Skip to Main Content Skip to bottom Skip to Chat, Email, Text

What is malicious code?

Michael Feder

Written by Michael Feder

Kathryn Uhles

Reviewed by Kathryn Uhles, MIS, MSP, Dean, College of Business and IT

Hands are keyboard overlooking code on a phone screen

Malicious code is a term that describes any piece of code in a system or website that can harm or compromise data stored on a device. In some cases, malicious code can give a hacker access to a protected device. In other cases, malicious code can exploit vulnerabilities to steal sensitive information from a device’s files.

Malware poses a major threat to network security, no matter the size or nature of your business. One form of malware, called ransomware, affected an estimated 90% of surveyed organizations in 2022. Such concerns were expected to remain prevalent in 2023.

Fortunately, there are ways people can protect themselves from malware. Read on to learn more about the different types of malicious code.

Possible effects of malicious code

There are several signs your device might be infected by malicious code. Here are some of them:

  • Slower operating speeds — Your device might take longer to turn on, turn off or load specific browsers, programs or files.
  • Reduced storage space — Your device might show less available storage space, because malicious code is using a good chunk of what’s available.
  • Frequent crashing or freezing — Your device might frequently freeze or unexpectedly close the program you are using.
  • Unwanted or unfamiliar programs — Your device might unexpectedly load programs you didn’t click on. In other cases, you might see programs loading that you’re not familiar with.
  • Pop-up messages or ads — Your device might display random pop-up ads, particularly when you’re using a specific browser or internet-based program.
  • Disabled security solutions — You might notice your security settings or programs are automatically disabled when you turn on your device.
  • Strange desktop icons — You might notice unfamiliar desktop icons for programs you did not download.

These are only some of the signs that malware might be affecting your device’s performance. The exact effects of malware will vary depending on the type of malicious code that has infected your phone, tablet or computer.

Common examples of malicious code

Different types of malware affect devices in different ways with different consequences. While one form might take your files hostage, another might try to find and publicize your payment information.

Identifying different types of malicious code is the first step toward eliminating the code from your device. The faster you diagnose malicious code, the faster you can keep it from affecting your files or the integrity of your device.

Computer viruses

Computer viruses are often triggered by a user action and will spread from one computer to the next, infecting devices and files along the way. Viruses will negatively impact a user’s files or a network router’s hard drive. This usually happens when a virus modifies a device’s existing code and inserts its own code.

Computer viruses can be difficult to fully eliminate since they jump from one program to the next once they infiltrate a device. Your device can become infected by a computer virus after you unknowingly visit a malicious website, open a spam email or download a free software program or game. Once fully active, a computer virus can slow down your device and permanently damage your hard drive — while trying to steal your information.

Trojan horses

Trojan horses first appear as harmless or legitimate computer programs. After a user downloads the program, the Trojan horse releases a payload, or a set of malicious code, that carries out actions for hackers, which can then expose your programs to malicious intent. In many cases, a Trojan horse will explore your files, deleting data while looking for specific information. However, Trojan malware can be designed to do other things as well.

While sifting through your files, a Trojan horse can seriously slow down your computer’s processor. This makes it more difficult to use your device for even simple tasks, like checking email or browsing the internet. In some cases, a Trojan horse can also develop into ransomware — malicious software that blocks access to your device and data until the user pays a ransom.

Logic bombs

A logic bomb is another form of malicious code that is usually dormant until a specific trigger brings it to life. That trigger might be the opening of a file or program. In other cases, it activates after a certain amount of time passes.

Once activated, the malware can quickly compromise your device by releasing all sorts of harmful code. Sometimes, a logic bomb sends harmful spam email to a specific recipient. Others begin deleting files or sending data to hackers.

Keyloggers

A keylogger is a computer program that keeps track of every key you press in order to steal information from your device.

Keyloggers work differently than many other forms of malicious code. Rather than immediately compromising your data or damaging your hard drive, they monitor each key you press. So, every time you type in a password, a credit card number or other sensitive information, the program records the strokes. This information is then delivered to hackers, allowing them access to your information.

Backdoor programs

A backdoor program accesses your device’s files by directly bypassing your security protocols. These programs allow hackers to remotely access your device, using malicious code to negatively affect your hardware and software.

Cybercriminals who use backdoor programs typically want to access higher levels of your device. For example, they might circumvent your security to access your administration panel, which can lead to your otherwise secure information. Once the hacker has gained access to your device, they can install additional malware to inflict further damage.

Spyware

Hackers who use spyware want to secretly monitor your online behavior. This form of malicious code covertly downloads itself onto your device and then begins to gather your information and sends it to hackers.

Spyware requires an internet connection to work properly. It will monitor the specifics of your browsing habits — including your usernames and passwords, downloaded files, frequently browsed sites and other details — before delivering these details to cybercriminals. Criminals can use this information to log in to your accounts under your name and access your files, finances and other resources.

Protecting yourself from malicious code

There are several ways to keep your devices and data safe from malicious code. Here are some common network security practices that can reduce the likelihood of a malware infection:

Install antivirus programs — Download and update high-quality security programs that actively monitor your device for all forms of malicious code.

Run regular malware device scans — Use your antivirus program to run manual scans of your device.

Back up important files — Regularly back up all important files to the cloud to make sure your data is safe in the event of a malware attack.

Avoid public Wi-Fi networks — Stay away from public Wi-Fi networks, unless absolutely necessary, to avoid hackers who might be using the network to access your device or its information.

Keep computer software updated — Update all software to patch vulnerabilities before hackers find ways to exploit them and access your device.

Watch out for suspicious links or attachments — Guard against any links or attachments you receive, particularly if those links are sent from unfamiliar contacts or email addresses.

How to learn more about malware and cybersecurity

Malicious code is constantly evolving. Every year, hackers find new ways to steal or extort information from device users. This trend has led to a significant increase in job opportunities for information security experts.

As of May 2023, careers for information security analysts are projected to grow 32% from 2022 to 2032, according to BLS. That is roughly 16,800 openings projected each year.

Education is the first step toward a meaningful cybersecurity career. To get into cybersecurity, you’ll need to develop skills in areas like systems administration, coding and cloud security.

Depending on your preferred career, you might need to obtain a technology degree in cybersecurity, software development or a related field. Your employer might also request that you complete a cybersecurity-focused certificate program to further enhance skills in vulnerability analysis, wireless security and risk management.

BLS Occupational Employment Projections, 2022-2032 is published by the U.S. Bureau of Labor Statistics. This data reflects BLS’ projections of national (not local) conditions. These data points are not specific to University of Phoenix students or graduates.

Cybersecurity and IT education at University of Phoenix

Whether you’re seeking to gain a basic understanding of cybersecurity and other IT skills, or you’re a working professional looking to expand your knowledge, University of Phoenix offers online course collections, certificates and degrees.

Headshot of Michael Feder

ABOUT THE AUTHOR

A graduate of Johns Hopkins University and its Writing Seminars program and winner of the Stephen A. Dixon Literary Prize, Michael Feder brings an eye for detail and a passion for research to every article he writes. His academic and professional background includes experience in marketing, content development, script writing and SEO. Today, he works as a multimedia specialist at University of Phoenix where he covers a variety of topics ranging from healthcare to IT.

Headshot of Kathryn Uhles

ABOUT THE REVIEWER

Currently Dean of the College of Business and Information Technology, Kathryn Uhles has served University of Phoenix in a variety of roles since 2006. Prior to joining University of Phoenix, Kathryn taught fifth grade to underprivileged youth in Phoenix.

checkmark

This article has been vetted by University of Phoenix's editorial advisory committee. 
Read more about our editorial process.

Read more articles like this: