Tips and Tricks

The ABC of Cybersecurity: W is for Worm

It was a cold November night just as you would expect for that time of the year in the northern part of Romania. The office that is otherwise full with reverse engineers and malware analysts is now occupied by a handful of people working the night shift, answering support tickets and monitoring the infrastructure.

Suddenly, the real time threat monitoring system in the nearly empty Bitdefender office starts blinking red as reports of a new epidemic keep coming from all parts of the world. The malware analysts on site go into alert mode and summon all available staff for intervention. Half an hour late, the office is humming with chatter as reverse engineers start digging into the threat that is wreaking havoc across the Internet. It was the “birthnight” of the Conficker worm – a cyber-threat that compromised nearly 15 million computers in less than four months.

What is a computer worm?

What started out as an innocent university project has now become a malicious, self-replicating malware that immediately spreads itself throughout your entire network, without any interference from you or another program.

Introducing the computer worm. Worms spread from one computer to another by exploiting vulnerabilities in the operating system. They can include “payloads” which steal personal data, create backdoors for hackers to control the system remotely, or delete files. Criminals then use the compromised computer to send spam campaigns or attack institutions, including government organizations.

It’s not difficult for users to get infected because modern worms are more evolved than their 80s counterparts. Because they automatically propagate across the wires, the user rarely has any part in the spreading process other than leaving their systems unpatched or previewing an e-mail message. Other worms spread from infected USB to clean computers by leveraging the operating system’s Autorun function – a feature that allows the operating system to automatically execute an application when a removable drive is plugged in. This feature was so frequently abused over time that it has been discontinued after Windows XP.

Worms offer many opportunities to create damage worth millions. The notorious Stuxnet, Duqu and Flame have wormable components  created by governments to infiltrate foreign networks to spy and steal confidential information.

How to keep safe from worms

Worms are invisible, which makes them very difficult to detect. Some hints could be that your computer is very slow and unresponsive, that it is missing files or sending out spam to your contacts,  but it’s better to be safe than sorry. If you’ve been infected with a computer worm, disconnect from the internet so that it doesn’t use your network to spread to other computers. Run a scan and remove the malware. If you’re dealing with a sophisticated worm and you’re not very techy, call a specialist to help you out.

There are some simple steps to keep a clean infrastructure and avoid dealing with worms. First of all, install security software on all your devices and regularly update it. Never open emails and attachments from people you don’t know and don’t click on suspicious links. To detect vulnerabilities and potential infected files, run scans frequently.

The security software solution alone can’t do all the work so it’s also your job to pay close attention to what you download or click on. Just as you wouldn’t let a stranger into your home, don’t download files from unknown sources.

About the author


The meaning of Bitdefender’s mascot, the Dacian Draco, an ancient symbol that depicts a mythical animal with a wolf’s head and a dragon’s body, is “to watch” and to “guard with a sharp eye.” Like our mascot, we are committed to using Bitdefender Labs, our world-class research team, to vigilantly find and eradicate threats for our customers, and to use our platform for the larger good.

1 Comment

Click here to post a comment
  • I totally agree with this article, a worm can root itself deep within your computer if you don't take proper precautions against this strain of malware. Worms can arguably be one of the most dangerous types of malware because of its coding and the purpose behind its design.

    Another thing is that, specific purpose of a computer worm varies depending on its code, in general a worm will usually make copies of itself so it can spread to other computers without anybody knowing. It can send email using an address book stored on the computer and it can inconspicuously open TCP ports to create holes in your security.

    Definitely people should learn to avoid harming their computer with these worms & viruses like, by keeping their antivirus updated & having an endpoint security software, blocking executable file types that often carry malware which are received through emails or from internet, having a proper backup of data on separate devices, using firewall on all the computers which are connected to network.