Malware enters a system, then is identified as one of four types: virus, worm, trojan, or ransomware, each with a unique way of spreading and causing harm.
Execution Sample
Cybersecurity
Malware enters system
If malware is virus:
Infect files
If malware is worm:
Self-replicate and spread
If malware is trojan:
Hide inside legitimate software
If malware is ransomware:
Encrypt files and demand payment
This pseudocode shows how different malware types behave once inside a system.
Analysis Table
Step
Malware Type
Action Taken
Effect on System
Spread Method
1
Virus
Infects files
Damages or corrupts files
Needs user action to spread
2
Worm
Self-replicates
Consumes network resources
Spreads automatically over network
3
Trojan
Hides in software
Steals data or opens backdoor
Spreads by tricking user to run it
4
Ransomware
Encrypts files
Locks user data, demands payment
Spreads via phishing or downloads
5
None
No action
System secure
No spread
Exit
N/A
All malware types processed
System affected based on malware
Spread depends on type
💡 Execution stops after all malware types have been identified and their actions described.
State Tracker
Variable
Start
After Virus
After Worm
After Trojan
After Ransomware
Final
System State
Clean
Files infected
Network busy
Data stolen
Files encrypted
Compromised
Spread Method
None
User action needed
Automatic network spread
User tricked
Phishing/downloads
Varies by malware
Key Insights - 3 Insights
Why does a virus need user action to spread, unlike a worm?
Because viruses attach to files and require the user to open or run those files to spread, as shown in execution_table step 1 and 2 where virus spread depends on user action but worm spreads automatically.
How does a trojan differ from other malware in how it infects a system?
A trojan hides inside legitimate software and tricks the user to run it, unlike worms or viruses that spread automatically or infect files directly, as seen in execution_table step 3.
What makes ransomware especially harmful compared to other malware types?
Ransomware encrypts user files and demands payment to unlock them, causing direct loss of access to data, which is unique compared to other malware that may steal data or slow systems, as shown in execution_table step 4.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution_table at step 2. What is the main way a worm spreads?
ABy infecting files and needing user action
BBy self-replicating and spreading automatically over the network
CBy hiding inside legitimate software
DBy encrypting files and demanding payment
💡 Hint
Check the 'Spread Method' column at step 2 in the execution_table.
At which step does malware trick the user to run it?
AStep 3 - Trojan
BStep 2 - Worm
CStep 1 - Virus
DStep 4 - Ransomware
💡 Hint
Look at the 'Action Taken' and 'Spread Method' columns in execution_table step 3.
If ransomware did not encrypt files, what would change in the variable_tracker for 'System State' after ransomware?
AIt would stay as 'Data stolen'
BIt would change to 'Files infected'
CIt would not be 'Files encrypted' but something else
DIt would remain 'Files encrypted'
💡 Hint
Refer to the 'System State' row in variable_tracker after ransomware.
Concept Snapshot
Malware types:
- Virus: Infects files, needs user action to spread
- Worm: Self-replicates, spreads automatically over networks
- Trojan: Hides in software, tricks user to run it
- Ransomware: Encrypts files, demands payment
Each type harms systems differently and spreads uniquely.
Full Transcript
Malware enters a computer system and can be one of four main types: virus, worm, trojan, or ransomware. A virus infects files and needs the user to open or run infected files to spread. A worm copies itself and spreads automatically over networks without user help. A trojan hides inside normal software and tricks the user into running it, often stealing data or opening backdoors. Ransomware encrypts the user's files and demands payment to unlock them. Each malware type causes different damage and spreads in its own way. Understanding these differences helps protect computers and networks.