Examples of the Most Damaging Malware

Malware over lines on code on a computer screen
Daniel Sambraus / EyeEm Getty

All malware is bad, but some types of malware do more damage than others. That damage can range from loss of files to total loss of security — even outright identity theft.

Overwriting Viruses

Illustration of the world with keyboards hacking it

Lee Woodgate / Getty Images

Some viruses deliver a payload that causes certain types of files to be deleted — sometimes even the entire drive contents. But as bad as that sounds, if you act quickly the odds are good you'll recover the deleted files. Overwriting viruses, however, write over the original file with their own information. Because the file has been modified or replaced, it can't be recovered. Overwriting viruses tend to be rare; their own damage is responsible for their shorter lifespan. Loveletter is one of the better-known examples of malware that included an overwriting payload.​

Ransomware Trojans

Trojan horse virus digital illustration
Image Source / Getty Images

Ransomware Trojans encrypt data files on the infected system, then demand money from the victims in exchange for the decryption key. This type of malware adds insult to injury — not only do you lose access to your own important files, but you also become victim to extortion. Pgpcoder is perhaps the best-known example of a ransomware trojan.

Password Stealers

Virus word marked with yellow marker and a memory card
Towfiqu Photography / Getty Images

Password-stealing trojans harvest login credentials for systems, networks, FTP accounts, email, games, as well as banking and e-commerce sites. Many password stealers can be repeatedly custom-configured by attackers after they've infected the system. For example, the same password-stealing trojan infection could first harvest login details for email and FTP, then a new config file sent to the system which causes it to turn attention to harvesting login credentials from online banking sites. Password stealers that target online games are perhaps the most commonly talked about, but by no means are games the most common target.


Hard typing on keyboard in dark room
Bill Hinton / Getty Images

In its simplest form, a keylogger trojan monitors your keystrokes, logging them to a file and sending them off to remote attackers. Some keyloggers are sold as commercial software — the type parents might use to record their children's online activities or a suspicious spouse might install to keep tabs on his or her partner.

Keyloggers may record all keystrokes, or they may be sophisticated enough to monitor for a specific activity like opening a web browser pointing to your online banking site. When the desired behavior is observed, the keylogger goes into record mode, capturing your login username and password.


Top down view of exploding computer keyboard at night
gremlin / Getty Images

Backdoor Trojans provide remote, surreptitious access to infected systems. Put another way, it's the virtual equivalent of having the attacker sitting at your keyboard. A backdoor trojan can allow the attacker to take any action you, as the logged-in user, would normally be able to take. Using this backdoor, the attacker can also upload and install additional malware, including password stealers and keyloggers.


Rootkit Virus Cyber Criminal Spyware 3d Illustration
stuartmiles99 / Getty Images

A rootkit gives attackers full access to the system (hence the term root) and typically hides the files, folders, registry edits, and other components it uses. In addition to hiding itself, a rootkit typically hides other files that it may be bundled with. The Storm worm is one example of rootkit-enabled malware.


Organic computer network security concept
gremlin / Getty Images

While thought to be more theory than practice, this form of hardware targeting malware is perhaps the most concerning. Bootkits infect flash BIOS, causing the malware to be loaded even prior to the OS. Combined with rootkit functionality, the hybrid bootkit can be near impossible for the casual observer to detect, much less to remove.

The Best Defense

Routinely scan your computer for malware and take appropriate steps to protect yourself, including:

  • Using strong passwords that don't repeat across sites.
  • Installing anti-malware software and keeping it updated.
  • Regularly installing security patches for your computer's operating system.
  • Don't click suspicious links in email or on websites.