Viruses:

File infectors: These viruses attach themselves to executable files and propagate
by infecting other files.
Macro viruses: Target macros in documents, spreadsheets, etc., and can execute
malicious code when the document is opened.
Boot sector viruses: Infect the boot sector of storage devices, enabling them to
execute when the system boots up.
Multipartite viruses: Infect both files and boot sectors to maximize their spread
and persistence.
Polymorphic viruses: Constantly mutate to evade detection by antivirus programs.
Metamorphic viruses: Rewrite themselves entirely upon replication, altering their
code structure.
Retro viruses: Target antivirus software, aiming to disable or evade them.
Resident viruses: Embed themselves in system memory, allowing them to execute
whenever the infected system runs.

Worms:
Email worms: Spread through email attachments or links and can replicate themselves
automatically.
Internet worms: Exploit vulnerabilities in network services or protocols to spread
across the internet.
Network worms: Propagate through network shares or vulnerabilities, infecting
connected systems.
File-sharing worms: Utilize peer-to-peer file-sharing networks to spread and infect
other users' devices.

Trojans:
Backdoor Trojans: Create a backdoor on the infected system, allowing unauthorized
access.
Rootkit Trojans: Conceal malicious activities by manipulating system functions at
the root level.
Banking Trojans: Steal sensitive financial information such as login credentials or
credit card details.
Remote Access Trojans (RATs): Enable remote control of infected systems, often used
for surveillance or data theft.
Keylogger Trojans: Record keystrokes to capture sensitive information like
passwords.
FakeAV Trojans: Mimic legitimate antivirus software to trick users into installing
malware.
Game-thief Trojans: Target online gaming accounts, stealing credentials or in-game
items.
DDoS Trojans: Coordinate infected devices to launch Distributed Denial of Service
attacks on target systems.
Infostealer Trojans: Specifically designed to steal personal or sensitive
information from infected systems.

Ransomware:
Encrypting ransomware: Encrypts files on the victim's system and demands payment
for decryption.
Locker ransomware: Locks the victim out of their system or files without
encryption, demanding payment for access restoration.
Master Boot Record (MBR) ransomware: Infects the Master Boot Record of a system,
preventing it from booting until a ransom is paid.
Mobile ransomware: Targets mobile devices, encrypting files or locking the device
until a ransom is paid.
Ransomware as a Service (RaaS): Allows cybercriminals to use ransomware with
minimal technical expertise, often through a subscription-based model.
Scareware: Displays fake warnings or alerts to intimidate users into paying for
unnecessary or fake services.

Spyware:
Adware: Displays unwanted advertisements or redirects users to advertising sites.
Tracking cookies: Monitor user activities across websites for targeted advertising
or data collection purposes.
System monitors: Record system activity, including keystrokes, browsing history,
and application usage.
Trojans with spyware capabilities: Trojan horses equipped with spying
functionalities like keylogging or screen capturing.

Adware:
Browser hijackers: Modify browser settings, redirecting users to sponsored websites
or search engines.
Pop-up ads: Generate intrusive advertisements, often appearing as pop-up windows.
Malicious toolbars: Install browser toolbars that display advertisements or collect
user data without consent.
Ad-supported software: Free software bundled with advertisements or sponsored
content, often generating revenue for the developer through ad clicks or
impressions.

Rootkits:
Firmware rootkits: Infect firmware components like BIOS or UEFI, allowing
persistence and control over infected systems.
Hardware or firmware rootkits: Manipulate hardware components or firmware to evade
detection and maintain control.
Hypervisor or virtual machine-based rootkits: Target virtualized environments,
compromising the underlying hypervisor to gain control over virtual machines.
Kernel rootkits: Tamper with the operating system kernel to conceal malicious
activities and maintain privileged access.
User-mode or application rootkits: Modify user-level processes or applications to
hide malware presence and maintain persistence.

Botnets:
Zombie networks: Compromise multiple devices, forming a network of bots controlled
by a central command server.
Command and Control (C&C) servers: Direct botnet activities, issuing commands to
compromised devices for various malicious purposes.
Botnet agents or zombies: Infected devices within a botnet, capable of carrying out
commands from the C&C server, such as launching DDoS attacks or sending spam
emails.

Logic Bombs:
Time bombs: Trigger at a specific time or date to execute malicious actions, such
as data deletion or system disruption.
Event-dependent logic bombs: Activate based on specific conditions or events, such
as the termination of an employee's contract, to cause damage or disruption.

Scareware:
Fake antivirus software: Displays false alerts claiming the system is infected,
prompting users to purchase fake security solutions.
Fake system optimizers: Claim to improve system performance but often perform
unnecessary or harmful actions, such as deleting critical files or installing
additional malware.
Fake security software: Mimics legitimate security tools but lacks actual
protective capabilities, aiming to deceive users into paying for useless services.

Fileless Malware:
Memory-based malware: Executes directly from system memory, leaving little to no
trace on disk, making detection and removal challenging.
PowerShell-based malware: Utilizes PowerShell scripting language to execute
malicious commands or download additional payloads.
Script-based malware: Relies on scripting languages like JavaScript or VBScript to
perform malicious actions, often delivered via email attachments or compromised
websites.

Polymorphic Malware:
Self-changing malware: Alters its code or appearance with each iteration to evade
signature-based detection mechanisms.
Metamorphic malware: Completely rewrites its code upon replication, changing its
structure while preserving functionality to avoid detection.

Mobile Malware:
Android malware: Targets Android devices, often through malicious apps distributed
via third-party app stores or phishing.
iOS malware: Affects iPhones and iPads, typically through jailbroken devices or
malicious apps sideloaded from unofficial sources.
SMS trojans: Spread through text messages, often tricking users into installing
malicious apps or subscribing to premium services without their consent.
Mobile ransomware: Encrypts files or locks devices, demanding ransom for decryption
or access restoration.

Macro Malware:
Microsoft Office macro malware: Exploits macro functionality in Microsoft Office
documents to execute malicious code when opened.
Malicious macros in documents: Embedded in documents to perform various malicious
actions, such as downloading additional malware or stealing data.

Exploits:
Browser exploits: Target vulnerabilities in web browsers to execute malicious code,
often through drive-by downloads or malicious websites.
Operating system exploits: Exploit weaknesses in operating systems to gain
unauthorized access, escalate privileges, or execute arbitrary code.
Software exploits: Target vulnerabilities in third-party software applications to
compromise systems or install malware.
Zero-day exploits: Exploit previously unknown vulnerabilities, providing attackers
with a window of opportunity before patches or defenses are available.

Phishing Malware:
Phishing emails: Deceptive emails that mimic legitimate entities to trick users
into divulging sensitive information, clicking on malicious links, or downloading
attachments containing malware.
Phishing websites: Fake websites designed to impersonate legitimate ones, aiming to
steal login credentials or financial information.
Spear phishing: Highly targeted phishing attacks tailored to specific individuals
or organizations, often using personalized information to increase credibility and
effectiveness.

Scam Malware:
Tech support scams: Deceptive tactics used to trick users into believing their
computer is infected, leading them to pay for unnecessary services or installing
malicious software.
IRS scams: Impersonate tax authorities, threatening victims with legal action or
fines to extort money or sensitive information.
Fake antivirus scams: Present false alerts claiming the system is infected and
prompt users to purchase fake antivirus software.
Lottery scams: Notify victims of fake lottery winnings, requiring them to pay fees
or taxes upfront to claim the prize, which doesn't exist.

Drive-by Downloads:
Malicious redirects: Redirect users from legitimate websites to malicious ones,
often hosting exploit kits or malware downloads.
Malvertising: Distribute malware through online advertisements displayed on
legitimate websites, exploiting vulnerabilities in ad networks or browsers.
Watering hole attacks: Compromise websites frequented by target individuals or
organizations, infecting visitors with malware to gain unauthorized access or steal
data.

Droppers:
Downloader Trojans: Download and install additional malware onto infected systems,
often acting as a first-stage payload.
Binder Trojans: Bind malicious code with legitimate files or applications to evade
detection and execute alongside trusted processes.
Malicious scripts: Execute scripts, often delivered via email attachments or
compromised websites, to download and execute malware payloads on target systems.

PUPs (Potentially Unwanted Programs):

Adware: Display unwanted advertisements or redirect users to advertising sites,
potentially compromising user privacy and system performance.
Browser hijackers: Modify browser settings to control search results or homepage,
redirecting users to sponsored websites or search engines without consent.
Toolbars: Install browser toolbars that display advertisements, collect user data,
or modify browser behavior without clear user consent.
System optimizers: Claim to improve system performance but may perform unnecessary
or harmful actions, such as deleting critical files or installing additional
unwanted software.

Cryptocurrency Miners (Cryptojacking):

Browser-based cryptojacking: Exploit browser vulnerabilities or inject malicious
scripts into websites to hijack visitors' computing resources for cryptocurrency
mining.
File-based cryptojacking: Install malware on target systems to secretly mine
cryptocurrencies using the infected device's resources.
Worm-based cryptojacking: Spread across networks or the internet to infect and co-
opt multiple devices for cryptocurrency mining purposes.

Firmware Malware:
BIOS/UEFI malware: Infect firmware components like BIOS or UEFI to gain persistence
and control over infected systems, often challenging to detect and remove.
HDD firmware malware: Manipulate hard drive firmware to conceal malicious
activities or evade detection by security software.
Router firmware malware: Infect network routers or other network devices to
intercept traffic, steal data, or perform other malicious activities within a
network.

IoT (Internet of Things) Malware:

Mirai botnet: Infects IoT devices, such as cameras and routers, to create a botnet
used for large-scale DDoS attacks.
BrickerBot: Targets insecure IoT devices, permanently damaging them to prevent
further exploitation by other malware or botnets.
VPNFilter: Infects routers and network-attached storage (NAS) devices, allowing
attackers to spy on traffic, steal credentials, or launch attacks.

AI-Based Malware:
Generative Adversarial Networks (GAN) malware: Utilizes AI techniques to generate
and modify malware variants, evading detection by traditional security measures.
AI-driven phishing attacks: Employ machine learning algorithms to craft convincing
phishing emails or messages tailored to individual targets, increasing the
likelihood of successful attacks.
AI-powered malware detection evasion: Develops evasion techniques based on AI to
bypass machine learning-based security solutions, adapting to evolving detection
methods.

Advanced Persistent Threats (APTs):

Stuxnet: Infamous malware designed to sabotage Iran's nuclear program, targeting
industrial control systems (ICS) and causing physical damage to centrifuges.
Flame: Sophisticated espionage malware targeting Middle Eastern countries, capable
of collecting sensitive information and remotely controlling infected systems.
Duqu: Believed to be related to Stuxnet, Duqu is an information-stealing malware
used in targeted attacks against organizations for espionage purposes.
Equation Group: A highly sophisticated cyber-espionage group believed to be
associated with the NSA, known for developing advanced malware tools for
intelligence-gathering operations.

File Extension Malware:

.exe malware: Executable files containing malicious code, often used to deliver
various types of malware payloads.
.dll malware: Dynamic Link Library files containing malicious code, which can be
injected into legitimate processes to execute malicious actions.
.bat malware: Batch script files used to automate tasks, often abused to execute
malicious commands or download additional malware.
.scr malware: Screen saver files that execute malicious code when activated, often
used to trick users into opening infected files.

Scam Malware:
Tech support scams: Deceptive tactics used to trick users into believing their
computer is infected, leading them to pay for unnecessary services or installing
malicious software.
IRS scams: Impersonate tax authorities, threatening victims with legal action or
fines to extort money or sensitive information.
Fake antivirus scams: Present false alerts claiming the system is infected and
prompt users to purchase fake antivirus software.
Lottery scams: Notify victims of fake lottery winnings, requiring them to pay fees
or taxes upfront to claim the prize, which doesn't exist.
Man-in-the-Middle (MitM) Attacks:

SSL stripping: Downgrades secure HTTPS connections to unencrypted HTTP, allowing

attackers to intercept and modify transmitted data.
Session hijacking: Steals active session identifiers to impersonate legitimate
users and gain unauthorized access to accounts or systems.
Wi-Fi eavesdropping: Monitors wireless network traffic to intercept sensitive
information, such as login credentials or financial data.
DNS Hijacking:

DNS changer malware: Modifies DNS settings on infected devices to redirect users to
malicious websites or phishing pages.
DNS spoofing: Manipulates DNS responses to redirect users to malicious servers,
enabling various attacks, such as phishing or malware distribution.
Browser Malware:

Search hijackers: Modify browser settings to control search results or homepage,

redirecting users to sponsored websites or search engines without consent.
Browser toolbars: Install browser toolbars that display advertisements, collect
user data, or modify browser behavior without clear user consent.
Browser hijackers: Modify browser settings to redirect users to malicious websites
or display unwanted advertisements, compromising user privacy and system
performance.