Computer worm

A computer worm can propagate or replicate itself without a host file. Think you have a computer worm? Download Malwarebytes free to scan your computer.

What is a computer worm? 

Several things may come to mind when you think of the word “worm." You may think of delicious soft chewie candies that are sugary and maybe a little sour. Or you may think of the cold-blooded invertebrate animals that wiggle across the Earth’s surface. And if you’re thinking in computing terms, the malware may spring to mind.

Similar to real worms, you can say that computer worms don’t have much of a backbone because they often rely on trickery to infect their hosts. They may also seem a bit coldblooded because they can be remorselessly destructive. Let’s learn more about them.

Worm definition (computer)

A computer worm is a subset of the Trojan horse malware that can propagate or self-replicate from one computer to another without human activation after breaching a system. Typically, a worm spreads across a network through your Internet or LAN (Local Area Network) connection. Naturally, you must be wondering what is a Trojan and how does it relate to computer worms?   

To keep it brief, a Trojan uses trickery and social engineering to deceive people into running it. For example, a Trojan may pretend to be legitimate software. A worm is a type of Trojan because it normally relies on social engineering to attack systems.  

How does a computer worm spread?

  • Phishing: Fraudulent emails that look authentic can carry worms in corrupt attachments. Such emails may also invite users to click malicious links or visit websites designed to infect users with worms.
  • Spear-Phishing: Targeted phishing attempts can carry dangerous malware like ransomware cryptoworms.  
  • Networks: Worms can self-replicate across networks via shared access.
  • Security holes: Some worm variants can infiltrate a system by exploiting software vulnerabilities.
  • File sharing: P2P file networks can carry malware like worms.
  • Social networks: Social platforms like MySpace have been affected by certain types of worms.
  • Instant messengers (IMs): All types of malware, including worms, can spread through text messages and IM platforms such as Internet Relay Chat (IRC).  
  • External devices: Worms can infect USB sticks and external hard drives.

What does a computer worm do?

Once a computer worm has breached your computer’s defenses it can perform several malicious actions:

  • Drop other malware like spyware or ransomware
  • Consume bandwidth
  • Delete files
  • Overload networks
  • Steal data
  • Open a backdoor
  • Deplete hard drive space

Computer worm vs. virus

Some people think that a computer worm and computer virus are the same things because the two behave similarly. They may even use the terms like "worm computer virus" or "worm virus malware." The truth is that the two are comparable but different threats.

The defining difference between a virus and a worm is that viruses rely on human action for activation and need a host system to replicate. In other words, a virus won’t harm your system unless you run it. For example, a virus on a flash drive connected to your computer won’t damage your system unless you activate it. And as mentioned above, a worm doesn’t need a host system or user action to spread.

Computer worm examples

Over the years, there have been some particularly devastating worms. Some worms have caused billions in damage. Here is a brief list of some infamous ones:

  • Morris Worm: Also known as the Internet worm, this was one of the first computer worms to spread via the Internet and earn notoriety in the media.
  • Bagle: Also known as Beagle, Mitglieder, and Lodeight, this mass-mailing worm had many variants.
  • Blaster: Also known as MSBlast, Lovesan, and Lovsan, this worm attacked computers running Windows XP and Windows 2000.
  • Conficker: Also known as Downup, Downadup, and Kido, this worm exploited flaws in Windows to infect millions of computers in over a hundred countries.
  • ILOVEYOU: The ILOVEYOU worm infected tens of millions of computers globally, resulting in billions of dollars in damage.
  • Mydoom: This became the fastest-spreading email worm in 2004, sending junk email across computers.
  • Ryuk: Although Ryuk wasn't always a worm, it's now worm-like ransomware.
  • SQL Slammer: The SQL Slammer worm gained infamy for slowing down Internet traffic with denial-of-service attacks on some Internet hosts.
  • Storm Worm: This worm utilized social engineering with fake news of a disastrous storm to drop botnets on compromised machines.
  • Stuxnet: Some experts believe this sophisticated worm was developed for years to launch a cyberattack.

Symptoms of a computer worm 

Many of the symptoms of a computer worm are like that of a computer virus. For example, you may have a computer worm if your computer slows down, freezes, crashes or throws up error messages. You may also notice that files are missing or corrupted or that your hard drive's space is rapidly depleting inexplicably. Additionally, you may see alerts from your firewall about a breach. 

How to stop computer worms

Like other forms of malware — computer worms can be stopped with the right antivirus and anti-malware software and safe computing practices. Please don’t entertain suspicious links, emails, texts, messages, websites, P2P file networks, and drives. Also, update your essential software regularly to shield your computer from vulnerabilities like the wormable Windows flaw and the like.

News on computer worms

Select your language