Spyware Methods of Spyware Infection

Spyware Methods of Spyware Infection

Spyware is a type of malware that is designed to collect and forward information regarding a victim’s activities to an interested party. The defining characteristics are that the application acts behind the scence to gather this information without the user’s consent or knowledge.

The information gathered by spyware has been used to target ads, steal identities, generate revenue, alter systems, and capture other information. In addition, it is not unheard of for spyware to open the door for later attacks that may perform tasks such as downloading software and so on.

 

Methods of Spyware Infection

Spyware can be placed on a system in a number of different ways, each offering its own benefits. Once the software is installed, it stays hidden and carries out its goals. Methods of infection include, but are not limited to, the following:

Peer-to-Peer Networks (P2P) this delivery mechanism has become very popular because of the increased number of individuals using these networks to obtain free software.

Instant Messaging (IM) Delivering malicious software via IM is easy. Plus, IM software has never had much in the way of security controls.

Internet Relay Chat (IRC) IRC is a commonly used mechanism to deliver message and software because of its widespread use and the ability to entice new users to download software.

Email Attachments With the rise of emails as a communication medium, the practice of using it to distribute malware has also risen.

Physical Access Once an attacker gains physical access, it becomes relatively easy to install spyware and compromise the system.

Browser Defects Many users forget or do not choose to update their browsers as soon as updates are released, so distribution of spyware becomes easier.

Freeware Downloading software for free from unknown or untrusted source can mean that you also download something nastier, such as spyware.

Website Software is sometimes installed on a system via web browsing. When a user visits a given website, spyware may be downloaded and installed using scripting or some other means.

Spyware installed in this manner is quite common, because web browser lend themselves to this process. They are frequently unpatched, do not have upgrades applied, or are incorrectly configured. In most cases, users do not use the most basic security precautions that come with a browser; and sometimes users override security options to get a better browsing experience or to see fewer pop-ups or prompts.

Software Installations One Common way to install software such as spyware on a Victims’ system is as part of another software installation. In these situations, a victim downloads a piece of software that they want, but packaged with it is a payload that is silently installed in the background. The victim may be told that something else is being installed in the background. The victim may be told that something else is being installed on the system but may click through the installation wizard so quickly without reading anything that they miss the fact that additional software is being placed on their system.

Add a Comment