Malware 101: Spyware
Malware has become mainstream in today’s internet age. Malware comes in many shapes and forms, and almost all of them are used for nefarious purposes. Mission Multiplier wants to make sure that you understand the dangers you face in the cyber world, malware included. That’s why we have decided to give you a few articles to help explain the different types of malware you might encounter out in the wild. And we’re starting you out with a fun one: spyware.
Understanding what malware does comes from understanding the intentions behind its creation. Some malware is used to monitor a person’s behavior while on an infected computer. This breed of malware is called spyware. Once downloaded onto a computer, spyware tracks the user’s actions and behaviors (with or without the user’s consent), then sends that tracking data to a recipient, who can then use that information to fulfill his or her objective. Many different entities employ spyware for a variety of functions, from businesses tracking the behavior of their website visitors to hackers trying to break into an unsuspecting user’s computer.
One of the most common forms of spyware is a tracking cookie – a small piece of data planted into a browser for the purpose of tracking where a user is on a site and how long that user is there. The wild part: tracking cookies aren’t illegal. In fact, many websites explicitly require permission to use tracking cookies to “improve their viewers’ experience”, and many service providers like Facebook weave the use of tracking cookies into their terms-of-service agreements.
Despite their widespread use, it’s completely valid to feel a level of concern about tracking cookies, as their use is a breach of privacy. Many computer-users don’t mind because they feel that they have nothing to hide. Others are upset they are denied the privilege to surf the web without fear of being watched from across the screen.
When a cookie is put into a browser, it can hang around and continue tracking your browsing habits even after you’ve left the site that put it there in the first place. If you aren’t terribly fond of that idea, there are a couple of solutions. Virtually Private Networks (VPNs) block outside parties from accurately seeing what is happening while you browse the web. A simpler solution is to remove the cookies from the browser and click “No” if a site asks you for permission to use them. Just keep in mind that some sites won’t like not being able to track you, and will deny you access if you block their cookies.
The information collected from tracking cookies is often used to create targeted adware – an offshoot of spyware which displays highly targeted ads on websites that you visit. For businesses where advertising accounts for the gross majority of revenue, adware serves to automatically generate ads – more ads mean more revenue. To provide a customized experience to their customers, these businesses create an algorithm that uses the data collected by tracking cookies to generate ads specifically related to your browsing habits. Thus, it is common to see ads on Facebook for items related to your recent searches on other sites like Google and Amazon.
Spyware isn’t strictly confined to your internet browser. Some more nefarious forms, like keyloggers and rootkits, can be downloaded directly onto your computer to track everything you do while logged in.
Keyloggers are a spyware that track and record key strokes from the user’s keyboard. This information can be interpreted to obtain the user’s log-in information, banking details, private communications, and anything else a user types out while the keylogger is active. Some keyloggers have even been programmed to perform a command every time a specific sequence is typed out. More advanced forms can also be used to track mouse movements. With that information, hackers can program tools to simulate normal human behavior to bypass security protocols meant to prevent access to non-human users.
Rootkits are software that enable unauthorized users, such as hackers, to remotely access a computer without being detected. Rootkits can be downloaded as a biproduct of malvertising (another form of malware that we’ll cover in a future article) or, like other malware, can make their way onto a system by way of hiding in a document attached to a phishing email. The best way to avoid being caught in that particular trap is to learn how to spot a phisher! Once it is downloaded, a rootkit is harder to detect than other viruses, allowing it to run and do what it was programmed to do right under your nose. If you can stop it before it gets that point, you’ll be much better off.
The most important thing to remember about spyware is that its fundamental purpose is to monitor and record whatever and whoever it is programmed to. What defines the type of spyware is the intention behind it. Tracking cookies only track what the user is doing; adware uses tracking information to generate targeted ads; keyloggers log and compile key strokes; rootkits create backdoor access into a computer or network. The best away to avoid having spyware placed onto your computer is be mindful of where you are on the internet and ask yourself “Is this the expected norm?” any time something doesn’t feel quite right. A highly recommended safety measure is to periodically scan your system with an anti-malware or specifically anti-spyware program to detect any spyware that may have already found its way into your files.
If you, your organization or company, or someone you know would like more information about our company or how to handle the threat of spyware, please do not hesitate to reach out to Mission Multiplier at firstname.lastname@example.org.