Malware.

Malware (malicious software) is an umbrella term for code whose behavior is harmful to the system it runs on or to its users. It includes viruses, worms, trojans, ransomware, spyware, rootkits, loaders and wipers, frequently chained in modern campaigns: an email lure drops a loader, which fetches a banking trojan, which deploys ransomware. Delivery vectors include phishing, drive-by downloads, malvertising, supply-chain compromise, removable media, and exploitation of unpatched vulnerabilities.

Landmark incidents show the spectrum. Stuxnet (2010) used four Windows zero-days to sabotage Iranian uranium centrifuges, the first malware to cause physical destruction. WannaCry (May 2017) weaponized the leaked EternalBlue SMBv1 exploit (MS17-010) to worm across 200,000+ machines in 150 countries. NotPetya (June 2017), disguised as ransomware, was a wiper that caused an estimated $10 billion in damage to Maersk, Merck and others. Emotet grew from a banking trojan into the dominant malware-as-a-service loader until a coordinated takedown (Operation Ladybird) seized its infrastructure in January 2021 — though it later resurfaced.

Modern malware uses packing, polymorphism, living-off-the-land binaries (LOLBins) and fileless techniques to evade signature scanning. Defence is layered: endpoint detection and response (EDR/XDR) for behavioral detection, prompt patching, application allow-listing, network segmentation, least privilege, phishing-resistant MFA, user training, and immutable offline backups tested for restoration.

flowchart TD
  D[Delivery: phishing / exploit / supply chain] --> E[Execution on endpoint]
  E --> P[Persistence: registry, scheduled task, service]
  P --> C2[Command and control channel]
  C2 --> A{Objective}
  A --> S[Steal data / credentials]
  A --> R[Encrypt for ransom]
  A --> L[Lateral movement]
  L --> P