Spyware is a general term used to describe software that performs certain behaviors, such as advertising, collecting personal information, or changing your computer’s settings, usually without first properly obtaining your consent.
Spyware is often associated with software that displays advertisements (called adware) or software that tracks personal or sensitive information.
That doesn’t mean that all software that serves ads or tracks your online activities is bad. For example, you may subscribe to a free music service, but you “pay” for the service by agreeing to receive targeted advertisements. If you understand the terms and agree to them, you may have decided that this is fair compensation. You can also agree to allow the Company to track your online activities to determine which advertisements to show you.
Other types of spyware make changes to your computer that can be annoying and can cause your computer to slow down or crash.
These programs can change your web browser’s home page or search page, or add additional components to your browser that you don’t need or want. These programs also make it very difficult for you to change your settings back to the way you originally had them.
The key in all cases is whether or not you (or someone using your computer) understand what the software will do and whether or not you have agreed to install it on your computer.
There are several ways that spyware or other unwanted software can get onto your computer. A common trick is to covertly install software during the installation of other software you want, such as a music or video file sharing program.
Any software that covertly collects user information through the user’s Internet connection without their knowledge, usually for advertising purposes. Spyware applications are usually included as a hidden component of freeware or shareware programs that can be downloaded from the Internet; however, it should be noted that most shareware and freeware applications do not come with SpyWare. Once installed, Spyware monitors the user’s Internet activity and transmits that information in the background to someone else. Spyware can also collect information about email addresses and even passwords and credit card numbers.
Aside from ethics and privacy issues, SpyWare steals from the user by using the computer’s memory resources and also consuming bandwidth when it sends information to the spyware’s home base through the user’s Internet connection. Because SpyWare uses memory and system resources, applications running in the background can cause system crashes or general system instability.
Because SpyWare exists as stand-alone executable programs, they have the ability to monitor keystrokes, scan files on your hard drive, snoop on other applications such as chat programs or word processors, install other SpyWare programs, read cookies, change the default home page in the Web Browser, constantly transmitting this information to the SpyWare author, who will use it for advertising/marketing purposes or sell the information to a third party.
License agreements accompanying software downloads sometimes advise the user that a SpyWare program will be installed along with the requested software, but the license agreements may not always be fully read because the notice of a SpyWare installation it is often obtusely worded and difficult to understand. read the legal notices.
Spyware Examples
These common SpyWare programs illustrate the diversity of behavior found in these attacks. Keep in mind that, just like computer viruses, researchers give SpyWare programs names that cannot be used by their creators. Programs can be grouped into “families” based not on shared program code, but on common behaviors, or by “following the money” from apparent financial or business connections. For example, various SpyWare programs distributed by Claria are collectively known as “Gator”. Also, programs that are installed together can often be described as parts of the same SpyWare package, even if they work separately.
o CoolWebSearch, a group of programs, exploits vulnerabilities in Internet Explorer. The package directs traffic to ads on websites, including coolwebsearch.com. It displays pop-up ads, rewrites search engine results, and alters the infected computer’s hosts file to direct DNS lookups to these sites.
o Internet Optimizer, also known as DyFuCa, redirects Internet Explorer error pages to advertisements. When users follow a broken link or enter the wrong URL, they see a page of ads. However, since password-protected websites (HTTP Basic Authentication) use the same mechanism as HTTP errors, Internet Optimizer makes it impossible for the user to access password-protected sites.
o Zango (formerly 180 Solutions) transmits detailed information to advertisers about the websites users visit. It also alters HTTP requests for affiliate ads linked from a website so that the ads generate unearned revenue for 180 Solutions Company. Opens pop-up ads that cover the websites of competing companies.
or HuntBar, also known as WinTools or Adware, WebSearch was installed by automatic ActiveX download on affiliated websites or by advertisements displayed by other SpyWare programs, an example of how SpyWare can install more SpyWare. These programs add toolbars to IE, track aggregate browsing behavior, redirect affiliate referrals, and display ads.
oZlob Trojan, or simply Zlob, is downloaded to your computer via the ActiveX codec and sends information to the control server. Some of the information can be your search history, the websites you visited, and even your keystrokes.