Malware in its early days were written by computer enthusiasts as experiments or pranks generally intended to be harmless. Young programmers learning about viruses and the techniques wrote them for the sole purpose to see how they could control the world. Since the rise of widespread Internet access, email, IM, BBS, and e-commerce have brought an easier life along with more and more security concerns. Maicious software has come to be designed for a profit motive, stealing user infromation to conduct illegal activities. Major behaviors of malware can be concluded as follows.

 

Usernames and passwords of email, IM (QQ, MSN), BBS, can be stolen as the revenue to access personal privacy and business confidentials and, moreover, conduct fraud. Usernames and passwords leakage of online games, online payment system, and e-bank results direct financial loss of users.

 

User information include system registration information, IP, emails or other contact information in contact list of local system, even browsing habit of users. These information can be used by malware author to send advertisement or sold to a third-party as the source of massive spamming.

 

Some malware are designed to surreptitiously record user operations, including keyboard input or even complete screen grabs, and send these privacy-invasive involving information are sent periodically to a third beneficiary.  

 

Advertisement promotion is another important tool that a malware author uses to gain profit. Advertisement are distributed via spam or directly make annoying popping up on user screen to increase the click rate of certain websites. Unwitting users fall victim to massive spamming and have to suffer from helping advertise malware.

 

A malware author is able to conduct remote control over user computers to execute certain attack commands trageted at specific servers. It could be a denial-of-service attack (DDoS) or Internet break-in, leading unwitting users to be blacklisted by ISP and creat interruptions in their use of Internet.

 

Many types of malware are equipped with periodic auto-updating ability to avoid being removed. Moreover, they are capable of downloading more malware with more functions, sometimes up to 10 types in a couple of hours, exposing users to greater risk.

 

A malware installed computer can be turned to be a part of botnet receiving remote control from the malware author. The commands it receives include spamming, popping up advertisement, launch Internet attacks, and download more malware. A remotely controlled machine gives chances as well to individual privacy and business confidentials leakage, or turn on webcam to peep user private life.

 

Adware may change some system settings (browser settings) to provide more conveniency to massive advertisement promotion. Trojan often tempers boot options and file association settings to activate auto-running by registering itself as a windows service. And it's able to prevent users to reset the tempered options.

 

Some malware need to occupy a large share of CPU resource, memory, and bandwidth when they conduct malicious activities. Different type of malware even compete for these resources for a better running, which results system performance greatly undermined.

 

Malware sometimes is able to shut down anti-malware engine or firewall to bypass the anti-malware inspection and weaken browser's security protection. Some adware may even infect the system with vulnerability that is easily exploited by other malware.

 

Malware can lead infected files and other system operations malfunction. Virus, Trojan, backdoors still can deliberately damage user system that get files deleted, information modified and data destroyed.