Malicious code is computer code—a set of instructions for a computer, written in any one of a number of programming languages—that is corrupt or intentionally altered to cause damage to a computer or system. The corrupt code is often embedded within a longer string of code and is crafted to look like a legitimate instruction, making it difficult to spot by manual or automated means, including traditional antivirus tools. Malicious code can occasionally result from a programming error.
Malicious code is generally an auto-executable application, starting its progress when a system, service, or software is booted.
Malicious code can cause many harmful effects, including that it can open backdoors; introduce a virus; steal information; install spyware; damage, delete, or corrupt files or hard drives; wipe data; reformat drives; open remote user access; or otherwise interfere with system operations.
Malicious code is often mistakenly misconstrued as being interchangeable with malware, but "malware" is specifically shorthand for, “malicious software.” However, malicious code can execute web scripts that exploit vulnerabilities to install malware.
Get the DeMISTIfying InfoSec newsletter every Tuesday!