Often used interchangeably, the terms malware and virus have two distinct meanings.

Malware, or malicious software, is an overarching term used to describe any program or code that is created with the intent to do harm to a computer, network or server.

A virus, on the other hand, is a type of malware. Its definition is limited only to programs or code that self-replicates or copies itself in order to spread to other devices or areas of the network.

Based on the above definitions, the word malware can be used to refer to any type of virus. However, the word virus does not describe all types of malware.

The Difference Between Malware and a Virus

Aside from the matter of self-replication, there are other important distinctions between malware and viruses. Understanding the characteristics of these two cyber threats can help the user identify the type of attack and how to best resolve it.

Attack Type

Again, malware is an overarching category of attack. It includes subcategories such as ransomware, keyloggers, trojans, worms, spyware and, of course, viruses.

While there are many types of viruses, all of them share the ability to spread through self-replication.

Method of Infection

Typically, malware attacks are initiated through phishing or social engineering techniques, as well as corrupt attachments or downloads.

Most often, viruses are spread via web application, software and email; they can also be transmitted through infected websites, content downloads and corrupt storage devices.

Attack Operations

Malware works in different ways, but most start by ensuring a means of persistent access to a system so adversaries can slip into the network any time they like. Once inside, the malware takes control of the system with the purpose of communicating back to its original sender. The information it communicates may include sensitive data, intellectual property, captured keystrokes or images from a device’s camera, among other items.

Viruses, on the other hand, are usually dormant until the victim activates the attack, either through opening an infected application, downloading a corrupt file or clicking an infected link. Once activated, the virus may complete any number of tasks that it was designed to do, including deleting files, encrypting data, taking over system functions or disabling security settings.

Attack Outcomes

The outcome of a malware attack depends on the type of attack. In some cases, like ransomware attacks, the goal of the cybercriminal is to receive payment in return for system restoration. In others, like distributed denial of service (DDOS) attacks, the hacker may have no purpose other than to disrupt operations.

Though viruses vary in terms of sophistication, the attacker’s goal is generally to damage the user’s device or the larger network. For organizations, the virus may result in disrupted operations and may cost significant sums to restore the system, but the attacker typically does not profit off the activity directly unless the virus is part of a broader malware attack, such as a ransomware scheme.