Spyware is a general term used to describe software that performs certain behaviors, such as advertising, collecting personal information, or changing your computer settings, usually without first obtaining your consent in a proper manner.
Spyware is often associated with software that displays advertisements (called adware) or software that tracks personal or confidential information.
That doesn’t mean that all software that serves ads or tracks your online activities is bad. For example, you can subscribe to a free music service, but “pay” for the service by agreeing to receive targeted advertisements. If you understand and agree to the terms, you may have decided that this is fair compensation. You can also agree to have the business track your online activities to determine which ads to show you.
Other types of spyware make changes to your computer that can be annoying and can cause your computer to slow down or crash.
These programs may change the home page or search page of your web browser, or add additional components to your browser that you do not need or want. These programs also make it very difficult to change your settings back to the way they were originally.
The key in all cases is whether or not you (or someone who uses your computer) understand what the software will do and have agreed to install the software on your computer.
There are several ways that spyware or other unwanted software can enter your computer. A common trick is to install the software covertly while installing other software you want, such as a music or video file sharing program.
Any software that covertly collects user information through the user’s internet connection without their knowledge, usually for advertising purposes. Spyware applications are typically included as a hidden component of freeware or shareware that can be downloaded from the Internet; however, it should be noted that most shareware and freeware applications do not come with SpyWare. Once installed, spyware monitors user activity on the Internet and transmits that information in the background to someone else. Spyware can also collect information about email addresses and even passwords and credit card numbers.
Aside from ethics and privacy issues, SpyWare robs the user by utilizing the computer’s memory resources and also consuming bandwidth as it sends information to the spyware home base through the user’s internet connection. . Because SpyWare uses memory and system resources, applications running in the background can cause system crashes or general system instability.
Because SpyWare exists as standalone executable programs, they have the ability to monitor keystrokes, scan files on the hard drive, spy on other applications, such as chat programs or word processors, install other SpyWare programs, read cookies, change the Default home page in the Web Browser, constantly transmitting this information to the SpyWare author, who will use it for advertising / marketing purposes or sell the information elsewhere.
The license agreements that accompany software downloads sometimes advise the user that a SpyWare program will be installed along with the requested software, but the license agreements may not always be read in their entirety because the notice of an installation of SpyWare often expresses itself in obtuse and hard-to-read terms for legal disclaimers.
SpyWare Examples
These common SpyWare programs illustrate the diversity of behaviors found in these attacks. Note that, as with computer viruses, researchers give SpyWare programs names that may not be used by their creators. Programs can be grouped into “families” based not on shared program code, but on common behaviors, or “following the money” of apparent financial or business connections. For example, several of the SpyWare programs distributed by Claria are collectively known as “Gator”. Similarly, programs that are installed together can often be described as parts of the same SpyWare package, even if they work separately.
o CoolWebSearch, a group of programs, exploits vulnerabilities in Internet Explorer. The package directs traffic to ads on websites, including coolwebsearch.com. It displays pop-up ads, rewrites search engine results, and modifies the infected computer’s hosts file to direct DNS searches to these sites.
o Internet Optimizer, also known as DyFuCa, Internet Explorer redirects error pages to advertising. When users follow a broken link or enter the wrong URL, they see an ad page. However, because password-protected websites (HTTP basic authentication) use the same mechanism as HTTP errors, the Internet Optimizer makes it impossible for the user to access password-protected sites.
o Zango (formerly 180 Solutions) transmits detailed information to advertisers about the websites that users visit. It also alters HTTP requests for linked affiliate ads from a website so that the ads generate undeserved revenue for 180 Solutions Company. Opens pop-up ads that cover the websites of competing companies.
o HuntBar, also known as WinTools or Adware, WebSearch was installed through a direct download of ActiveX from affiliate websites or through advertisements displayed by other SpyWare programs, an example of how SpyWare can install more SpyWare. These programs add toolbars to IE, track aggregate browsing behavior, redirect affiliate referrals, and display ads.
oZlob Trojan or simply Zlob, it downloads to your computer via ActiveX codec and sends information to the control server. Some of the information can be your search history, the websites you visited, and even your keystrokes.