is a malicious piece of software that replicates itself from one computer to another with the goal of overtaking the entire network of computers. Most worms are designed to infiltrate systems by exploiting their security failures, while very few also try to change the system settings. Even if they don’t, they are still very dangerous as they take up a lot of bandwidth and other valuable resources.
If a worm is indeed malicious and not just used to breach the system security, the code designed to carry out the attack is referred to as the payload. Payloads are usually created to change or delete files on a target network, extract personal data from them, or encrypt them and seek a ransom from the victim.
Despite the fact that many people use the two terms interchangeably, computer worms are not the same as computer viruses. For one, computer viruses by definition target individual computers, whereas worms target networks of computers to create botnets. Furthermore, while viruses are usually bundled with legitimate files or programs, computer worms are standalone and don’t require a host file.
What Types of Computer Worms Exist?
Although there are no official statistics available, it is safe to say that there are well over a million computer worms in the world, each designed for a specific purpose. Many of them have been isolated and are now routinely detected and removed by most of the best antivirus software. However, new worms are being developed almost daily and can sometimes go unnoticed by the user until it’s too late.
There is no universal classification of computer worms, but they can be organized into types based on how they are distributed between computers. The five common types are as follows:
1. Internet Worms
Like they do with computer networks, computer worms also target popular websites with insufficient security. When they manage to infect the site, internet worms can replicate themselves onto any computer being used to access the website in question. From there, internet worms are distributed to other connected computers through the internet and local area network connections.
2. Email Worms
Email worms are most often distributed via compromised email attachments. They usually have double extensions (for example, .mp4.exe or .avi.exe) so that the recipient would think that they are media files and not malicious computer programs. When the victims click on the attachment, copies of the same infected file will automatically be sent to addresses from their contacts list.
An email message doesn’t have to contain a downloadable attachment to distribute a computer worm. Instead, the body of the message might contain a link that’s shortened so that the recipient can’t tell what it’s about without clicking on it. When they click on the link, they will be taken to an infected website that will automatically start downloading malicious software to their computer.
3. Instant Messaging Worms
Instant messaging worms are exactly the same as email worms, the only difference being their method of distribution. Once again, they are masked as attachments or clickable links to websites. They are often accompanied by short messages like “LOL” or “You have to see this!” to trick the victim into thinking that their friend is sending them a funny video to look at.
When the user clicks on the link or the attachment – be it in Messenger, WhatsApp, Skype, or any other popular messaging app – the exact same message will then be sent to their contacts. Unless the worm has replicated itself onto their computer, users can solve this problem by changing their password.
4. File-Sharing Worms
Although illegal, file-sharing and peer-to-peer file transfers are still used by millions of people around the world. Doing so, they are unknowingly exposing their computers to the threat of file-sharing worms. Like email and instant messaging worms, these programs are disguised as media files with dual extensions.
When the victim opens the downloaded file to view it or listen to it, they will download the worm to their computer. Even if it seems that users have downloaded an actual playable media file, an executable malicious file could be hidden in the folder and discreetly installed when the media file is first opened.
5. IRC Worms
Internet Relay Chat (IRC) is a messaging app that is mostly outdated nowadays but was all the rage at the turn of the century. Same as with today’s instant messaging platforms, computer worms were distributed via messages containing links and attachments. The latter was less effective due to an extra layer of protection that prompted users to accept incoming files before any transfer could take place.
Examples of a Computer Worm
Jerusalem, the first known computer worm, was discovered in 1987. Since then, other computer worms have made the news, either because of their devastating effects or due to the sheer scale of the attack. Some of the most notorious examples of computer worms include the following:
- The Morris Worm was launched in 1988 by Robert Morris, an American student who wanted to discover how big the internet really was. To do this, he launched a few dozen lines of code, but he didn’t know that the code was riddled with bugs that would cause a variety of problems on affected hosts. The result was thousands of overloaded computers running on UNIX and a financial damage ranging between $10 million and $100 million.
- The Storm Worm is an email worm launched in 2007. Victims would receive emails with a fake news report about an unprecedented storm wave that had already killed hundreds of people across Europe. More than 1.2 billion of these emails were sent over the course of ten years in order to create a botnet that would target popular websites. Experts believe that there are still at least a million infected computers whose owners don’t know that they are part of a botnet.
- SQL Slammer was unique in that it didn’t utilize any of the traditional distribution methods. Instead, it generated a number of random IP addresses and sent itself out to them in hopes that they weren’t protected by antivirus software. Soon after it hit in 2003, the result was more than 75,000 infected computers unknowingly involved in DDoS attacks on several major websites.
How to Remove a Computer Worm
Only the best antivirus software can help detect and remove certain types of computer worms. If you suspect your computer may have been infected, it is important to run a scan and remove compromised files from your system immediately.
Because worms exploit system and software vulnerabilities, you need to make sure that you’re always using the most recent versions of applications. Turn on automatic updates of your operating system to ensure that your computer is protected from worms and other potential threats. Don’t click on any links or open any attachments unless you are absolutely sure they were sent by your friends and not a worm.
Finally, to make sure that your computer stays safe online, you need to invest in the best antivirus software. The right choice of software will help provide real-time protection for your computer and fend off all threats, including worms, viruses, malware, spyware, and ransomware.
Are you protected?
Computer worms exploit the security holes in your system and make you an unknowing accomplice in cyber attacks. Don’t take chances with your online security.