How Do Computer Viruses Spread? Learn Today

Published by Adrian in Web Security

Illustration of How Do Computer Viruses Spread?

Computer viruses make for a broad discussion topic. Because of that, we often talk about it, though we rarely get to insist on this particular aspect of how they spread. We sum it up to one sentence, which is true, after all: you can get viruses by surfing the web, downloading files, opening email attachments or connecting to public Wi-Fis.

But is that really all there is to know on how do computer viruses spread?

If you put it this way, it appears that suffices to go online and viruses will jump out at you. That isn’t the case!

Now, despite caution being a top prevention measure, knowing the details of how you can get infected with computer viruses helps A LOT. The way we see it, the more you know about it…

  • The better you can protect against it;
  • The more capable to act proactively about it you become;
  • And the happier you will be with any computer-related experience you are about to get into.

Truth is that many hackers still rely on people’s ignorance.

To many of them, it doesn’t take much science to infect computers, but rather a set of tricks and the ability to explore that common, general ignorance.

For these reasons, we’re going to take an in-depth look at how computer viruses spread. And we’re going to show you both the general, access points or means, and the particular steps that lead to virus infection.

Knowing what to look for and particularly paying attention to it all will put you in a much better position. A more educated, safer position as a computer and internet user. So, let’s delve into it!

One of the two essential aspects of computer viruses: how they spread

Asking yourself what’s the other essential aspect? It’s how they multiply.

As discussed in a previous article, there are all kinds of viruses into the wild. And since they are defined by their malicious intent, each one can do a different thing. The only two aspects that they all have in common are the ability to replicate and to spread.

From this perspective, computer viruses are strikingly similar to biological viruses. Perhaps that’s how they got their names, after all. Biological viruses lie around until they find a host and can only replicate inside a human host cell. After that, they begin their viral replication, infecting other hosts as well. That’s precisely what computer viruses do, too!

A computer virus isn’t just designed to do harm, whatever that may be.  It is also designed to self-replicate and then spread to other devices, so that its damaging impact to get as high as possible. Still, to do all that, it needs some kind of programming support, whether it’s a file, a document, or whatever.

Computer virus spreading – on your device or on others?

That’s right, virus spreading goes on two directions, according to how it was conceived from the very beginning. Before we detail it, we should mention that prior to being able to do anything at all, viruses need to be activated.

The transfer support chosen by the virus needs to be used on the device before the virus itself can actually start spreading. Simply downloading the file or the document that carried the virus won’t necessarily lead to activating it. Though, in many instances, it’s only a matter of time before you do that.

When you activate it, meaning you either open the file or execute the program, different things can happen…

Every single virus must execute itself (run its code and do the harm it was meant to do) and then replicate itself. The execution is all about placing its malicious code in the path of the host’s code.

When the user tries to access the host, the process of executing the code of that file will automatically lead to executing the code of the virus. That means the virus was activated and it can do its job.

At first, the virus will duplicate itself within the files or documents it finds on the device. It all depends on what the hacker programmed it to do. For instance, it could copy itself into other files or into other areas of the hard disk. Some viruses load themselves into the system memory or into an external storage device (like an USB), while others aim straight at the boot sector.

Unfortunately, viruses can take into endless directions once you lose them wild. And while they spread, they can infect anything from desktop devices to mobile devices, network servers and network infrastructures.

And so, computer viruses can be spread by…

Remember that first sentence we mentioned at the beginning of this article, about how we usually sum up the answer to how do computer viruses spread? Well, it is trying to synthesize something. Long story short, computer viruses can be spread by one of the following three main ways:

  1. Infected removable media inserted into your device;
  2. Infected third-party software downloaded from the internet;
  3. Infected e-mail attachments or links that you click on.

For these reasons, some would tell you that avoiding viruses is pretty simple. You just need to be cautious whenever you use the internet or download files. And you must only open links and attachments from persons you know and from messages and contexts you trust.

It goes without saying, downloading email attachments (or any kind of files) that arrive at you as a surprise (as in you weren’t supposed to receive it or you really don’t know what’s it about) are actions to avoid at all costs!

Yet despite all that, practice shows us that particularly because we live in this super-connected world, it’s much, much harder to stay safe.

Illustration of how computer viruses can be spread

Computer viruses can be spread by many different channels

Knowing that viruses can be spread through e-mail is not enough. And yes, a virus can spread through a network too. Just like it can spread through:

  • Text message attachments – sent by an user without even knowing that the attached file was infected
  • Text message attachments – sent by viruses that have hijacked a particular email account
  • Email messages with embedded, ready-to-execute JavaScript or HTML code
  • Files downloaded from anywhere from the web – usually from some kind of infected code repository, but sometimes even from a compromised app store
  • PDF or MS Office files with infected macro applications embedded
  • Social media links that you’re getting even from your friends
  • Shady apps purchased from unknown developers
  • Web browsers with infected JavaScript code written in it
  • Websites with infected links embedded
  • A wide range of socially-shareable items: audio/video files, funny images, greeting cards etc.
  • Computer networks
  • Fake programs, also known as Trojans (because they pretend to be something that they’re not and release the virus when you launch it)
  • USB flash drives, in particular, but any other external media out there, in general.

In our article about computer virus names, we mentioned that some people prefer to split all the viruses out there into two main categories, depending on which part of a system they infect: program viruses and boot-sector viruses.

A virus meant to infect program files will be developed as a program virus and spread via a file with one of the following extensions: .COM or .EXE, .DLL, .SYS, .BIN, .OLV or .DRV, sometimes even . BAT.

A virus meant to infect the boot sector will be developed as a boot-sector virus and spread via removable storage devices. Once upon a time, it was the floppy disk, but today it’s the removable hard drive or the USB drive.

In case you were wondering, yes, there are also viruses that can be spread as either an infected file or an infected drive. Those are multipartite viruses and can spread through any of the channels we just mentioned.

A few words about worms and how they spread

By definition, a computer worm is a program with the ability to self-replicate and that relies on a PC’s network connection to infect other PCs. Problem is, however, that, as opposed to viruses, that wait for the user to activate them, worms don’t need you to do anything! They don’t need a host program to run, but their negative effects are just as concerning as the ones of viruses, if not even more, since they can travel so fast!

Aside from computer worms, that spread through a network, there are also:

  • Email worms – those ones will take over whatever email client you have installed and use it to send infected links or infected attachments to the persons in your email agenda. ILOVEYOU is one of the most notorious email worms ever released!
  • Internet worms – independent programs, entirely autonomous, they infiltrate into whatever machine and then use it to scan the web and identify other machines with a common vulnerability. Most often, it’s the devices that don’t have the latest OS and security patches installed that fall victim to internet worms.
  • File-sharing worms – will travel along with files that you download from the web or even within network shareable folders. Can spread very fast, with literally anything that you download from the web (or from a local network) that has been previously infected. And they can do anything from sending spam in your name to stealing personal or financial information!
  • Chat-room and IM worms – usually infiltrate in a specific chat option and start sending messages with infected links. To get to other devices, these worms would need the user who gets the message within the chat room or instant messaging app to click on the link.

As a short recap…

Sadly, like any of our previous discussions about computer viruses, the conclusion is not very encouraging. You’ve learned today that computer viruses can spread in oh-so-many ways. If you need to keep a few categories in mind, categories you should always pay particular attention to, we strongly suggest you to be aware of:

  1. Rogue websites
  2. Online ads
  3. Social media channels
  4. Social media chats
  5. Phishing emails
  6. Infected boot disks
  7. External devices
  8. Anything offered to you for free, regardless from where!

Keep this in mind, along with the fact that staying away from them will only protect you from computer viruses! But there are also computer worms out there, worms that don’t need you to do anything for them to do everything!

And so, as always, you’re better with the best antivirus protection that you can afford! Don’t ignore that one or you’ll regret later!