Want to keep learning?

This content is taken from the Raspberry Pi Foundation & National Centre for Computing Education's online course, Introduction to Cybersecurity for Teachers. Join the course to learn more.


In this step, you will learn about some different examples of malware (malicious software). More specifically, you will learn about worms, viruses, Trojans, ransomware, and spyware.

computer screen that has been infected with malware


Worms are a form of malware that replicate themselves in order to spread to other computers. They can be programmed to damage software, but are often designed only to spread and infect as many devices as possible.

A famous example is the Mydoom worm, which was first launched in 2004 and became the fastest-spreading computer worm of its time. It was transmitted via email and infected hosts, causing them to carry out a distributed denial-of-service (DDoS) attack against several tech companies (you will find out more about DDoS attacks later). It is estimated that Mydoom infected between 16 and 25% of all emails in 2004 and caused approximately $38 billion worth of damage.

Worms can be detected and removed by antivirus software. You will learn how later.


Viruses are another form of malware that operate differently to worms. Worms come in the form of their own file or program, whereas viruses infect a file or program that already exists. In order for a virus to operate, the device user has to open the file or run the program. They can be harder to detect because they hide themselves in their host file. Viruses are less common than worms.

The Anna Kournikova virus was a famous example of a virus. The virus infected victims’ Outlook so that it sent an email to all of the contacts in their address book. The virus was disguised as a photograph of Anna Kournikova to trick victims into opening it.


Trojans are pieces of malware disguised as legitimate software. They are named after the famous wooden horse in Greek mythology that snuck Greek soldiers into Troy. Unlike worms, Trojans aren’t self-replicating, and unlike viruses, Trojans don’t infect other files. However, like viruses, they can only operate if the victim runs the program.

The Zeus Trojan often infects computers through phishing and pharming scams (as you learned about in Week 1). It takes control of the infected computers and turns them into bots. You will learn more about bots later. It can use these bots to conduct more criminal activity. For example, it can obtain the victim’s banking passwords by recording their key strokes. Because the Zeus Trojan uses malware to obtain sensitive information from its victim’s devices, it is also known as spyware.


Ransomware is a form of worm called a cryptoworm. Cryptoworms are worms that use cryptography to cause damage to the devices they infect. In particular, ransomware encrypts files on a victim’s device and then demands payment from the victim in exchange for the decryption key.

A recent example of ransomware is WannaCry. It is thought to have had hundreds of thousands of victims. In 2017, it infected computers within the NHS infrastructure. Over just one week, it caused an estimated 19,000 appointments to be cancelled because staff were unable to access patient records or equipment. The attack is estimated to have cost the NHS tens of millions of pounds, even though the ransom was not paid.

Many believe that the attack was enabled by out-of-date software. You will learn more about how to protect devices from malware in later steps. With ransomware, if your files are backed up on another device, then you are in a better position to refuse to pay a ransom, because it doesn’t matter if you don’t ever get access to your encrypted files.


Adware can be a worm, virus, or Trojan. It infects a computer and causes it to download or display malicious adverts or pop-ups when the victim is online. If you are online and see a large number of adverts, or you are receiving pop-ups when you’re offline, then your computer might have been infected by malware.

Next step

In the next step, you will learn about how malware accesses our computers.


  • Which of the attacks, worms, viruses, Trojans, and ransomware do you think would be the easiest to detect?
  • How would you protect your device from a Trojan?
  • Why do you think viruses are less common than worms?

Share your answers in the comments

Share this article:

This article is from the free online course:

Introduction to Cybersecurity for Teachers

Raspberry Pi Foundation