Malware in the context of "Stuxnet"

In Greek mythology, the Trojan Horse (Greek: δούρειος ίππος, romanized: doureios hippos, lit. 'wooden horse') was a wooden horse said to have been used by the Greeks during the Trojan War to enter the city of Troy and win the war. The Trojan Horse is not mentioned in Homer's Iliad, with the poem ending before the war is concluded, and it is only briefly mentioned in the Odyssey. It is described at length in the Aeneid, in which Virgil recounts how, after a fruitless ten-year siege, the Greeks constructed a huge wooden horse at the behest of Odysseus, and hid a select force of men inside, including Odysseus himself. The Greeks pretended to sail away, and the Trojans pulled the horse into their city as a victory trophy. That night, the Greek force crept out of the horse and opened the gates for the rest of the Greek army, which had sailed back under the cover of darkness. The Greeks entered and destroyed the city, ending the war.

Metaphorically, a "Trojan horse" has come to mean any trick or stratagem that causes a target to invite a foe into a securely protected bastion or place. A malicious computer program that tricks users into willingly running it is also called a "Trojan horse" or simply a "Trojan".

In computing, a trojan horse (or simply trojan; often capitalized, but see below) is a kind of malware that misleads users as to its true intent by disguising itself as a normal program.

Trojans are generally spread by some form of social engineering. For example, a user may be duped into executing an email attachment disguised to appear innocuous (e.g., a routine form to be filled in), or into clicking on a fake advertisement on the Internet. Although their payload can be anything, many modern forms act as a backdoor, contacting a controller who can then have unauthorized access to the affected device. Ransomware attacks are often carried out using a trojan.

The term cuckoo's egg is a metaphor for brood parasitism, where a parasitic bird deposits its egg into a host's nest, which then incubates and feeds the chick that hatches, even at the expense of its own offspring. That original biological meaning has been extended to other uses, including one which references spyware and other pieces of malware.

Free and open-source software (FOSS) is software available under a license that gives users the right to use, share, modify, and distribute the software – modified or not – to everyone and provides the means to exercise those rights using the software's source code. FOSS is an inclusive umbrella term encompassing free software and open-source software. The rights guaranteed by FOSS originate from the "Four Essential Freedoms" of The Free Software Definition and the criteria of The Open Source Definition. All FOSS can have publicly available source code, but not all source-available software is FOSS. FOSS is the opposite of proprietary software, which is licensed restrictively or has undisclosed source code.

The historical precursor to FOSS was the hobbyist and academic public domain software ecosystem of the 1960s to 1980s. Free and open-source operating systems such as Linux distributions and descendants of BSD are widely used, powering millions of servers, desktops, smartphones, and other devices. Free-software licenses and open-source licenses have been adopted by many software packages. Reasons for using FOSS include decreased software costs, increased security against malware, stability, privacy, opportunities for educational usage, and giving users more control over their own hardware.

A computer virus is a type of malware that, when executed, replicates itself by modifying other computer programs and inserting its own code into those programs. If this replication succeeds, the affected areas are then said to be "infected" with a computer virus, a metaphor derived from biological viruses.

Computer viruses generally require a host program. The virus writes its own code into the host program. When the program runs, the written virus program is executed first, causing infection and damage. By contrast, a computer worm does not need a host program, as it is an independent program or code chunk. Therefore, it is not restricted by the host program, but can run independently and actively carry out attacks.

An exploit is a method or piece of code that takes advantage of vulnerabilities in software, applications, networks, operating systems, or hardware, typically for malicious purposes.The term "exploit" derives from the English verb "to exploit," meaning "to use something to one’s own advantage."Exploits are designed to identify flaws, bypass security measures, gain unauthorized access to systems, take control of systems, install malware, or steal sensitive data.While an exploit by itself may not be a malware, it serves as a vehicle for delivering malicious software by breaching security controls.

Researchers estimate that malicious exploits cost the global economy over US$450 billion annually.In response to this threat, organizations are increasingly utilizing cyber threat intelligence to identify vulnerabilities and prevent hacks before they occur.

A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. It often uses a computer network to spread itself, relying on security failures on the target computer to access it. It will use this machine as a host to scan and infect other computers. When these new worm-invaded computers are controlled, the worm will continue to scan and infect other computers using these computers as hosts, and this behavior will continue. Computer worms use recursive methods to copy themselves without host programs and distribute themselves based on exploiting the advantages of exponential growth, thus controlling and infecting more and more computers in a short time. Worms almost always cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.

Many worms are designed only to spread, and do not attempt to change the systems they pass through. However, as the Morris worm and Mydoom showed, even these "payload-free" worms can cause major disruption by increasing network traffic and other unintended effects.

Cyberweapons are commonly defined as malware agents employed for military, paramilitary, or intelligence objectives as part of a cyberattack. This includes computer viruses, trojans, spyware, and worms that can introduce malicious code into existing software, causing a computer to perform actions or processes unintended by its operator.