A worm is a type of malware that reproduces itself, and then sends a copy to other computers on the network. This is all done without the user knowing it. The worm does not need to attach to an existing computer program. A computer virus needs to attach to a program.
Computer Worm
When a worm was first developed, its design was to be useful in helping fix network issues, but it ended up using valuable bandwidth and rebooted computers at random. Worms have actually been written to find out how a worm spreads. Others have created a worm to spread throughout a network without altering the computer system, but eventually they began deleting files on the host system.
With traditional reactive antivirus programs, zero-day attacks get into a computer. I use a proactive antivirus program that forces the user to approve of any questionable content. As always, never open any suspicious e-mail. A worm often uses e-mail to gain entry. Firewalls are always recommended for further protection against malware.
Network engineers have found a key that may indicate that a worm may have infected a computer. When someone is trying to get rid of a virus or malicious software, often many scans are performed by the user. There is software available for the engineer to use that shows the number of scans performed by any of the computers on the network. If the number of scans are above normal, it flags the network consultant to address the computer that is scanning excessively. This way, it may not be too late to get rid of the worm.
In 1988, Robert Tappan Morris was the first person tried and convicted of computer fraud and abuse. He created the “Morris worm” that affected about 10% of the computers using the internet. Morris was a computer science graduate student at Cornell University.
There have been about 43 worms identified in the past 20 years. You may have heard of the ILOVEYOU with the attachment LOVE-LETTER-FOR-YOU.txt. This worm was noted for its ability to copy itself, and then get sent out to the first 50 addresses in the Windows Address Book used by Microsoft Outlook. It was believed to have originated in the Philippines and caused around $5.5 billion dollars in damages.
My advice is to always use a proactive antivirus program, not a reactive program. A reactive software works against worms that have already been detected or reported. A proactive antivirus program prevents the worm from entering, even on the same day it was created.
Pingback: Trojan Horse Masquerade | endvirusthreat.com