Malware (a portmanteau for malicious software) is any software intentionally designed to cause damage to a computer, server or computer network.[1] Malware does the damage after it is implanted or introduced in some way into a target’s computer and can take the form of executable code, scripts, active content, and other software.[2] The code is described as computer viruses, worms, Trojan horses, ransomware, spyware, adware, and scareware, among other terms. Malware has a malicious intent, acting against the interest of the computer user—and so does not include software that causes unintentional harm due to some deficiency, which is typically described as a software bug.

Programs officially supplied by companies can be considered malware if they secretly act against the interests of the computer user. For example, Sony sold the Sony rootkit, which contained a Trojan horse embedded into CDs that silently installed and concealed itself on purchasers' computers with the intention of preventing illicit copying. It also reported on users' listening habits, and unintentionally created vulnerabilities that were then exploited by unrelated malware.[3]

One strategy for protecting against malware is to prevent the malware software from gaining access to the target computer. For this reason, antivirus software, firewalls and other strategies are used to help protect against the introduction of malware, in addition to checking for the presence of malware and malicious activity and recovering from attacks.[4]


This pie chart shows that in 2011, 70% of malware infections were by Trojan horses, 17% were from viruses, 8% from worms, with the remaining percentages divided among adware, backdoor, spyware, and other exploits.

Many early infectious programs, including the first Internet Worm, were written as experiments or pranks. Today, malware is used by both black hat hackers and governments, to steal personal, financial, or business information.[5][6]

Malware is sometimes used broadly against government or corporate websites to gather guarded information,[7] or to disrupt their operation in general. However, malware can be used against individuals to gain information such as personal identification numbers or details, bank or credit card numbers, and passwords.

Since the rise of widespread broadband Internet access, malicious software has more frequently been designed for profit. Since 2003, the majority of widespread viruses and worms have been designed to take control of users' computers for illicit purposes.[8] Infected "zombie computers" can be used to send email spam, to host contraband data such as child pornography,[9] or to engage in distributed denial-of-service attacks as a form of extortion.[10]

Programs designed to monitor users' web browsing, display unsolicited advertisements, or redirect affiliate marketing revenues are called spyware. Spyware programs do not spread like viruses; instead they are generally installed by exploiting security holes. They can also be hidden and packaged together with unrelated user-installed software.[11]

Ransomware affects an infected computer system in some way, and demands payment to bring it back to its normal state. For example, programs such as CryptoLocker encrypt files securely, and only decrypt them on payment of a substantial sum of money.[12]

Some malware is used to generate money by click fraud, making it appear that the computer user has clicked an advertising link on a site, generating a payment from the advertiser. It was estimated in 2012 that about 60 to 70% of all active malware used some kind of click fraud, and 22% of all ad-clicks were fraudulent.[13]

In addition to criminal money-making, malware can be used for sabotage, often for political motives. Stuxnet, for example, was designed to disrupt very specific industrial equipment. There have been politically motivated attacks that have spread over and shut down large computer networks, including massive deletion of files and corruption of master boot records, described as "computer killing". Such attacks were made on Sony Pictures Entertainment (25 November 2014, using malware known as Shamoon or W32.Disttrack) and Saudi Aramco (August 2012).[14][15]

Other Languages
asturianu: Malware
azərbaycanca: Ziyankar proqram
Bân-lâm-gú: Pháiⁿ-thé
беларуская: Шкодная праграма
български: Малуер
bosanski: Malware
čeština: Malware
dansk: Malware
Deutsch: Schadprogramm
eesti: Kurivara
español: Malware
euskara: Malware
فارسی: بدافزار
हिन्दी: मैलवेयर
Bahasa Indonesia: Perangkat perusak
italiano: Malware
עברית: נוזקה
Latina: Malware
lumbaart: Malware
magyar: Malware
മലയാളം: മാൽവെയർ
मराठी: मालवेअर
Bahasa Melayu: Perisian perosak
монгол: Malware
မြန်မာဘာသာ: မောလ်ဝဲလ်
Nederlands: Malware
日本語: マルウェア
norsk: Malware
norsk nynorsk: Malware
ਪੰਜਾਬੀ: ਮਾਲਵੇਅਰ
português: Malware
Scots: Malware
shqip: Malware
Simple English: Malware
slovenčina: Malware
کوردی: زیانامێر
српски / srpski: Малвер
srpskohrvatski / српскохрватски: Malware
Tagalog: Malware
Türkçe: Malware
ᨅᨔ ᨕᨘᨁᨗ: Malware
Tiếng Việt: Phần mềm ác ý
粵語: 惡意程式
中文: 恶意软件