Spyware – a threat to the security of your PC

Posted: September 12, 2012 in Articles, Glossary

spywareThis article is devoted quite relevant in the present time the problem – the problem of malicious code. Until a few years ago, the situation was quite simple – there applications (including the operating system) and computer viruses that programs capable of infecting other applications by implementing them in their native. Recently, however, there was a lot of malicious programs, which can not be considered viruses because they do not have the ability to reproduce. For such programs, there are many categories: Trojan, Backdoor, Trojan-Downloader, MalWare, SpyWare, Adware, Dialer … Classification is often quite controversial – manufacturers of various antivirus software include the exact same program for different categories. This article is an attempt to define a classification of malware and to formulate criteria for the program can be classified as SpyWare and Adware.

SpyWare: spy-programs

  • Spyware (alternative title – Spy, SpyWare, Spy-Ware, Spy Trojan) is called software that collects and transmits information to anyone without your consent. Information may include their personal data, the configuration of the computer and operating system performance statistics on the Internet.
  • Spyware is used for a number of objectives, which are the main target market research and advertising. In this case, the information about the configuration of the user’s computer, software it uses, visited sites, statistics queries to search engines and statistics of the input from the keyboard of words can accurately determine the type of activity and the range of interests of users. So it is often possible to observe a bunch SpyWare – Adware, ie “The Spy”“Module display advertising.” Spy part gathers user information and sends it to the server advertising firm. Where information is analyzed and in response sent promotional information, the most suitable for the user. At best advertising is displayed in separate pop-up windows, and at worst – is introduced in the download page, and send an e-mail.

However, the information gathered can be used not only for advertising purposes – for example, information on the user’s PC can greatly simplify the hacker attack and hacking your computer. And if the program periodically updates itself over the Internet, it makes your computer very vulnerable – elemental attack on the DNS could spoof the source address to the address of the server upgrade hacker – this “update” will lead to the implementation of the user’s PC any extraneous software.

Spyware software can get on your computer in two main ways:

  • During a visit to an Internet site. The most common entry Spyware is about visiting a hacker and warez sites, sites with free music and porn sites. Typically, to install spyware ActiveX components used or Trojans TrojanDownloader category classification of Kaspersky Lab. Many hacker sites may issue a “crack” that contains spyware or TrojanDownloader for the download.
  • The installation of freeware or shareware programs. The most annoying thing is that these programs there are so many, they are distributed over the Internet or on pirated CDs. The classic example – codec DivX, contains a utility for downloading and installing the secretive SpyWare.Gator. Most programs contain SpyWare-components not notify the user.

Precise criteria for entering the program in the category of “SpyWare” does not exist, and very often the creators antivirus packages include software rated “Adware”, “Hijacker” and “BHO” in the category “SpyWare” and vice versa.

The basis Classification of the most common SpyWare programs:

– The program secretly installed on the user’s computer. The intent of this paragraph is that the installer of the regular program must notify the user of the fact of the installation (with the possibility of failure of the installation), propose to select the directory for installation and configuration. In addition, after the installation the installer should create a point in the “Add or Remove Programs”, a call which performs the uninstall process. Spyware is usually installed exotic way (often using Trojan module category) hidden from the user, it is uninstalled in most cases impossible. The second way to install SpyWare – secretive unit complete with a popular program;

– The program secretly loaded into memory during boot. It should be noted that the developers have started to apply modern SpyWare Rootkit technology to mask the process in memory and files on the disk. It is also becoming popular creation “neubivaemoy” processes – ie Running two processes, which restarts with each other in case of a stop. This technology is used in particular in SpyWare.WinAd;

– The program performs some operation without the user – for example, sending or receiving any information from the Internet;

– The program downloads and installs its updates, supplements, plug-ins or other software without your knowledge or consent. This property is inherent in many spyware and extremely dangerous, because Download and install updates and new modules can be hidden and often leads to system instability. Moreover, the auto-update mechanism can be exploited to implement the user’s PC Trojan modules;

– Program modifies system settings, or interfere with the other programs without your knowledge. For example, spyware can change the level of security in your browser settings, or make changes to the network configuration;

– The program modifies the data or information flows. Common examples are the different extensions for the program Outlook Express, which is credited with sending the letter to him his information. A second common example – modification downloaded from the Internet pages (pages include advertising information, certain words or phrases are converted into hyperlinks).

This classification should be noted that the program does not allow category SpyWare remotely control your computer and transmits passwords and similar information they need for their creators – like the other categories of the specific programs – “Trojan” and “BackDoor”. But in many ways the program category SpyWare are relatives Trojans.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s