Types of Spyware
Many Spyware programs specialize in performing one
task-displaying ads, collecting data, changing browser
settings, etc. - and can be easily categorized. However there are a large
number that perform a variety of different actions and are harder to label.
Still, a vocabulary for the different types of Spyware
threats has grown useful within the industry and may help home users detect and
diagnose threats.
Adware
Displays unwanted
or intrusive advertisements, or facilitates the delivery of unwanted ads. The Adware label covers a broad range of threats that can
display ads in browser windows, open commercial Web sites, and collect data for
market research.
Browser Helper Object (BHO)
BHOs are not inherently dangerous. They are
DLL files that are executed by Internet Explorer. Add-in toolbars and sidebars
are BHOs, and many of them are completely benign,
like the Google toolbar. However, a great number of BHOs
function as Spyware, tracking Web usage, recording
private data and even displaying ads.
Browser Hijacker
Changes
Web browser settings like homepage, search page, error page, and
Favorites/Bookmarks.
Browser hijackers are a common form of Spyware,
affecting millions of computers across
Dialer
Programs that
access a user's phone line via a phone-connected modem. Dialers can make
unauthorized calls to pay-per-minute phone services, costing the user hundreds
of dollars in phone charges.
Downloader
Downloads and
installs unsolicited files or programs, often without notifying the user or
requesting permission. Downloader programs are especially dangerous because
they allow any type of file, including worms and viruses, to be downloaded onto
the user's computer
Exploit
Exploits a security vulnerability in another program, often to allow
an intruder to remotely access the user's computer. A threat is often
classified as an exploit if it is known to exploit a vulnerability,
but its other effects are unknown.
Flooder
Sends massive
amounts of data to a computer or network in an attempt to overload and disable
a network/Internet connection.
Keylogger
Records
keystrokes into a log file and may transmit or e-mail the file to an intruder. Keyloggers can record passwords and logins, allowing
intruders to access passworded programs and web
sites, including online banking accounts. Most keyloggers
log ALL keystrokes.
Malware
A generic term
for software designed specifically to do damage-"malicious software."
Malware and viruses seem similar, but Malware is typically not self-replicating or designed for
PC-to-PC distribution.
Remote Administration Tool (RAT)
Allows a remote
intruder to access a user's PC and perform unwanted actions ranging from basic
data collection to file erasure and uploading, restart and shutdown, and even
hard-drive formatting. Similar to so-called "backdoor" applications, RATs give intruders easy access to a PC.
Spyware/Surveillance
Designed to collect
data for a variety of purposes, true Spyware (or
surveillance) applications record personal or private information and transmit
it to a third party. Often this data is used for market research and
advertising, but more malicious Spyware programs
attempt to steal passwords, logins, banking details and credit card
information.
Trackware/Data
Miner
Tracks
the user's Web usage, Web searches, or general computer use. Cookies are one kind of data miner, and
although most are harmless, some attempt to collect private information.
Related
They're not Spyware, but the following are commonly associated with
many Spyware threats.
Trojan
Trojan horse
programs take their name from the mythical wooden horse that carried hidden
Greek soldiers into
Worm
Worms are
self-replicating, fast-spreading Internet threats that are more akin to viruses
than Spyware. They differ from viruses in that they
can replace entire files on the host computer. Both viruses and worms attempt
to spread to as many computers as possible, using e-mail, the Internet, and
file-sharing networks as methods of distribution