Spyware is a general term used to describe software that performs certain behaviors such as advertising, collecting personal information, or changing the configuration of your computer, generally without appropriately obtaining your consent first.
Spyware is often associated with software that displays ads (called adware) or software that tracks personal or sensitive information.
This is not to say that all programs that serve ads or track your online activities are bad. For example, you can sign up for a free music service, but you “pay” for the service by agreeing to receive targeted advertising. If you understand the terms and agree to them, you may have decided it’s a fair trade-off. You may also agree to allow the Company to track your online activities to determine which ads will be shown to you.
Other types of spyware make changes to your computer that can be annoying and can cause your computer to slow down or crash.
These programs can change your web browsers home page or search page, or add plug-ins to your browser that you don’t need or want. These programs also make it very difficult for you to change your settings back to what they were originally.
The key in all cases is whether or not you (or someone who uses your computer) understand what the software is going to do and have agreed to install the software on your computer.
There are a number of ways that spyware or other unwanted software can get onto your computer. One common trick is to install the program secretly while installing another program you like such as a music or video file sharing program.
Any program that secretly collects user information through a user’s Internet connection without their knowledge, usually for advertising purposes. Spyware applications are usually bundled as a hidden component of freeware or shareware that can be downloaded from the Internet; However, it should be noted that the majority of shareware and shareware applications do not come with SpyWare. Once installed, the spyware monitors the user’s activity on the Internet and transmits this information in the background to someone else. Spyware can also collect information about email addresses and even passwords and credit card numbers
Aside from questions of ethics and privacy, SpyWare steals from the user by using the computer’s memory resources and also by eating bandwidth as it sends information back to the spy ware’s home base via the user’s internet connection. Since SpyWare uses memory and system resources, applications running in the background can lead to system crashes or general system instability.
Because SpyWare exists as standalone executable programs, they have the ability to monitor keystrokes, scan files on your hard drive, snoop into other applications, such as chat programs or word processors, install other SpyWare programs, read cookies, and change the default home page on your computer. Web browser, constantly transmitting this information to the author of SpyWare who will either use it for advertising/marketing purposes or sell the information to another party.
License agreements accompanying software downloads sometimes warn the user that SpyWare will be installed along with the required software, but license agreements may not always be read in full because SpyWare’s installation notice is often worded in bellows, hard-to-read legal disclaimers.
Examples of SpyWare
Popular SpyWare programs illustrate the variety of behaviors found in these attacks. Note that as with computer viruses, researchers give SpyWare programs names that may not be used by their creators. Software may be grouped into “families” based not on common software code, but on common behaviors, or by “pursuing money” from apparent financial or business connections. For example, a number of SpyWare programs distributed by Claria are collectively known as “Gator”. Likewise, programs that are frequently installed together can be described as parts of the same SpyWare package, even if they run separately.
o CoolWebSearch, a suite of programs, that takes advantage of vulnerabilities in Internet Explorer. The package directs traffic to advertisements on websites including coolwebsearch.com. It displays pop-up ads, rewrites search engine results, and changes the infected computer’s hosts file to direct DNS lookups to these sites.
o Internet Optimizer, also known as DyFuCa, redirects Internet Explorer error pages to advertisements. When users follow a broken link or enter the wrong URL, they see an advertisement page. However, since password-protected websites (HTTP basic authentication) use the same HTTP error mechanism, Internet Optimizer makes it impossible for the user to access password-protected websites.
o Zango (formerly 180 Solutions) sends advertisers detailed information about the websites that users visit. It also alters HTTP requests for affiliate ads linked from a website, so that the ads generate unrealized profit for 180 Solutions Company. Opens pop-up ads covering competing companies’ websites.
o HuntBar, also known as WinTools or Adware, WebSearch installed by downloading an ActiveX drive into affiliate websites, or by advertisements displayed by other SpyWare programs – an example of how SpyWare can install more SpyWare. These programs add toolbars to IE, track aggregate browsing behavior, redirect affiliate links, and display ads.
oZlob Trojan, or just Zlob, downloads itself to your computer via an ActiveX codec and sends information to the control server. Some of the information can be like search history, websites you’ve visited, and even keystrokes.