What is a Spyware? The Top 5 Types

SoftwareLab Blog

BY: Tibor Moes / Updated: FEbruary, 2019

What is Spyware?

Spyware is any piece of malicious software that infects your computer and spies on your personal data. These programs can record a wide range of personal information – from search and browsing histories to login credentials and credit card details. Read on to learn about the most common types of spyware and the easiest ways to remove it from your computer.

What you will find out in this article: 

  1. What Is Spyware?
  2. What Types of Spyware Exist?
  3. Examples of Spyware
  4. How to Remove Spyware

If your computer is infected with spyware, hackers can access your personal information and use it for a variety of cybercriminal activities. Don’t become a victim of cybercrime! Read our comparison of the best antivirus software and stay safe online.

Tibor Moes

Founder, SoftwareLab

Spyware

Just because you’re alone in your room while browsing the internet, it doesn’t mean that there’s no one there watching you. Unbeknownst to their owners, more than 90 percent of computers across the world are infected with some form of spyware. With the help of this malicious software, hackers can gain access to your personal information and use it to steal your money, your files, and even your identity.

What Is Spyware?

Spyware is malicious software that infects computers and other internet-connected devices and secretly records your browsing habits, the websites you visit, and your online purchases. Some types of spyware also record your passwords, login credentials, and credit card details. This information is then forwarded to the spyware author, who can either use it for their own personal gain or sell it to a third party.

Like all other types of malicious software, spyware is installed on your computer without your consent. It is usually bundled with legitimate software that you have intentionally downloaded (like file-sharing programs and other freeware or shareware applications), but you can also unwittingly download it by visiting malicious websites or clicking on links and attachments in infected emails. As soon as you install it, spyware will attach itself to your operating system and start running quietly in the background.

The term spyware was coined in the mid-1990s, but the software itself had existed long before that. At first, developers would add a spyware component to their programs to track their usage. They would then approach potential advertisers with these stats or utilize them to detect any unlicensed use of the software. By the early noughties, however, more than 90 percent of computer users worldwide had their machines infected with some form of spyware, unknowingly installed without their permission.

Nowadays, there are many spyware programs in circulation, some even bundled with hardware. Rather than targeting individual users, the creators of spyware aim to gather as much data as possible and sell it to advertisers, spammers, scammers, or hackers. With new forms of malicious software being released every few seconds, no one is safe from spyware. Even the companies you trust use spyware to track your behavior, which you have allowed them to do when you accepted their End User License Agreement.

What Types of Spyware Exist?

All forms of spyware can be divided into the following five categories:

  1. Infostealers

As the name suggests, infostealers are programs that have the ability to scan infected computers and steal a variety of personal information. This information can include browsing histories, usernames, passwords, email addresses, personal documents, as well as media files. Depending on the program, infostealers store the data they collect either on a remote server or locally for later retrieval.

In most cases, infostealers exploit browser-related security deficiencies to collect your private data. They sometimes also use the so-called injection scripts to add extra fields to web forms. When you type in the requested information and hit “Submit”, instead of going to the website owner, the information will go directly to the hacker, who can then potentially use it to impersonate you on the internet.

  1. Password Stealers

Password stealers are very similar to infostealers, the only difference being that they are specially designed to steal login credentials from infected devices. First detected in 2012, these pieces of spyware don’t steal your passwords as you type them. Instead, they attach themselves to the browser to extract all your saved usernames and passwords. In addition, they can also record your system login credentials.

Most password stealers are routinely removed by reliable security software, but some types still manage to avoid detection by changing their file hashes before each attack. As with infostealers, the creators of password stealers can choose whether they want to store the collected data on a remote server or in a hidden file on your hard drive.

  1. Keyloggers

Sometimes referred to as system monitors, keyloggers are spyware programs that record the keystrokes typed on a keyboard connected to an infected computer. While hardware-based keyloggers record each keystroke in real time, software-based keystroke loggers collect periodic screenshots of the currently active windows. This, in turn, allows them to record passwords (if they are not encrypted on-screen), credit card details, search histories, email and social media messages, as well as browser histories.

While keyloggers are mostly used by hackers to gather sensitive data from unsuspecting victims, they have also found a more practical use in recent years. Namely, some business owners utilize them to monitor the activity of their employees, while concerned parents may install them on their children’s computers to ensure that they are safe online. Some law enforcement agencies in the United States have also used keyloggers to arrest notorious criminals and crack down on drug dealers.

  1. Banker Trojans

Banker Trojans are programs that are designed to access and record sensitive information that is either stored on or processed through online banking systems. Often disguised as legitimate software, banker Trojans have the ability to modify web pages on online banking sites, alter the values of transactions, and even add extra transactions to benefit the hackers behind them. Like all other types of spyware, banker Trojans are built with a backdoor, allowing them to send all the data they collect to a remote server.

These programs usually target financial institutions ranging from banks and brokerages to online financial services and electronic wallet providers. Due to their sophisticated design, banking Trojans are often undetected even by the state-of-the-art security systems of some financial institutions.

  1. Modem Hijackers

With the gradual shift from dial-up to broadband in the last decade, modem hijackers have become a thing of the past. They are perhaps the oldest type of spyware that would attack its victims while they were browsing the internet. As a rule, a pop-up ad would appear, prompting the user to click on it. When they did, it would initiate a silent download of a file that would then take control of their dial-up modem.

Once in charge of the computer, the modem hijacker would disconnect the phone line from its current local connection and instead connect it to an international one. Most hackers would premium-priced phone numbers (usually intended for adult chat lines) that were registered in countries with insufficient cybercrime legislation like China, Russia, and some South American countries. The victims would usually only become aware of the problem when they saw their $1,000+ phone bill early next month.

    Examples of Spyware 

    With the development of cybersecurity technologies over the years, many spyware programs have disappeared, while some other, more sophisticated forms of spyware have emerged. Some of the best-known examples of spyware include the following:

    • CoolWebSearch – This program would take advantage of the security vulnerabilities in Internet Explorer to hijack the browser, change the settings, and send browsing data to its author.
    • Gator – Usually bundled with file-sharing software like Kazaa, this program would monitor the victim’s web surfing habits and use the information to serve them with better-targeted ads.
    • Internet Optimizer – Particularly popular in the dial-up days, this program promised to help increase internet speeds. Instead, it would replace all error and login pages with advertisements.
    • TIBS Dialer – This was a modem hijacker that would disconnect the victim’s computer from a local phone line and connect them to a toll number designed for accessing pornographic sites.
    • Zlob – Also known as Zlob Trojan, this program uses vulnerabilities in the ActiveX codec to download itself to a computer and record search and browsing histories, as well as keystrokes.

      How to Remove Spyware

      Similar to some other types of malware, you will usually be able to recognize some symptoms of a spyware infection on your computer. These can range from changes to your web browser’s homepage and redirected searches to performance issues and increased modem activity when you’re not using your computer. If you notice any of these problems, you should use the best antivirus software to run a scan of your computer and quarantine or remove any infected or compromised files it detects.

      As with any other cybersecurity threat, nurturing good browsing habits is the best way to keep your computer and personal information safe. Because spyware is most often distributed via malicious emails and websites, you shouldn’t open any attachments or click on any links that are included in suspicious emails or messages you receive on social media. Some programs allow you to opt out of installing bundled spyware, so make sure to read the instructions carefully when installing software on your PC.

      Finally, even if your computer is showing no signs of a spyware infection, you should still scan it for all potential threats at least once a week. With the best antivirus software, you can schedule a weekly scan so that you won’t have to manually start it every time. These programs also offer real-time protection against a wide range of threats, from viruses and worms to spyware and ransomware. What’s more, they automatically check for virus and malware database updates every day to ensure optimal protection.