This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Spyware"
(→Example) |
|||
| Line 1: | Line 1: | ||
| − | |||
| − | |||
{{Template:Attack}} | {{Template:Attack}} | ||
| Line 9: | Line 7: | ||
1. exploitation of infected computer for commercial purposes | 1. exploitation of infected computer for commercial purposes | ||
| + | |||
2. the display, in some cases, of advertisements | 2. the display, in some cases, of advertisements | ||
| Line 15: | Line 14: | ||
The biggest problem is that the infected computer becomes extremely vulnerable to many other spywares, which install themselves into the computer. | The biggest problem is that the infected computer becomes extremely vulnerable to many other spywares, which install themselves into the computer. | ||
| + | == Severity == | ||
| + | |||
| + | High | ||
| + | |||
| + | == Likelihood of exploitation == | ||
| + | |||
| + | Very High | ||
==Example == | ==Example == | ||
| Line 28: | Line 34: | ||
*http://cwe.mitre.org/data/definitions/506.html - Malicious | *http://cwe.mitre.org/data/definitions/506.html - Malicious | ||
| − | |||
==Related Threats== | ==Related Threats== | ||
*[[:Category:Client-side Attacks]] | *[[:Category:Client-side Attacks]] | ||
| − | |||
==Related Attacks== | ==Related Attacks== | ||
| Line 40: | Line 44: | ||
* [[Phishing]] | * [[Phishing]] | ||
* [[:Category:Malicious Code Attack]] | * [[:Category:Malicious Code Attack]] | ||
| − | |||
==Related Vulnerabilities== | ==Related Vulnerabilities== | ||
| Line 50: | Line 53: | ||
TBD | TBD | ||
| − | + | [[Category:Resource Manipulation]] | |
| − | + | [[Category:Attack]] | |
Revision as of 17:47, 5 November 2007
- This is an Attack. To view all attacks, please see the Attack Category page.
Description
The spyware is a program that captures statistic information from user´s computer and sends it over internet without user acceptance. This information is usually obtained from cookies and web browser’s history. The spyware can also install other software, display advertisement, or redirect the web browser activity. A spyware differs from virus, worm and adware from various ways. The spyware does not self-replicate and distribute like virus and worm, and not necessarily displays advertisements like adware. The common characteristics between spyware and virus, worm, and adware are:
1. exploitation of infected computer for commercial purposes
2. the display, in some cases, of advertisements
The spyware is usually masqueraded or presented as an utility software like P2P client, optimization tool, web accelerator, download accelerator, and even as security software like antispyware. In this case the user infects the computer by installing this kind of software without being aware of the danger. The spyware can also be bundled in media and shareware, being additionally installed with the software or autorun. The infection can occurs through fake Windows warning, when the fake message appears warning the user about some security issue or offering performance optimizing. The computer infected presents symptoms like poor performance due to high memory and processor usage, unwanted behavior, system crash, high internet bandwidth usage, large number of popup, and many other symptoms. The biggest problem is that the infected computer becomes extremely vulnerable to many other spywares, which install themselves into the computer.
Severity
High
Likelihood of exploitation
Very High
Example
Figure 1. A lot of toolbars added by spyware, and some working as spyware
External References
- http://cwe.mitre.org/data/definitions/506.html - Malicious
Related Threats
Related Attacks
Related Vulnerabilities
TBD
Related Countermeasures
TBD
