What is Spyware?
Strictly speaking, the term “spyware” could be used to describe all of the tools and technology with which espionage is conducted – including the poison-tipped umbrella. But in the context of digital/information technology, spyware is any software that obtains information about a person or organization – usually without their knowledge or consent.
At the more legitimate end of the spectrum, this definition would include cookies deposited in your web browser cache when you visit a website, or software used to gather data on you and your habits for marketing and targeting advertising purposes – so long as these operate without your knowing about them.
Spybots or tracking software are terms often used to describe the class of spyware which is installed without a user’s consent – typically through deception (an infected website, pop-up window, or other malware trap) or camouflage (with a spyware program bundled as part of an otherwise legitimate download). Once installed, these programs gather information on the infected target and transmit it to third parties, who may use it for any number of purposes.
A Brief History of Spyware
Back in October 1995, the term “spyware” first appeared in a public forum called Usenet – which was a distributed internet discussion where users could post messages in an email-like format. It featured in an article analyzing the business model then adopted by Microsoft, in a largely conceptual context.
Spyware made its first significant public impact in 1999, when the popular freeware game Elf Bowling was discovered to be laced with tracking software. Also in that year, Steve Gibson of Gibson Research uncovered a form of spyware which, under the pretext of advertising, was actually pilfering confidential information – the first significant intrusion of adware. In response, Gibson went on to develop OptOut, the first anti-spyware program.
A press release for a personal firewall package which appeared in the year 2000 contained specific reference to spyware, and marked its official entry in the modern language of computing.
The Current State of Spyware
As with other forms of malicious application, spyware has enjoyed a rapid evolution since its humble beginnings. In no small part, this may be attributed to the proliferation of websites, portals, file-sharing resources and torrents that enable users to exchange files and bypass officially sanctioned software distributors and app stores to download free software, or cracked and pirated versions of commercial packages.
Authors of spyware have been known to pay the developers of shareware (limited or zero functionality after a certain period, unless you choose to buy) to bundle their tracking software with legitimate packages. They may also re-engineer freeware applications to include their own spyware code.
Beyond the booby-trapped email attachment or infected pop-up window, internet spies may lure unfortunate victims to tainted websites, where spyware is undetectably and automatically downloaded onto a visitor’s machine – the so-called “drive-by download”. This points to the principal weapon that cyber-criminals use in getting their targets to install spyware: stealth.
Spyware works best when the target is unaware of its presence or activities. So today’s spyware practitioners take great pains to ensure that victims have no idea that the software package they’re installing comes bundled with spybots, or that the website they’ve just visited left them with more than what they’ve just seen.
Once established on a host system, spyware may then go on to observe a user’s activities and provide a steady stream of information to its controllers. This could include personal data, contact lists, financial information, account and user credentials, intellectual property, or operational data crucial to businesses. In some cases, the tracking software may also make changes to a system or network to make its own work easier, or as a form of sabotage.
Types of Spyware
There are several forms of tracking software in current circulation, including:
- Adware: The paid advertising which appears on program windows and makes such software notionally free may also mask underlying code which observes a user’s system or activities and relays information to third parties for semi-legitimate marketing or more nefarious purposes. Pornware and riskware may also be used as avenues for tracking software installations.
- Cell Phone or Mobile Spyware: A range of applications, including device-resident software installed by manufacturers to track a user’s position, internet use and activity for targeted advertising and other purposes, and spyware installed manually (by a user, or a malicious outsider gaining access to their phone) or from an infected file download or website.
- Cookies: For the most part, tracer cookies are placed for legitimate purposes – and websites specifically display their cookie and consent policies to the user in their browser window. But they may also be placed surreptitiously, and employed to track users without their knowledge.
- System Monitors: Installed secretly, or slipped in as hidden features of otherwise legitimate-looking security software, spyware system monitors may capture keyboard activity (keyloggers), track and record emails, observe browsing and websites visited, etc.
- Trojans: Seemingly innocent or legitimate software installations and document files that contain spyware in various forms.
Effects of Spyware
The pilfering of confidential personal or corporate data and intellectual property can lead to identity theft, fraud, financial losses, and damage to individual or organizational reputations once the breaches come to light. That’s why spyware is a lucrative option for cyber-criminals, who can sell information on to third parties, or hold people and organizations to ransom over the return of their data or the threat of exposure.
Spyware can also cause real damage to infected systems. There’s often a performance dip associated with a spyware installation, which may manifest as a device or system running slowly, crashes and freezing, increased stress on the processor, higher operating temperatures, battery drains, and so on.
The tracking software may also make changes to system configurations, change port and browser settings, spoof or redirect homepage settings, alter a user’s search engine results, or cause a user’s web browsers to automatically visit infected or fraudulent sites.
Methods of Prevention
New software should be downloaded from approved app stores and manufacturer websites, whenever possible. File-sharing (unless within a secure network environment) and torrent downloads are generally not a good idea. Neither is haphazard clicking on unsolicited email attachments or pop-up windows and advertising.
Security and anti-virus software is always a recommended option – as long as it originates from a reputable manufacturer, and has dedicated anti-spyware facilities. Look for anti-spam filters, cloud-based detection, and virtual encrypted keyboard tools for entering financial information and transactions. Some internet security solutions also offer spyware removal capabilities, in the event of an existing infection.
Device security should also be maintained. So keep a close eye and hand on cell phones and tablets, use password protection and lock screens, and secure all hardware against physical theft or tampering.
Origian from: https://blog.finjan.com/the-past-and-present-state-of-spyware/