What Is A Computer Worm?

Date First Published: 5th May 2023

Topic: Cybersecurity

Subtopic: Threats To Systems, Data & Information

Article Type: Computer Terms & Definitions

Difficulty Level: 6/10

Learn more about what a computer worm is in this article.

A computer worm is a type of malware that automatically spreads itself over a network and infects other computers without any interaction from the creators. Worms often rely on security holes to spread themselves to other computers over a network. Like other types of malware, worms can be stopped with antivirus software. To avoid catching worms, do not open any unknown files or email attachments, click on any suspicious links, or plug in any unknown flash drives.

How Do Worms Spread?

Computer worms can spread in the following ways:

• Email - Emails can contain worms in their attachments and trick users into installing worms. They may contain a malicious executable file that infects the computer when the recipient opens it or encourage users to click links designed to infect users with worms. Once the worm is installed on the computer, it will create and send messages to all addresses in the recipient's contact list to spread it. This allows the worm to spread to a large number of contacts without the creator's interaction.
• File sharing - These often spread through peer-to-peer file sharing networks and copy themselves into shared folders. In order to get into the peer-to-peer directory, all the worm has to do is automatically copy itself to the file sharing directory. When a file search is conducted, it notifies users of the file and makes it possible to download the file from the infected computer, spreading it to other users. The files don't have to be executable files to spread worms as cybercriminals find vulnerabilities in other file formats, which allows them to insert malicious code in documents, images, and videos.
• Webpages - Worms can spread in webpages that exploit vulnerabilities in web browsers and operating systems. Computer worms may also target popular websites with vulnerabilities, causing computers accessing the site to be infected without any user interaction.
• Instant messaging - These self-replicate malicious code using instant messaging networks and require users to click links or open files to get infected. The only difference is that instant messaging worms spread through instant messages or chat services instead of arriving in an email attachment. Once infected, the worm can send copies to the victim's contact list.
• Removable media - Computer worms don't only spread over a network. They can also spread through infected removable media, like USB sticks, external hard drives, floppy disks, SD cards, CDs, and DVDs. When it is connected to a computer, it will infect the computer and try to spread itself to other storage devices connected to the computer.
• Malvertising - Websites can contain infected banner ads or popup ads, Clicking on them can install a worm. Some of them rely on vulnerabilities in web browsers and operating systems to perform a drive-by-download without any user interaction.

What Can Worms Do?

Most of what a computer worm can do is very similar to what a virus can do. Once a worm is installed on a computer, it will try to spread copies of itself from one computer to another, making them harder to stop. Some types of worms are only designed to spread themselves to other computers and slow down networks. However, most of them are used as a way of spreading malicious payload, which can be used to perform all sorts of malicious actions, including:

• Deleting, corrupting, or encrypting files to make them inaccessible.
• Flooding networks with so much traffic that they cannot operate.
• Heavily consuming computing resources, like the CPU and RAM to slow it down.
• Logging keystrokes to steal sensitive information.
• Scanning an operating system or web browser for sensitive information, such as saved passwords, banking credentials, and more.
• Establishing a backdoor.
• Sending junk mail to email contacts.
• Disabling programs used by the operating system, like Task Manager to make the worm harder to remove.

Difference Between A Worm and A Virus

Worms and viruses are slightly different. Although they are both self-replicating types of malware, viruses require the presence of a host program to spread, meaning that they cannot infect a computer unless the program is run or some other required action is taken. Viruses insert their code into other programs to copy themselves and spread to other devices and can only spread with the help of user interaction.

Worms can spread by themselves and infect other computers as soon as they have reached the system. They do not require any user interaction to run or spread their code. Worms can run and self-replicate without any manual activation. Compared to viruses, the spreading speed of worms is much faster. Worms can exploit vulnerabilities in networks to spread without a host. They are independent programs, whilst viruses rely on other programs to spread. Therefore, it is incorrect to say 'worm virus' or 'computer worm virus'.

Comments