Difference between revisions of "Spyware"

From OWASP
Jump to: navigation, search
(Example)
m (Reverted edits by OloleTotad (Talk) to last version by KirstenS)
 
(20 intermediate revisions by 4 users not shown)
Line 1: Line 1:
Spyware
 
 
 
{{Template:Attack}}
 
{{Template:Attack}}
 +
<br>
 +
[[Category:OWASP ASDR Project]]
 +
 +
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''
 +
  
 
==Description==
 
==Description==
 +
Spyware is a program that captures statistical information from a user's computer and sends it over internet without user acceptance. This information is usually obtained from cookies and the web browser’s history. Spyware can also install other software, display advertisements, or redirect the web browser activity.
 +
Spyware differs from a virus, worm, and adware in various ways. Spyware does not self-replicate and distribute itself like viruses and worms, and does not necessarily display advertisements like adware. The common characteristics between spyware and viruses, worms, and adware are:
 +
# exploitation of the infected computer for commercial purposes
 +
# the display, in some cases, of advertisements
  
The spyware is a program that captures statistic information from user´s computer and sends it over internet without user acceptance. This information is usually obtained from cookies and web browser’s history. The spyware can also install other software, display advertisement, or redirect the web browser activity.
+
==Risk Factors==
A spyware differs from virus, worm and adware from various ways. The spyware does not self-replicate and distribute like virus and worm, and not necessarily displays advertisements like adware. The common characteristics between spyware and virus, worm, and adware are:
+
  
1. exploitation of infected computer for commercial purposes
+
High
2. the display, in some cases, of advertisements
+
  
The spyware is usually masqueraded or presented as an utility software like P2P client, optimization tool, web accelerator, download accelerator, and even as security software like antispyware. In this case the user infects the computer by installing this kind of software without being aware of the danger. The spyware can also be bundled in media and shareware, being additionally installed with the software or autorun. The infection can occurs through fake Windows warning, when the fake message appears warning the user about some security issue or offering performance optimizing.
+
Some Spyware is very dificult to remove because it can hide  in Browser Cookies and Offline HTML Content in Temporary files.
The computer infected presents symptoms like poor performance due to high memory and processor usage, unwanted behavior, system crash, high internet bandwidth usage, large number of popup, and many other symptoms.
+
The biggest problem is that the infected computer becomes extremely vulnerable to many other spywares, which install themselves into the computer.
+
  
 +
==Examples==
  
==Example ==
+
<center>
  
[[Image:Nsrav_fig.jpg]]
+
https://www.owasp.org/images/6/68/Figura2.jpg
  
 
Figure 1. A lot of toolbars added by spyware, and some working as spyware
 
Figure 1. A lot of toolbars added by spyware, and some working as spyware
 +
</center>
  
==External References==
 
  
*http://cwe.mitre.org/data/definitions/506.html -  Malicious
+
==Related [[Threat Agents]]==
 
+
* [[:Category:Client-side Attacks]]
 
+
[[Category:FIXME|not a threat agent that is currently there]]
==Related Threats==
+
 
+
*[[:Category:Client-side Attacks]]
+
 
+
 
+
==Related Attacks==
+
  
 +
==Related [[Attacks]]==
 
* [[Trojan Horse]]
 
* [[Trojan Horse]]
 
* [[Phishing]]
 
* [[Phishing]]
 
* [[:Category:Malicious Code Attack]]
 
* [[:Category:Malicious Code Attack]]
  
 +
==Related [[Vulnerabilities]]==
 +
* TBD
  
==Related Vulnerabilities==
+
==Related [[Controls]]==
 
+
* TBD
TBD
+
  
==Related Countermeasures==
+
==References==
 +
* http://cwe.mitre.org/data/definitions/506.html -  Malicious
 +
* http://en.wikipedia.org/wiki/Spyware - Spyware
  
TBD
 
  
==Categories==
+
[[Category:Resource Manipulation]]
  
* [[:Category:Resource Manipulation]]
+
[[Category:Attack]]

Latest revision as of 14:32, 26 May 2009

This is an Attack. To view all attacks, please see the Attack Category page.



Last revision (mm/dd/yy): 05/26/2009


Description

Spyware is a program that captures statistical information from a user's computer and sends it over internet without user acceptance. This information is usually obtained from cookies and the web browser’s history. Spyware can also install other software, display advertisements, or redirect the web browser activity. Spyware differs from a virus, worm, and adware in various ways. Spyware does not self-replicate and distribute itself like viruses and worms, and does not necessarily display advertisements like adware. The common characteristics between spyware and viruses, worms, and adware are:

  1. exploitation of the infected computer for commercial purposes
  2. the display, in some cases, of advertisements

Risk Factors

High

Some Spyware is very dificult to remove because it can hide in Browser Cookies and Offline HTML Content in Temporary files.

Examples

Figura2.jpg

Figure 1. A lot of toolbars added by spyware, and some working as spyware


Related Threat Agents

Related Attacks

Related Vulnerabilities

  • TBD

Related Controls

  • TBD

References