sb-nz logo
Story image

Welivesecurity reveals the eight things you should know about spyware

21 Feb 2017

Spyware is defined as a “generic term for a range of surreptitious malware such as keyloggers, remote access trojans, and backdoor trojans, especially those that allow remote surveillance of passwords and other sensitive data”.

The term can also refer to “more aggressive adware”, which collects user information such as visited websites, installed applications, and other personal data.

Spyware today is a big problem for enterprises and consumers alike, especially given the recently reported variants infecting Android, Apple and Windows devices. 

How does spyware work?

Like most malware, spyware finds its way onto your device without your knowledge or permission.

Spyware often looks to exploit software or web browser vulnerabilities. It does not spread like a virus or worm – instead, it installs itself by convincing the user to download bogus software, or to click on an ad. This will then download the spyware.

Other ways in which spyware can infest your machine include drive-by-download (whereby spyware loads when you visit a page), phishing links and even ‘anti-spyware’ tools. It can also be downloaded through physical devices, like USB keys.

What types of spyware are there?

It’s arguable that the word ‘spyware’ was first used in 1995, in a Usenet post; today, it generally is used to refer to four types of unwanted code: adware, system monitors, tracking cookies, and trojans.

Other examples include digital rights management capabilities that “phone home” back to a command and control (C&C) center; keyloggers; rootkits, and web beacons.

How can I detect if someone is spying on me?

Anti-spyware and malware solutions can help to scan your machine, while users should also look out for common symptoms like computer slowdown, crashes and mass pop-ups, as well as suspicious hard drive activity and running out of HD space.

How to avoid infection? 

We’ve long been warned about the dangers of third-party app stores – and for good reason. Often these stores host counterfeit or even “genuine but repackaged” – and malware-infected – applications. These can seek to spy on your activities or steal confidential personal information.

As one recent example, a Netflix scam saw people infected with the SpyNote RAT posing as a genuine Netflix app and subsequently spying on user activity. As a general rule of thumb, avoid any stores outside of the usual App Store, Google Play or Windows Store mix.

Do spyware authors target Android and iOS?

Spyware has often been found on Android and iOS apps, and it is particularly successful on Google’s Android operating system.

In September, Google removed four apps from Google Play after they were found with the ‘Overseer’ spyware. Meanwhile, more recently, the Pegasus iOS spyware allowed adversaries to silently jailbreak Apple devices, spy on victims and collect voice, camera, email, messaging, GPS and contact data.

These infected apps often look to steal contact and personal information, SMS messages, track devices and phone calls, capture keyboard outputs or perform DoS attacks. They could also force your device into botnet.

Are governments engaged in or advocating the use of spyware?

Some countries have sought to use spyware to spy on dissidents, journalists and other citizens.

Hacking Team was a classic example of selling spyware tools to nefarious actors, while FinFisher (AKA FinSpy) was a high-end surveillance suite sold to law enforcement and intelligence agencies. Ironically, FinFisher later suffered a mega data breach of its own, an embarrassment for any company in the field of information security.

How do I remove spyware?

Removing spyware may sound complex, but, if done correctly, it can be fairly simple. The process will differ per device, but downloading spyware-blocker software, running security scans and removing temporary files is a good start.

Mobile users may also need to update software, remove applications or perform a factory reset.

Which browsers are the worst for spyware?

Microsoft’s Internet Explorer browser is perhaps the most susceptible to spyware attacks, owing largely to the numerous security issues it has suffered through the years.

Its deep integration with the Windows environment makes it susceptible to attack on the Windows operating system.

Many users have installed a web browser other than Internet Explorer, such as Mozilla Firefox or Google Chrome, and most major browsers are now pretty adept at dealing with the threat.

In summary: Be security-conscious

Spyware is widely spread across the web, and is ever present on today’s mobile and desktop devices. You should be security-conscious at all times and avoid clicking suspicious links or downloading unknown software. It’s also advisable to use security software to keep yourself constantly protected.

Article by Welivesecurity.

Story image
Attivo Networks expands Active Directory suite for greater protection
"We see Active Directory exploitation used in the majority of ransomware, insider and advanced attacks. We are pleased to now offer our customers early and efficient solutions for preventing the misuse of Active Directory.”More
Story image
iland and Cohesity form alliance, target data protection market
"Together with Cohesity, we will deliver elegant and cutting-edge solutions that will take our joint customers’ digital transformation projects to the next level."More
Story image
Major firms disclose breaches in the wake of SolarWinds attack
Microsoft, Shell, GoDaddy, MobiKwik — these are just some of the high-profile company's on the receiving end of sophisticated attacks, writes Bitglass senior director of marketing Jonathan Andresen.More
Story image
AvePoint brings Salesforce Cloud Backup to channel partners
The product adds to the AvePoint suite of trusted Cloud Backup for Microsoft 365 and Dynamics 365 to provide managed service providers with backup and restore capabilities across multiple, popular SaaS providers.More
Story image
Interview: SAS outlines the seven AI-based trends you'll see in 2021
Artificial intelligence has, let's face it, been the subject of much hype, of experimentation, and in some cases, pipe dreams.More
Story image
From Me to We: Partnerships & multiparty systems in the post-COVID-19 age
MPS is all about sharing data infrastructure between people and organisations - think along the lines of blockchain, distributed databases and ledgers.More