Skip main navigation

Spyware: Understanding Its Behavior and Operation

Spyware invades devices and gathers information about users, hoping to monetize it. Watch Skylar Simmons explain more.
6
So in this section we’re going to talk about spyware. This is malware that invades a device and sells sensitive information. So what is spyware? Spyware is another class of malware that wants to infect a system. It gathers information about the users, including sites you visit, things you download, usernames and passwords, payment information, emails. It can access your webcam sometimes. It can access your microphone sometimes. If it’s a keylogger, it’ll grab random keystrokes. And basically, any sort of information you can think of that you have on your system it can try and get a hold of. Just like we saw with adware, bundling is often used to package spyware with legitimate software.
48.2
So this is again that thing where you go out and you grab something legitimate, probably some kind of freeware, and then somewhere along the line between your machine and where you get your application from spyware is packaged with it so that you install both of them at the same time. Once it’s on your machine and it’s active and gathering information about you, it then sends it back to a controller somewhere. This controller then can take that information and leverage it either for further attacks against you, maybe. Now they’re going to craft a more serious social engineering kind of attack because they’ll have personal information about you.
84.2
Maybe they just immediately can get a hold of your passwords and access your banks, or something like that. Or it’s possible that it’s just used to harvest information and send that information to another group, another organisation for additional stuff. We’ll talk about that in a second. Most commonly we see this in the form of keyloggers, password stealers, banking Trojans, things like this. And in the next video we’re going to talk about FinFisher, which was a pretty interesting piece of spyware. The thing that made it significant as compared to a lot of other spyware is the way that it was, I should say the organizations that were interested in using it.

In the video, you will learn how spyware invades devices and gathers information about users (e.g. sites visited, passwords, payment info, emails), and sends the information back to the controller, or the organization owning the malware, hoping to monetize it. We will also consider that spyware is most commonly found in keyloggers.

Reflect and share: What would you describe as the main differences between spyware and adware?

This article is from the free online

Cyber Security Foundations: Common Malware Attacks and Defense Strategies

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education