A computer worm is a program that replicates itself and makes use of a PC's network connectivity to transfer a copy of itself to other computers within that network. It is capable of doing this without any input from the user. Worms are distinct from viruses in that they do not require a host program to run, but like viruses, they almost always cause damage to the infected computer.
Video of the Day
An email worms uses a PC's email client to spread itself. It will either send a link within the email that, when clicked, will infect the computer, or it will send an attachment that, when opened, will start the infection. Once the worm is installed, it will search the host computer for any email addresses contained on it. It will then start the process again, sending the worm without any input from the user. A well-known example of this type of worm is the "ILOVEYOU" worm, which infected millions of computers worldwide in 2000.
Internet worms are completely autonomous programs. They use an infected machine to scan the Internet for other vulnerable machines. When a vulnerable machine is located, the worm will infect it and begin the process again. Internet worms are often created to exploit recently discovered security issues on machines that haven't installed the latest operating-system and security updates.
File-sharing Networks Worms
File-sharing worms take advantage of the fact that file-sharers do not know exactly what they are downloading. The worm will copy itself into a shared folder with an unassuming name. When another user on the network downloads files from the shared folder, they will unwittingly download the worm, which then copies itself and repeats the process. In 2004, a worm called "Phatbot" infected millions of computers in this way, and had the ability to steal personal information, including credit card details, and send spam on an unprecedented scale.
Instant Message and Chat Room Worms
These work in a similar way to email worms. The infected worm will use the contact list of the user's chat-room profile or instant-message program to send links to infected websites. These are not as effective as email worms as the recipient needs to accept the message and click the link. They tend to effect only the users of the particular program.