Examples of the Most Damaging Malware

All malware is bad, but some types of malware do more damage than others. That damage can range from loss of files to total loss of security -- even outright identity theft. This list (in no particular order) provides an overview of the most damaging types of malware, including viruses, Trojans and more.

Overwriting Viruses

Lee Woodgate/Getty Images

Some viruses have a malicious payload that causes certain types of files to be deleted - sometimes even the entire drive contents. But as bad as that sounds, if users act quickly the odds are good the deleted files can be recovered. Overwriting viruses, however, write over the original file with their own malicious code. Because the file has been modified/replaced, it can't be recovered. Fortunately, overwriting viruses tend to be rare - in effect their own damage is responsible for their shorter lifespan. Loveletter is one of the better-known examples of malware that included an overwriting payload.​

Ransomware Trojans

Ransomware trojans encrypt data files on the infected system, then demand money from the victims in exchange for the decryption key. This type of malware adds insult to injury - not only has the victim lost access to their own important files, they've also become victim to extortion. Pgpcoder is perhaps the best-known example of a ransomware trojan.

Password Stealers

Password stealing trojans harvest login credentials for systems, networks, FTP, email, games, as well as banking and ecommerce sites. Many password stealers can be repeatedly custom configured by attackers after they've infected the system. For example, the same password stealing trojan infection could first harvest login details for email and FTP, then a new config file sent to the system which causes it to turn attention to harvesting login credentials from online banking sites. Password stealers that target online games are perhaps the most commonly talked about, but by no means are games the most common target.


In its simplest form, a keylogger trojan is malicious, surreptitious software that monitors your keystrokes, logging them to a file and sending them off to remote attackers. Some keyloggers are sold as commercial software - the type a parent might use to record their children's online activities or a suspicious spouse might install to keep tabs on their partner.

Keyloggers may record all keystrokes, or they may be sophisticated enough to monitor for a specific activity - like opening a web browser pointing to your online banking site. When the desired behavior is observed, the keylogger goes into record mode, capturing your login username and password.


Backdoor trojans provide remote, surreptitious access to infected systems. Put another way, it's the virtual equivalent of having the attacker sitting at your keyboard. A backdoor trojan can allow the attacker to take any action you - the logged in user - would normally be able to take. Via this backdoor, the attacker can also upload and install additional malware, including password stealers and keyloggers.


A rootkit gives attackers full access to the system (hence the term 'root') and typically hides the files, folders, registry edits, and other components it uses. In addition to hiding itself, a rootkit typically hides other malicious files that it may be bundled with. The Storm worm is one example of rootkit-enabled malware. (Note that not all Storm Trojans are rootkit-enabled).


While said to be more theory than practice, this form of hardware targeting malware is perhaps the most concerning. Bootkits infect flash BIOS, causing the malware to be loaded even prior to the OS. Combined with rootkit functionality, the hybrid bootkit can be near impossible for the casual observer to detect, much less to remove.