VeraCrypt

Documentation >> Security Requirements and Precautions >> Malware

Malware

The term 'malware' refers collectively to all types of malicious software, such as computer viruses, Trojan horses, spyware, or generally any piece of software (including VeraCrypt or an operating system component) that has been altered, prepared, or can be controlled, by an attacker. Some kinds of malware are designed e.g. to log keystrokes, including typed passwords (such captured passwords are then either sent to the attacker over the Internet or saved to an unencrypted local drive from which the attacker might be able to read it later, when he or she gains physical access to the computer). If you use VeraCrypt on a computer infected with any kind of malware, VeraCrypt may become unable to secure data on the computer.* Therefore, you must not use VeraCrypt on such a computer.
It is important to note that VeraCrypt is encryption software, not anti-malware software. It is your responsibility to prevent malware from running on the computer. If you do not, VeraCrypt may become unable to secure data on the computer.
There are many rules that you should follow to help prevent malware from running on your computer. Among the most important rules are the following: Keep your operating system, Internet browser, and other critical software, up-to-date. In Windows XP or later, turn on DEP for all programs.** Do not open suspicious email attachments, especially executable files, even if they appear to have been sent by your relatives or friends (their computers might be infected with malware sending malicious emails from their computers/accounts without their knowledge). Do not follow suspicious links contained in emails or on websites (even if the email/website appears to be harmless or trustworthy). Do not visit any suspicious websites. Do not download or install any suspicious software. Consider using good, trustworthy, anti-malware software.



* In this section (Malware), the phrase "data on the computer" means data on internal and external storage devices/media (including removable devices and network drives) connected to the computer.
** DEP stands for Data Execution Prevention. For more information about DEP, please visit https://support.microsoft.com/kb/875352 and http://technet.microsoft.com/en-us/library/cc700810.aspx.