What is a Spyware?

What is a Spyware?

Spyware is software that aims to gather information about a person or organization without their knowledge and
that may send such information to another entity without the consumer’s consent, or that asserts control over a computer without the consumer’s knowledge.

“Spyware” is mostly classified into four types: system monitors, trojans, adware, and tracking cookies.
Spyware is mostly used for the purposes of tracking and storing Internet users’ movements on the Web and serving up pop-up ads to Internet users.

Whenever spyware is used for malicious purposes, its presence is typically hidden from the user and can be difficult to detect.
Some spyware, such as keyloggers, may be installed by the owner of a shared, corporate, or public computer intentionally in order to monitor users.

While the term spyware suggests software that monitors a user’s computing, the functions of spyware can extend beyond simple monitoring.
Spyware can collect almost any type of data, including personal information like internet surfing habits, user logins, and bank or credit account information.
Spyware can also interfere with user control of a computer by installing additional software or redirecting web browsers.
Some spyware can change computer settings, which can result in slow Internet connection speeds, un-authorized changes in browser settings, or changes to software settings.

Sometimes, spyware is included along with genuine software, and may come from a malicious website.
In response to the emergence of spyware, a small industry has sprung up dealing in anti-spyware software.
Running anti-spyware software has become a widely recognized element of computer security practices, especially for computers running Microsoft Windows.
A number of jurisdictions have passed anti-spyware laws, which usually target any software that is surreptitiously installed to control a user’s computer.


Routes of infection:-

Spyware does not necessarily spread in the same way as a virus or worm because infected systems generally do not attempt to transmit or copy the software to other computers.
Instead, spyware installs itself on a system by deceiving the user or by exploiting software vulnerabilities.

Most spyware is installed without users’ knowledge, or by using deceptive tactics.
Spyware may try to deceive users by bundling itself with desirable software. Other common tactics are using a Trojan horse.
Some spyware authors infect a system through security holes in the Web browser or in other software.
When the user navigates to a Web page controlled by the spyware author, the page contains code which attacks the browser and forces the download and installation of spyware.

The installation of spyware frequently involves Internet Explorer. Its popularity and history of security issues have made it a frequent target.
Its deep integration with the Windows environment make it susceptible to attack into the Windows operating system.
Internet Explorer also serves as a point of attachment for spyware in the form of Browser Helper Objects, which modify the browser’s behavior to add toolbars or to redirect traffic

Effects and behaviors
A spyware program is rarely alone on a computer: an affected machine usually has multiple infections. Users frequently notice unwanted behavior and degradation of system performance.
A spyware infestation can create significant unwanted CPU activity, disk usage, and network traffic. Stability issues, such as applications freezing, failure to boot, and system-wide crashes are also common.
Spyware, which interferes with networking software, commonly causes difficulty connecting to the Internet.

In some infections, the spyware is not even evident. Users assume in those situations that the performance issues relate to faulty hardware, Windows installation problems, or another infection.
Some owners of badly infected systems resort to contacting technical support experts, or even buying a new computer because the existing system “has become too slow”.
Badly infected systems may require a clean reinstallation of all their software in order to return to full functionality.

Moreover, some types of spyware disable software firewalls and anti-virus software, and/or reduce browser security settings, which further open the system to further opportunistic infections.
Some spyware disables or even removes competing spyware programs, on the grounds that more spyware-related annoyances make it even more likely that users will take action to remove the programs.

Keyloggers are sometimes part of malware packages downloaded onto computers without the owners’ knowledge.
Some keyloggers software is freely available on the internet while others are commercial or private applications.
Most keyloggers allow not only keyboard keystrokes to be captured but also are often capable of collecting screen captures from the computer.

A typical Windows user has administrative privileges, mostly for convenience. Because of this, any program the user runs has unrestricted access to the system.
As with other operating systems, Windows users are able to follow the principle of least privilege and use non-administrator accounts.
Alternatively, they can also reduce the privileges of specific vulnerable Internet-facing processes such as Internet Explorer.

Courtesy :- wikipedia.org