9 examples of malware and our recommendations for protecting your system

By Ainhoa Carpio-Talleux

Published: 2 June 2025

Want to protect your business against malicious software? Discover our complete guide to everything you need to know about these harmful and dangerous computer programs. Examples of malware, how it works, what it can do to your system, recommendations... Find out all you need to know on the subject! 🛡️

See all software Cloud Security

What is malware?

Definition of malware

As its name suggests, malicious software is a type of software specially developed to harm a system. It can take different forms, but always has the same objective: to do damage. This can mean :

discreetly spying on your activity
enabling a computer attack,
recovering your sensitive data,
corrupting your files,
replicate themselves, etc.

In all cases, your computer system will pay the price.

🤔 What's the difference between a malicious program and standard software?

The distinction between malware and standard software is very simple, they are the exact opposite

Firstly, the software provides a useful service whereas the malware only does harm.
Secondly, the software is installed with the user's consent, the malware without their knowledge.
Finally, the software comes from a reliable publisher, whereas the malware is distributed via infected or dubious sources.

Purpose of malware

The main purpose of malware is to harm a system, but this harm can take several forms depending on the cybercriminal's objectives:

It damages files or disrupts the smooth running of a system.
Stealing sensitive information and bank details.
Spying on a user's online activities without their knowledge.
Takes full control of the device.
Generates profit via ransomware or unsolicited adverts.

The 9 main types of malware

For each malicious action, there is a dedicated piece of malware. Here is a list of the 9 main categories of software and how they work to help you detect them.

1- Computer viruses

The computer virus is the most common type of malware. It acts like a conventional virus, but in the digital world. In practice, it attaches itself to a host file or programme. If you download this item onto your computer, the virus remains inactive until you execute the item in question. That's why it's important to scan each piece of software before installing it, using a high-performance anti-malware program. Once executed, the virus carries out its intended actions (stealing passwords, sending spam to your contact list, etc.). A virus can also spread across an entire network.

Example of how a computer virus works:

2- Trojan horse

The Trojan horse takes the form of legitimate software and then allows a hacker to gain access to your computer system. This threat is unusual in that it is usually installed on a computer in good faith. The user really believes they are downloading a useful programme. As in the Greek legend that bears its name, the Trojan horse is used to open the doors of a system to other threats such as ransomware. We'll tell you all about them in the next section.

Example of a Trojan horse cyber attack:

3- Ransomware

Ransomware works as follows. Most often, it infects systems using phishing techniques. Specifically, someone clicks on an infected link, opens a corrupted attachment or downloads an item from a dubious site. Once inside the system, the malware wastes no time. It runs undetected and communicates with a remote server to receive instructions.

It then scans all disks for the most sensitive files. Once it has detected them, it encrypts them and blocks their execution. To regain access, the user will have to pay a ransom to the cybercriminal. But of course, there is no guarantee that the cybercriminal will keep his word.

Example of a ransomware attack:

4- Spyware

Spyware monitors and collects your information without your knowledge. It can record your keystrokes, passwords and browsing history, or even capture images of you via webcam. It is therefore a particularly pernicious type of malware because of its stealth.

It is usually introduced into a system via freeware from an insecure site. This is why you should always carry out a full analysis of your downloads before installation.

Example of how spyware works:

5- Adware

Adware should be classed as unwanted, rather than dangerous, software.

Its purpose? To display advertising insistently via pop-ups and redirects to dubious sites with the aim of earning a commission for each click. This won't do too much damage to your system, but it will slow down your browser and put your browsing data at risk.

Example of adware display:

6- Botnet

A botnet is a network of infected machines that are remotely controlled by a cybercriminal. If your computer is part of a botnet, it becomes a "zombie". In practical terms, this means that it can be remotely controlled by the cybercriminal without your knowledge. The aim? To use your computer to carry out massive attacks (such as a DDoS attack), send large-scale spam or mine cryptocurrency.

Botnets are often installed via a Trojan horse or worm. They are particularly formidable because they do not visibly affect the operation of your system.

Illustration of a botnet attack:

7- Fake security software (scareware)

As its name suggests, scareware plays on your fears. This malicious software presents itself as antivirus software that bombards you with worrying messages about your system's security. The aim is to get you to download a fake premium antivirus that will either have no effect at all (at best) or will be even more harmful software. Initially, scareware appears in the form of a pop-up window that is very difficult to close. It is therefore easy to identify, as long as you keep a cool head.

Example of a fake warning message from a scareware attack:

8- Fileless malware

Fileless" malware does not install itself on the hard disk, but runs directly in RAM. This makes it very difficult for traditional anti-virus software to detect. This type of malware exploits legitimate tools already present on the system, a technique known as Living off the Land (LOTL). Using these tools, the malware can :

execute malicious code in memory
modify the Windows registry,
elevate its privileges
spread laterally across the network.

9- The computer worm

The computer worm is an autonomous piece of malicious software. It does not need a host file to propagate. It duplicates itself and spreads rapidly across a network without the need for human intervention. This makes it extremely dangerous.

In just a few hours, it can paralyse an entire system and inject other malware by exploiting every possible security flaw.

Illustration of the difference between a computer virus and computer worms: omputer-virus-vs-worm

4 concrete cases of malicious software

WannaCry

The best-known ransomware is WannaCry. In 2017, it infected more than 300,000 computers in 150 countries by exploiting a flaw in Windows. It was responsible for paralysing numerous companies and well-known institutions such as FedEx, Renault and several British hospitals.

Emotet

Emotet is a Trojan horse. It is considered to be one of the most dangerous pieces of malware in the world. By spreading via email attachments, it then enabled the installation of other malware such as ransomware. A nightmare for banking institutions.

Pegasus

Pegasus is spyware developed by the Israeli company NSO Group. The spyware has been used extensively by governments to monitor journalists and political opponents. The programme is capable of taking control of the microphone and camera on smartphones without any intervention from the owner of the device.

Zeus

Zeus is another Trojan horse that targeted the financial world. Its modus operandi was as follows. By installing a keylogger, it captured its victims' bank details. It was able to steal hundreds of millions of dollars worldwide by spreading via emails and corrupt websites.

How do these malicious programs infect a system in just 4 steps?

Step 1: You download an infected application

The great strength of malware is concealment. It hides in the nooks and crannies of files, ready to carry out its misdeeds, or takes the form of reliable software. Real computer chameleons.

An unwary employee can easily download a malicious program in a number of ways.

The most common? A dubious source. The user picks up the software from an unofficial download site, via torrents or on an obscure forum without realising the risk. Hence the need for cyber training.

Then there are cracked or pirated versions of paid-for software, which are generally riddled with Trojan horses.

Finally, fake applications take the form of legitimate software. For example, a fake version of a popular antivirus that turns out to be scareware.

Step 2: You click on a booby-trapped link or attachment in an email

Phishing is the main IT threat facing businesses. In 2023, 1.76 billion fraudulent URLs were sent via email. A veritable epidemic.

Phishing works on the principle of social engineering. The cybercriminal sends an email that appears to come from a legitimate source (bank, customer, partner, etc.). The content generally tells the recipient that they need to reset an account to avoid losing it.

And that's how the victim gets tricked. A simple click on a fake contact form, the sending of bank or personal details and the trick is played.

Phishing can also take more elaborate forms. For example, company executives receive much more personalised messages that they think are from their superiors. This is known as whaling.

How can this type of danger be avoided? Create strict zero-trust processes that the whole company must respect.

Stage 3: You create vulnerabilities in the operating system

Once the malware has been installed, it does not remain inactive. Its main task? The malware will first disable your defences. It neutralises your antivirus software, stops automatic updates and disables the Windows firewall. This leaves your computer completely vulnerable. Next, the malware installs backdoors that give cybercriminals remote access to your machine. These backdoors are particularly vicious, as they remain active even after a reboot.

Stage 4: Cybercriminals connect to your compromised network

Cybercriminals now have complete access to your IT infrastructure. Thanks to previously installed backdoors, they can discretely connect to your network. A connection that often goes unnoticed.

Once connected, the hackers proceed to reconnoitre the terrain. They map your network to locate databases, administrator accounts or critical servers, depending on their objectives. And then it's time for the final attack. The hackers will :

Encrypt your data (ransomware),
steal your confidential information (data exfiltration),
use your system to launch other attacks (botnet).

What are the consequences of a computer attack?

Loss of files or sensitive data

The most harmful consequence of a malware attack is the destruction of your data. File deletion, database corruption, exfiltration of sensitive information... This is the worst thing that can happen to your business.

The cost is so high (business interruption, recovery costs, damage to reputation) that some organisations never recover.

☝️Prenons takes the example of the Shamoon malware, which hit oil company Saudi Aramco in 2012. This destructive programme wiped out the data on more than 30,000 computers in just a few hours. The company had to replace its entire IT infrastructure and it took months to return to normal operation.

Ransom demand (ransomware)

The worst thing about ransomware attacks is their paralysing effect. Once sensitive files have been encrypted, there's absolutely nothing you can do. Even the greatest IT expert in the world is powerless.

There are only two options: pay up or resign yourself to the loss of your files.

💡 We advise you to take the second option. Paying the ransom gives you absolutely no guarantee that the hackers will keep their word. In many cases, moreover, they never restore access.

Secondly, paying cybercriminals for their misdeeds means participating in an immoral economy and promoting an illegal activity that already claims hundreds of thousands of victims every year.

In our expert opinion, the only real solution against ransomware is prevention. Back up your databases regularly on external devices or in the cloud. That way, in the event of an attack, the hackers will have nothing to fall back on.

Long-term surveillance (spyware)

Spyware is the most pernicious form of malware. It doesn't actually destroy your files; it remains discreet and constantly monitors your activity.

When the opportunity arises, it will retrieve your passwords, capture your conversations and record your browsing history.

In business terms, it's a formidable weapon for industrial espionage and unfair competition. Your commercial strategies and customer data are at the mercy of hackers who can monetise them by blackmailing you or selling them to your competitors.

Hijacking a company's activities

If, by some misfortune, your company's IT network becomes part of a botnet, the consequences will be unfortunate on two levels.

Firstly, the performance of your installation will be reduced. Because your bandwidth is being used for a third-party activity, your systems will slow down.

The second problem is legal. If hackers use your structure to commit crimes, you risk prosecution.

Reduction in overall IT security

A successful computer attack will weaken your IT security. Malware doesn't just carry out its tasks, it also leaves traces in your system that can facilitate future attacks.

A vicious circle is created: the more your system is compromised, the more vulnerable it becomes to future attacks.

That's why you can't afford not to have a comprehensive cyber security strategy.

How can you protect yourself from malicious software? 5 tips

Use an up-to-date antivirus and firewall

The quickest and easiest thing you can do for your cyber security is to install a high-performance antivirus.

This basic protection will provide you with an initial barrier against common attacks such as ransomware, Trojans, viruses, etc.

An anti-malware solution offers other interesting features, such as manual analysis of your system, scanning of your downloads and integration of a VPN for your browsing.

You can opt for a free solution on a personal level. But if you're a business, we really advise you to opt for a premium package for maximum security.

Avoid suspicious sites or files

Vigilance is the best weapon against many cyber attacks, particularly those based on social engineering (phishing, scaraware, etc.).

Before even considering training your teams, it is essential to implement good IT practices. This means

recognising the warning signs, for example an email with spelling mistakes, a strange URL, unknown sender, etc. ;
banning dubious download sites and illegal platforms;
introduce a strict policy on USB sticks and external media.

Update your operating system regularly

Working on an obsolete version of software for several weeks exposes you to unnecessary risks.

So, to avoid forgetting something that could prove fatal, activate automatic updates on all your workstations. Windows, macOS, but also your web browsers, office suites and business software need to be constantly updated.

Pay particular attention to the following applications

PDF readers
web plugins
compression software.

These are often neglected, even though they are prime entry points for malware.

We strongly recommend that you manage all your company's system updates centrally. You'll have full visibility of the security status of your entire fleet, and updates will be as easy as a few clicks.

Train employees in cyber risks

According to a study by IBM, over 90% of successful cyber attacks are the result of human error.
This figure shows the extent to which cyber training has become essential for guaranteeing business security.

👉Every level of the organisation needs to be trained in the risks that affect them in particular. For example, management and finance teams need to pay particular attention to the risks of phishing and whaling.

Organise regular practical exercises, such as sending fake emails, to identify the members of your organisation who need more in-depth training.

Create a genuine culture of cybersecurity, with clear processes to follow in the event of infection and a zero-trust policy.

Back up data securely

Even with an effective cyber security strategy, there is no such thing as zero risk. So you need a backup to avoid losing all your data if it is corrupted by a virus or encrypted by ransomware.

The best guarantee is still a backup. Automate the process to avoid forgetting and make sure that copies are made on a medium external to the system.

Don't forget to test your restoration procedures regularly to avoid unpleasant surprises in the event of an attack.

What software is needed to stop malware?

For effective protection against malware, you need to invest in professional protection software. Simple free antivirus software for private users is not enough. For businesses and the self-employed, 360° security is essential.

We have tested and analysed a large number of anti-malware software products, and here are the ones we recommend:

Avast Premium Business Security is a dedicated solution for SMEs with a firewall, AI detection of zero-day threats and a centralised management platform. Multi-layered protection with a focus on the risks of phishing and ransomware.
GravityZone Small Business Security (Bitdefender) is modular protection that adapts to your growth. It incorporates advanced machine learning and behavioural analysis technology and a centralised console for all your endpoints.
Malwarebytes is easy-to-use anti-malware and anti-spyware software aimed primarily at entrepreneurs and SMEs with no technical skills. It offers multi-layered AI protection against malware. Simple and powerful.
ManageEngine EventLog Analyzer is a log monitoring platform that detects suspicious behaviour in real time using AI behavioural analysis.
Norton 360 is a multi-purpose independent/individual software package with multi-layer protection, secure VPN and password manager. It offers automatic cloud backup and dark web monitoring to keep your personal information safe.