Next generation spyware

The distinction between adware and spyware was primarily a difference between whether the vendor was up front with disclosing their monitoring activity, or if the vendor secretly 'spied' on the user without any notification or authorization. The worst affect of such spyware was typically unwanted pop-up advertising based on the monitoring that the spyware had done.

More malware education Malware Learning Guide This guide provides you with tips, Windows security expert advice, articles and more that give you a complete rundown on the different types of malware. Malware Glossary With this list of malware definitions, you can get up to speed on malware trends and terminology, both old and new.

Over time though, spyware has taken on a much larger role in the malware world and has matured into a method of propagation that can be used to deliver a variety of malware types and malicious software. While there are still unique attributes that technically separate spyware from a Trojan, virus or other forms of malware, many recent and current threats blur the line and converge the various types of malware together.

Webroot Software, makers of the antispyware product SpySweeper, classify three different types of software under the umbrella heading of 'spyware threats'. There is the traditional adware, which still primarily just spy and gather data in a semi-benign fashion, but they also consider Trojans and System Monitors as types of spyware.

Trojans, at least those considered under the heading of spyware, tend to be either backdoors or downloaders. A backdoor is a Trojan that opens a port or provides some other covert means for an attacker to gain access to an infected system and execute malicious programs of their choosing. A downloader is a Trojan that initiates a connection with some external server to download and install other malicious programs which could include Bots or backdoor software.

System monitors are programs such as keystroke loggers that capture and record every keystroke typed on the computer. Many system monitor programs, such as SpyBuddy, go even farther, logging the programs that are used, Web sites that are visited, instant messaging chat sessions and more. The captured data is either automatically sent to an external server or email address, or there is some type of backdoor that allows the attacker to access the infected computer to retrieve the data.

The originators of the spyware concept may not have set out with such malicious intent. Their goal was strictly to maximize ad sales revenue by ensuring that the ads users see are for products and services that interest them. But, it didn't take very long for malicious developers to figure out that if you can secretly install software on a user's computer to monitor their computer activity, you can also use that software to capture personal information such as passwords and bank account numbers, or that you can use the same attack vector to install other types of malicious software. As it stands now, spyware ranks as one of the prime distribution methods for malware and is a threat that network and security administrators need to aggressively defend against.

About the author: Tony Bradley is a consultant and writer with a focus on network security, antivirus and incident response. He is recognized by Microsoft as an MVP in Windows Security, and he is the About.com Guide for Internet / Network Security, providing a broad range of information security tips, advice, reviews and information. Tony is co-author of Hacker's Challenge 3 and author of the upcoming Essential Computer Security. He also contributes frequently to other industry publications. For a complete list of his freelance contributions you can visit S3KUR3.com.

Rate this Tip To rate tips, you must be a member of SearchEnterpriseDesktop.com. Register now to start rating these tips. Log in if you are already a member. Submit a Tip Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT Microsoft Windows malware removal and prevention Zero-day attack prevention Use patching to protect your network from threats Define server roles, counterattack zero-day threats Harden your network services and contain zero-day threats The Future of Spyware Defense Plan out your network security testing for these eight reasons IT pros: We can't stop every threat Step 4: The "block the application" approach Step-by-step guide: Blocking IM and P2P Where are rootkits coming from? RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.