Spyware : these programs that attack in the shade.


Les spywares : ces logiciels qui attaquent dans l'ombre - Gatewatcher

It acts in the shadows to harm your system. Spyware is one of the most vicious types of malware. Its operating mode is divided into three phases: the infection phase, the data collection phase and the transmission phase of these data to a third party. Known for its discretion, the spyware hides in the code of a downloaded program and runs in the background. The stolen data can be used to profile the user in order to send him targeted advertisements (this is called commercial spyware or adware) or be used for malicious purposes.

However, this plague is not new. Mentioned for the first time publicly in 1996, the term spyware is then used in a press release, before being used by the mainstream media in 1999. It was not until the early 2000s that the first anti-spyware application arrived on the market. Today, spyware is widespread, so it is essential to understand it in order to better fight it.



The operating modes of spyware

Cybersecurity is a matter for all operating systems. Indeed, spyware can infect a PC as well as a Mac or a smartphone, as recent examples have shown. Their modes of action are various:

  • Monitor the computer’s activity. The aim? To steal information recorded on web browsers or on the machine, before storing them in memory or sending them to an external server. To do this, the spyware reviews all the websites visited, search engine queries or personal information (credit card numbers, address, contact details, identifiers…)
  • Screen recording is also a common method used by spyware. Some of them take screenshots without the user’s knowledge. This is for example the case of BianLian, first spotted in 2018. From a Google Play Store app or a stolen APK file, the spyware installs itself on Android smartphones and asks the user for confirmations to access Android services. Once this is done, the software takes screenshots until it records the information it is interested in, before sending them to the hackers. In some cases, the software then locks the smartphone to prevent the user from defending himself.
  • Recording information typed by the user himself on his keyboard. This is the mode of action of keyboard loggers, which are fond of PIN codes, identifiers, passwords, banking information, e-mails or conversations from an instant messenger.
  • Take control of a computer remotely. This is the case of some Trojans capable of changing security settings or transforming a web page.

Known spyware includes Alexa, BargainBuddy, Cydoor, FinFisher, Gator, Go Keyboard, Hotbar, Look2Me, Trojan.Zlob and WebHancer.

But is this malware inevitable? What can you do to protect yourself against them?


How to protect oneself from spyware?

Spyware is usually hidden in :

  • Email attachments from unknown senders. It is therefore recommended to open only trusted e-mail attachments.
  • Data or software sharing
  • Freeware or shareware that hides a malicious extension or plug-in
  • Web pages that take advantage of a security hole in the web browser
  • Suspicious links. It is therefore recommended to hover over them with the mouse and make sure that these links redirect to a trusted page.
  • Pop-up ads. It is therefore advised to install an ad blocker to limit the risks of contamination.
  • Illegally downloaded movies, music and games

Sometimes, the user himself allows the installation of spyware by accepting the terms and conditions of a downloaded program. It is therefore recommended to read all the information carefully.

In case of infection, the user can observe several signs, which may warn him about the presence of spyware:

  • Machine downtimes or sudden crashes
  • Slowing down of the internet speed
  • Malfunctioning of the antivirus software
  • Lack of space on the hard disk
  • Appearance of pop-up windows
  • Appearance of undesirable toolbars, search engines or home screens

To limit spyware infections on your information system, it has become essential to equip yourself with detection probes. Gatewatcher now offers its Trackwatch solution capable of analyzing network flows to detect advanced threats and thus avoid the risks of cyberattacks..

Table of contents

Share this post :
Our most recent post
Share this post :
Our last news