Computer worms are similar to viruses except that they use computer networks or the internet to:

Several things may come to mind when you think of the word “worm." You may think of delicious soft chewie candies that are sugary and maybe a little sour. Or you may think of the cold-blooded invertebrate animals that wiggle across the Earth’s surface. And if you’re thinking in computing terms, the malware may spring to mind.

Similar to real worms, you can say that computer worms don’t have much of a backbone because they often rely on trickery to infect their hosts. They may also seem a bit coldblooded because they can be remorselessly destructive. Let’s learn more about them.

Worm definition (computer)

A computer worm is a subset of the Trojan horse malware that can propagate or self-replicate from one computer to another without human activation after breaching a system. Typically, a worm spreads across a network through your Internet or LAN (Local Area Network) connection. Naturally, you must be wondering what is a Trojan and how does it relate to computer worms?   

To keep it brief, a Trojan uses trickery and social engineering to deceive people into running it. For example, a Trojan may pretend to be legitimate software. A worm is a type of Trojan because it normally relies on social engineering to attack systems.  

How does a computer worm spread?

• Phishing: Fraudulent emails that look authentic can carry worms in corrupt attachments. Such emails may also invite users to click malicious links or visit websites designed to infect users with worms.
• Spear-Phishing: Targeted phishing attempts can carry dangerous malware like ransomware cryptoworms.  
• Networks: Worms can self-replicate across networks via shared access.
• Security holes: Some worm variants can infiltrate a system by exploiting software vulnerabilities.
• File sharing: P2P file networks can carry malware like worms.
• Social networks: Social platforms like MySpace have been affected by certain types of worms.
• Instant messengers (IMs): All types of malware, including worms, can spread through text messages and IM platforms such as Internet Relay Chat (IRC).  
• External devices: Worms can infect USB sticks and external hard drives.

What does a computer worm do?

Once a computer worm has breached your computer’s defenses it can perform several malicious actions:

• Drop other malware like spyware or ransomware
• Consume bandwidth
• Delete files
• Overload networks
• Steal data
• Open a backdoor
• Deplete hard drive space

Some people think that a computer worm and computer virus are the same things because the two behave similarly. They may even use the terms like "worm computer virus" or "worm virus malware." The truth is that the two are comparable but different threats.

The defining difference between a virus and a worm is that viruses rely on human action for activation and need a host system to replicate. In other words, a virus won’t harm your system unless you run it. For example, a virus on a flash drive connected to your computer won’t damage your system unless you activate it. And as mentioned above, a worm doesn’t need a host system or user action to spread.

Computer worm examples

Over the years, there have been some particularly devastating worms. Some worms have caused billions in damage. Here is a brief list of some infamous ones:

• Morris Worm: Also known as the Internet worm, this was one of the first computer worms to spread via the Internet and earn notoriety in the media.
• Bagle: Also known as Beagle, Mitglieder, and Lodeight, this mass-mailing worm had many variants.
• Blaster: Also known as MSBlast, Lovesan, and Lovsan, this worm attacked computers running Windows XP and Windows 2000.
• Conficker: Also known as Downup, Downadup, and Kido, this worm exploited flaws in Windows to infect millions of computers in over a hundred countries.
• ILOVEYOU: The ILOVEYOU worm infected tens of millions of computers globally, resulting in billions of dollars in damage.
• Mydoom: This became the fastest-spreading email worm in 2004, sending junk email across computers.
• Ryuk: Although Ryuk wasn't always a worm, it's now worm-like ransomware.
• SQL Slammer: The SQL Slammer worm gained infamy for slowing down Internet traffic with denial-of-service attacks on some Internet hosts.
• Storm Worm: This worm utilized social engineering with fake news of a disastrous storm to drop botnets on compromised machines.
• Stuxnet: Some experts believe this sophisticated worm was developed for years to launch a cyberattack.

Symptoms of a computer worm 

Many of the symptoms of a computer worm are like that of a computer virus. For example, you may have a computer worm if your computer slows down, freezes, crashes or throws up error messages. You may also notice that files are missing or corrupted or that your hard drive's space is rapidly depleting inexplicably. Additionally, you may see alerts from your firewall about a breach. 

How to stop computer worms

Like other forms of malware — computer worms can be stopped with the right antivirus and anti-malware software and safe computing practices. Please don’t entertain suspicious links, emails, texts, messages, websites, P2P file networks, and drives. Also, update your essential software regularly to shield your computer from vulnerabilities like the wormable Windows flaw and the like.

News on computer worms

A computer worm is a malicious piece of software that replicates itself from one computer to another with the goal of overtaking the entire network of computers. Most worms are designed to infiltrate systems by exploiting their security failures, while very few also try to change the system settings. Even if they don’t, they are still very dangerous as they take up a lot of bandwidth and other valuable resources.

If a worm is indeed malicious and not just used to breach the system security, the code designed to carry out the attack is referred to as the payload. Payloads are usually created to change or delete files on a target network, extract personal data from them, or encrypt them and seek a ransom from the victim.

Despite the fact that many people use the two terms interchangeably, computer worms are not the same as computer viruses. For one, computer viruses by definition target individual computers, whereas worms target networks of computers to create botnets. Furthermore, while viruses are usually bundled with legitimate files or programs, computer worms are standalone and don’t require a host file.

Computer Worm Types

Although there are no official statistics available, it is safe to say that there are well over a million computer worms in the world, each designed for a specific purpose. Many of them have been isolated and are now routinely detected and removed by most of the best antivirus software. However, new worms are being developed almost daily and can sometimes go unnoticed by the user until it’s too late.

There is no universal classification of computer worms, but they can be organized into types based on how they are distributed between computers. The five common types are as follows:

1. Internet Worms

Like they do with computer networks, computer worms also target popular websites with insufficient security. When they manage to infect the site, internet worms can replicate themselves onto any computer being used to access the website in question. From there, internet worms are distributed to other connected computers through the internet and local area network connections.

2. Email Worms

Email worms are most often distributed via compromised email attachments. They usually have double extensions (for example, .mp4.exe or .avi.exe) so that the recipient would think that they are media files and not malicious computer programs. When the victims click on the attachment, copies of the same infected file will automatically be sent to addresses from their contacts list.

An email message doesn’t have to contain a downloadable attachment to distribute a computer worm. Instead, the body of the message might contain a link that’s shortened so that the recipient can’t tell what it’s about without clicking on it. When they click on the link, they will be taken to an infected website that will automatically start downloading malicious software to their computer.

3. Instant Messaging Worms

Instant messaging worms are exactly the same as email worms, the only difference being their method of distribution. Once again, they are masked as attachments or clickable links to websites. They are often accompanied by short messages like “LOL” or “You have to see this!” to trick the victim into thinking that their friend is sending them a funny video to look at.

When the user clicks on the link or the attachment – be it in Messenger, WhatsApp, Skype, or any other popular messaging app – the exact same message will then be sent to their contacts. Unless the worm has replicated itself onto their computer, users can solve this problem by changing their password.

4. File-Sharing Worms

Although illegal, file-sharing and peer-to-peer file transfers are still used by millions of people around the world. Doing so, they are unknowingly exposing their computers to the threat of file-sharing worms. Like email and instant messaging worms, these programs are disguised as media files with dual extensions.

When the victim opens the downloaded file to view it or listen to it, they will download the worm to their computer. Even if it seems that users have downloaded an actual playable media file, an executable malicious file could be hidden in the folder and discreetly installed when the media file is first opened.

5. IRC Worms

Internet Relay Chat (IRC) is a messaging app that is mostly outdated nowadays but was all the rage at the turn of the century. Same as with today’s instant messaging platforms, computer worms were distributed via messages containing links and attachments. The latter was less effective due to an extra layer of protection that prompted users to accept incoming files before any transfer could take place.

Computer Worm Examples

Jerusalem, the first known computer worm, was discovered in 1987. Since then, other computer worms have made the news, either because of their devastating effects or due to the sheer scale of the attack. Some of the most notorious examples of computer worms include the following:

• The Morris Worm was launched in 1988 by Robert Morris, an American student who wanted to discover how big the internet really was. To do this, he launched a few dozen lines of code, but he didn’t know that the code was riddled with bugs that would cause a variety of problems on affected hosts. The result was thousands of overloaded computers running on UNIX and a financial damage ranging between $10 million and $100 million.
• The Storm Worm is an email worm launched in 2007. Victims would receive emails with a fake news report about an unprecedented storm wave that had already killed hundreds of people across Europe. More than 1.2 billion of these emails were sent over the course of ten years in order to create a botnet that would target popular websites. Experts believe that there are still at least a million infected computers whose owners don’t know that they are part of a botnet.
• SQL Slammer was unique in that it didn’t utilize any of the traditional distribution methods. Instead, it generated a number of random IP addresses and sent itself out to them in hopes that they weren’t protected by antivirus software. Soon after it hit in 2003, the result was more than 75,000 infected computers unknowingly involved in DDoS attacks on several major websites.

Only the best antivirus software can help detect and remove certain types of computer worms. If you suspect your computer may have been infected, it is important to run a scan and remove compromised files from your system immediately.

Because worms exploit system and software vulnerabilities, you need to make sure that you’re always using the most recent versions of applications. Turn on automatic updates of your operating system to ensure that your computer is protected from worms and other potential threats. Don’t click on any links or open any attachments unless you are absolutely sure they were sent by your friends and not a worm.

Finally, to make sure that your computer stays safe online, you need to invest in the best antivirus software (like Norton, BitDefender, Intego or Panda). The right choice of software will help provide real-time protection for your computer and fend off all threats, including worms, viruses, malware, spyware, and ransomware.

Sources