Tutorials WordPress

What Is Malware? Here’s What You Need to Know to Keep Your Website Safe

Malware is one of the great boogeymen of the internet. It’s been around longer than the web itself and continues to be a threat to website owners, developers, and internet users to this day. If you don’t understand what malware is and how it can affect your site, you’re leaving yourself vulnerable.

However, as malware evolves, so do the tactics for protecting against it. While malware can affect almost every site and device, if you educate yourself on how it works, you’ll have a good foundation for protecting yourself. Even better, there are a number of basic techniques you can use to strengthen your website against attacks.

In this guide, we’ll go all the way back to the early days of the internet and discuss malware from its beginnings to the modern day. We’ll also explore some of the most common forms of malware and how they affect your site. Finally, we’ll show you how you can protect your WordPress site from malware. Let’s get started!

The History of Malware

Malware refers to any software developed with the intention of causing damage or gaining access to someone else’s system. In fact, the word itself is short for malicious software. Malware is sometimes simply referred to simply as viruses, but that is a reductive description. In reality, malware includes a wide variety of programs with multiple purposes and methods.

The history of malware stretches almost as far back as the dawn of personal computers. It’s thought that the first piece of malware to reach the public was Elk Cloner, written by 15-year-old student Rich Skrenta as a joke. It was spread on a game disk that would display a poem after a certain amount of time. The program would also copy itself onto the computer’s memory and, after that, be automatically copied onto any disk that was inserted into that machine.

While Elk Cloner did little actual harm to the infected devices, it was only the harbinger of things to come. As personal computers became more common from the mid-1980s onwards, malware also became more prevalent. Few programs were as harmless as Skrenta’s creation.

One early example is CIH, which would cause massive damage to both software and hardware. It’s estimated that CIH infected over 60 million devices for a total of $1 billion in damages.

At the time, malware was primarily delivered via disks so it was mainly spread on shared networks (such as those in universities and libraries). However, with the appearance of the internet, a new era of malware emerged. Today, malware can be spread online much faster than before and infect more sites and devices than ever.

How Malware Works Today

The trickiest thing about malware is that it’s often delivered under the radar so you don’t notice anything until it’s too late. It can be sent via email, added to a website so that it infects visitors, or hidden within a seemingly innocent program. There’s even such a thing as fileless malware, which affects your memory but doesn’t leave any trace on your hard-drive (to avoid detection).

In short, malware is a lot more sophisticated today than when it relied on floppy disks. It’s also a lot more insidious and dangerous with a more focused purpose. In the past, viruses and other malware were usually created with the intent to brag or annoy others. Now it’s a money-making industry, encompassing networks of developers who are working full-time to create new ways of spreading unwanted, harmful software.

If that sounds frightening, it probably should. As a website owner, malware can affect you in several ways. In the worst case scenario, attackers could access your site and leak sensitive information. They can also insert malware that infects the devices of people who visit your site. For example, this could be done by adding JavaScript to banner advertisements.

The sad fact is that no device or site is ever completely secure. Malware is an industry that’s continuously improving and changing its methods, so you’ll never want to assume you can rest easy. Not even Internet of Things devices are safe. To defend yourself against this threat, you’ll need to learn as much about it as possible.

Be awesome on the internet. Join our monthly newsletter to get tips and tricks for making the most out of your online presence.

9 Types of Malware (And How They Affect Your Site)

We’ve spoken about malware from a general perspective up until now. However, as we mentioned earlier, there are many different types out there. Let’s look more closely at some of the most prevalent kinds of malware and how they can impact your WordPress site.

1. Computer Viruses

This is arguably the most famous type of malicious programming — to the point that virus is commonly used as a synonym for all malware. In reality, a computer virus refers to any software that replicates itself and adds its own code into other programs. That’s why we use the term infected to describe the affected system.

Since it hides its own programming inside some other software’s code, a virus can be used to perform almost any task. This task is known as its payload and can affect your site in numerous ways. For example, a virus could be used to access sensitive information, delete important data, hog site storage and server resources, or replace your content with spam.

To protect yourself, you’ll need antivirus software. It’s likely you already have this installed on your computer and devices, but it’s a must for websites as well. Some web hosts offer built-in protection as part of their plans, which will help to stop most common attacks. You may also want to consider a WordPress security plugin that will scan your files for unwanted content, including viruses.

2. Trojan Horses

The Trojan horse myth is the story of how the Greek army managed to enter the besieged city of Troy in order to destroy it from the inside. They did so by gifting the Trojans a giant wooden horse that was secretly loaded with Greek soldiers. Surprise! When the horse was brought inside the city gates, the hidden soldiers jumped out and overtook the city.

The horse’s modern-day namesake functions in much the same way. A trojan horse is a piece of software that appears to be doing one thing, while hiding its true functionality. For example, this could take the form of a screensaver that secretly corrupts files or drains your device’s memory.

On WordPress websites, trojan horses can be plugins that claim to do something helpful while actually running malicious code in the background. This usually happens when you install pirated plugins or themes, which attackers can use to add backdoors and access your site’s data.

To avoid this, make sure you’re careful about what you add to your site. It’s vital to always use trusted plugins from reputable, secure sources. This probably goes without saying, but pirating software is a lose-lose situation, both for you and its creators. Just say no.

3. Cryptocurrency Miners

The growing popularity of cryptocurrency like Bitcoin has had many strange side effects. For one, it’s caused the prices of graphics cards to rise. It’s also led to the creation of something called bitcoin mining. If this sounds confusing, that’s because it is.

The short version: bitcoin is a type of virtual currency that can be mined (or collected) by using some of your computer’s processing power. This is why so many people buy graphics cards to mine it themselves. However, some people have naturally found a way to force other people’s systems to do the job.

By installing mining software on a device or site, hackers can use that system’s resources to mine for bitcoin. It may not even be that noticeable, since many of these schemes infect thousands of devices and only use a fraction of each system’s resources to stay hidden.

Protecting your site from this type of malware involves tracking your files to make sure none of them are malicious. You should make sure that you have a Web Application Firewall (WAF) and the ability to scan your site. If your site does get infected, you may need to perform some cleaning.

4. Spyware

As the name suggests, spyware is a program that hides on your device and collects information. This makes it one of the most dangerous types of malware as it can be used to gather sensitive data. Common uses for spyware include tracking your keyboard to collect passwords. It can also be used to watch your web activity or private conversations.

Spyware usually spreads by either using the Trojan horse method of hiding inside other software or by being added to a website. When the latter occurs, the spyware will infect the devices of anybody who visits the site. In 2015, several WordPress sites were compromised in exactly this way.

An important way to avoid spyware is by making sure every aspect of your site is always updated. This includes your WordPress install, theme, and plugins. You may need to perform these updates manually, but if you’re using managed hosting, your web host will usually take care of this for you.

5. Adware

Most of the malware variations we’ve discussed are purposefully designed to remain hidden. However, some take the opposite approach. Such is the case with adware, which forces the user to interact with an advertisement.

Most of the time, this type of malware is harmless beyond being intentionally irritating. The goal is to make money by getting people to click on banners and links. Adware can also appear as pop-ups you can’t close or that will infinitely reopen until you click on them.

Related: The Great Pop-Up Debate (and Other Dark UX Problems)

Once again, the main vulnerability for WordPress users has to do with plugins. This was demonstrated in 2016, when the Simple Share Buttons plugin exposed thousands of users to adware. After an update, the plugin placed a message on the dashboard that you couldn’t remove without clicking on it.

For this reason, it’s important to continuously scan your files, especially whenever you add or update a plugin. You could also use a tool like Plugin Security Scanner, which checks your theme and plugins daily.

6. Ransomware

If adware is the beggar of the malware world, ransomware is the bully. This is another type of malware that doesn’t hide in the shadows but proudly makes its existence known. Ransomware will threaten you with some action or disrupt your system unless you pay to have it removed.

A common method of extortion is to encrypt your files and make them inaccessible. The attackers will then demand payment if you want to have the files decrypted. However, ransomware can also be used in reverse — to stop attackers from leaking information or damaging your system in some other way.

Ransomware is often spread via emails, masquerading as attachments that infect the network once opened. It can also be used to target WordPress sites. In these cases, the ransomware typically encrypts each site’s files then tries to make the owner pay to get them back again.

The best way to thwart these attacks is by keeping regular backups of your site. It’s also important to keep every aspect of your site safe as it could otherwise contain vulnerabilities attackers can take advantage of.

7. Wiper

In software terms, the word wipe is rarely attached to good news. As you might suspect, wiper malware is used to destroy the device or network it infects, making it one of the most overtly destructive types of malware.

Wiper malware is primarily used as a type of cyber warfare. The goal is almost always to attack and destroy, rather than to sneakily use another device for illicit means. One of the most famous examples is the Shamoon attack, which was used to steal files from computers before wiping their storage clean. There’s also the Petya software, which purports to be ransomware, even though it doesn’t actually recover the destroyed files once a payment is made.

Once again, keeping regular backups is your most important defense. This way, you’ll ensure that your data is recoverable even if your site is hit by a wiper. Avoiding a wiper entirely will require you to use all possible methods of site security. You’ll also want to be prepared to clean up your site if the worst-case scenario comes to pass.

Related: How to Back up Your WordPress Website — A Complete Guide

8. Computer Worms

Computer worms are similar to viruses, with the exception that worms spread autonomously. A virus requires something else to help it move between systems, but worms can work on their own.

For example, a virus could be triggered when you start an application or insert a disk into your hard drive. Meanwhile, a worm can automatically spread itself, such as through email. In that case, the worm will look at your address book and send itself to all the contacts within. It can then repeat this process more or less forever. In fact, some of the most long-lasting examples of malware are worms, such as the slammer worm, which has been around for more than 15 years.

Protecting your site against worms is also very similar to securing it against viruses. Consider using a hosting plan that protects against automated attacks.

9. Botnet

A botnet isn’t malware in the strictest terms, but it often affects the same sites and exploits similar vulnerabilities. In short, a botnet refers to a network of infected devices that can be controlled from a single point. This network can be used to run tasks or to perform Denial-of-Service (DoS) attacks.

The botnet works by attempting to insert its code into targeted websites. When a site is successfully infected, it can be used to perform tasks by an external command center. It basically becomes a remote-controlled robot — one that can be used for malicious purposes.

Many security plugins will protect against injection attacks. This can help prevent your site from becoming part of a botnet. You should also have a means of tracking the activity on your site. This can help you see when injection attacks occur and take measures to fight them before it’s too late.

How to Protect Your WordPress Site Against Malware

We’ve already covered numerous ways of protecting your WordPress site against malware. However, keeping your site secure requires a lot of planning, work, and know-how. Fortunately, you don’t have to go it alone.

Here at DreamHost, we offer tools that can help you safeguard your site. For example, our Malware Remover keeps your site safe from malware by scanning it and removing threats before they can destroy your files.

The Malware Remover is a powerful tool that will help prevent your WordPress site from falling victim to the malware variations we’ve discussed. Some of its key features include:

  • Automated protection. Malware issues will be dealt with and cleaned up automatically.
  • Weekly website scans. Every file on your site is scanned each week to find any vulnerabilities or possible exploits.
  • Software update notices. We track all updates and inform you when you need to upgrade your software.
  • Whitelisting functionality. You can tailor the system to permit specific processes that the remover perceives as false-positive threats.

You can add the Malware Remover to your DreamHost account for just a few extra dollars per month. It’s a perfect complement to the standard security features offered by our hosting plans. Your site will thank you!

Stay Safe Out There

Malware is an ever-present threat to any website owner; it has been since the dawn of the internet. Plus, it’s something you need to stay vigilant about as new types of malware crop up regularly. Fortunately, keeping your site safe is easier than you might expect.

Do you have any questions about protecting your WordPress site against malware or how DreamHost can help? Find us on social and let’s start the conversation!

About the author

Megan Hendrickson

Megan started her career in women's magazines, but after authoring waaaay too many "Walk Off the Weight" columns, she merged into the tech lane. She writes and edits for DreamHost and shares an inordinate amount of WordPress content on Twitter.