What is malware? How to protect yourself from viruses, trojans, and cryptolockers

A burglar is highlighted by a laptop screen's glow.

Malware, or ‘malicious software,’ is a term for a variety of viruses, spyware, or cryptolockers that cause harm to a user, their data, or devices.

The term malware implies malicious intent on the side of the software developer, as opposed to, for example, software bugs, which can also cause loss of data or damage to a device.

[Keep up with the latest in privacy and security. Sign up for the ExpressVPN blog newsletter.]  

Previously, malware was described more precisely, using terms like virus, trojan, worm, or keylogger. These terms have fallen out of fashion as they are overly precise and often used incorrectly in popular usage.

The different types of malware

Today, most malware comes in the form of a virus and is named differently based on its function. But malware can also be introduced inadvertently through a software vulnerability.

How malware is spread

We categorize malware by how it spreads. Viruses and worms both replicate themselves on an infected machine, for example, by finding other machines on the same network with the same vulnerability.

But while worms are mainly designed to damage the network itself (for example through a denial of service attack), viruses inflict damage on the users’ device.

Trojans do not replicate themselves. Rather, the user is tricked into installing the malware, for example, through social engineering, or phishing. A trojan can come disguised as other software or even be part of apparently legitimate software and will make use of vulnerabilities to install itself with minimal user interaction. Trojans can also come as a plug-in to popular software or as a fake update.

What does malware do?

Whether dealing with a worm, a trojan or a virus, we can differentiate malware by their functions. Today, the most common kind of malware tends to be cryptolockers, adware, spyware, and scareware.


Cryptolockers, or ransomware, is a type of malware that encrypts your files upon infection. Ransomware makes all of your personal files inaccessible and can even turn the entire computer unusable. The software will demand a payment, typically in gift cards or Bitcoin, to decrypt your storage. As cryptolockers have become highly profitable compared to other types of malware, many vulnerabilities are typically exploited by this type of malware.


Spyware is all malware that collects your data without consent and can come bundled with free apps, or it can infect your computer through a virus or trojan.

Spyware can also be directly installed on your devices by somebody attempting to control you. Some spyware is designed to continuously collect your location data, app usage, passwords, and contact list. The most common types of spyware are keyloggers that record all your keystrokes, and screen-scrapers that regularly take screenshots of your screen.


Before cryptolockers, adware was a common kind of ‘less harmful’ malware that would monetize itself by showing advertisements to the user, for example, in the form of a toolbar in the browser.


Another type of malware is scareware, which does not actually harm the users’ device. Instead, it attempts to ‘scare’ the user into purchasing expensive subscriptions to remove a non-existent or hypothetical threat. Today, most anti-virus solutions can be regarded as scareware.

How to protect yourself from malware

There are three easy actions you can take to protect yourself from malware right now.

1. Always keep your device up to date

Viruses and many trojans rely on software bugs and vulnerabilities to spread. Install patches whenever they become available and enable automatic updates on your device when possible.

2. Always verify the source of software before installing

Protect yourself from malware bundled in with software by only downloading it from the official source, and verifying the integrity of the software, for example, by checking its hash or PGP signature.

3. Use a firewall

Your personal computer should never accept incoming connections. Your machine should come with a simple firewall installed that you should not disable. If you are behind a router, you likely enjoy some firewall privileges too. Running a VPN on your machine will also act as a firewall.

Lexie is the blog's resident tech expert and gets excited about empowerment through technology, space travel, and pancakes with blueberries.