Malware attacks: What you need to know


Malware can be a threat to your devices and your cybersecurity. Here’s what you need to know.

Malicious software, more commonly known as malware, can be a threat to your devices, online privacy and your cybersecurity. It’s software that cyber attackers develop to gain access or cause damage to a computer or network, usually without the victim’s knowledge.

Although your computer may be infected through less complicated means — such as clicking on infected email attachments — it’s smart to know about the more elaborate types of attacks cybercriminals use to try to access your personal information.

What is a malware attack?

A malware attack is when cybercriminals create malicious software that is then installed on someone else’s device without their knowledge. This type of attack is to gain access to personal information or to damage the device, usually for financial gain. Different types of malware include virusesspywareransomware, and Trojan horses. Malware attacks can occur on all sorts of devices and operating systems.

Types of malware attacks

Malware attacks seem to get more sophisticated every year. Because malware is often difficult to detect, and devices are typically infected without the user even noticing, it can be one of the primary threats to your personal information that you must be on guard for.

Here are some of the most common types of malware attacks and the cybersecurity threats they present.

Exploit kit

Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a target’s computer or mobile device. The kits come with prewritten code that will search for vulnerabilities. When a vulnerability is found, the kit can inject malware into the computer through that security hole. This is a highly effective malware attack variety, and one of the reasons why it is so important to run software updates as soon as they become available in order to patch security flaws.

Malicious websites and drive-by-downloads

A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit for malware attacks. There is no interaction needed on the user’s part other than visiting the infected webpage. The exploit kit will look for a vulnerability in the software of the browser, and inject malware via the security hole.


Malicious advertising — malvertising, for short — is a threat that’s popular among cybercriminals. The cybercriminal will purchase legitimate advertising space on legitimate websites, but malicious code will be embedded within the ad. Similar to a drive-by-download, there is no interaction needed on the user’s part to download the malware and be impacted by this kind of malware attack.

Malvertising is different from adware — another type of malware — that can display unwanted advertisements or content on your screen when you browse the web.

Man-in-the-middle (MitM) attack

man-in-the-middle attack employs the use of an unsecured, or poorly secured, usually public Wi-Fi router. The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use.

Once the attacker has found the vulnerability, they will then insert themselves in between the user’s computer and the websites that user visits and intercept the messages or information being transmitted between the two, such as passwords or payment card data.

main laptop clean

Man-in-the-browser (MitB) attack

This is similar to a man-in-the-middle attack attack. All an attacker needs to do is inject malware into the computer, which will then install itself into the browser without the user’s knowledge. The malware will then record the data that is being sent between the victim and specifically targeted websites.

Once the malware has collected the data it was programmed to collect, it transmits that data back to the attacker. While the two attacks have the same goal, this attack is simpler in nature, because the attacker does not need to be within physical proximity of a router as in the man-in-the-middle attacks.

Social engineering and malware attacks

Social engineering is a popular malware delivery method that involves the manipulation of human emotions. Social engineering uses spam phishing via email, instant messages, social media, and more. The goal is to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware.

Often, the messages come in the form of a scare tactic, stating that there is something wrong with an account, and that the user should immediately click on the link to log into their account or download an attachment that conceals malware.

The link will lead the user to a copy of the legitimate website, in the hope that the user will enter their credentials for the site so they can be taken by the cybercriminal.

What should I do about malware attacks?

Malware is a fact of life on the internet and all connected devices. But there are actions you can take to avoid malware attacks. Here are some important ones.

Keep your software updated

Software updates are important because they repair security holes that have been discovered, and fix or remove computer bugs. It’s smart to run software updates as soon as they become available.

Back up your files regularly

Regularly copy your data to an external hard drive or a reputable cloud storage provider in case it’s ever compromised in a malware attack. Back up the data on all of your devices, including your tablets, computers, and smartphones.

Scan executable files before running them

“Executable” files, which end in “.exe.”, contain step-by-step instructions for a computer to carry out a function. Double-clicking the .exe file will trigger your computer to execute these instructions using a software program.

There are plenty of software options that contain antivirus software, but it’s a good idea to choose one that scans in real-time rather than manually.

Norton logo
  • Norton
Norton empowers people and families around the world to feel safer in their digital lives

Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc. 


    Want more?

    Follow us for all the latest news, tips and updates.