This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Spyware"
(→References) |
(→Description) |
||
Line 9: | Line 9: | ||
2. the display, in some cases, of advertisements | 2. the display, in some cases, of advertisements | ||
− | |||
− | |||
− | |||
− | |||
== Risk Factor == | == Risk Factor == |
Revision as of 16:58, 3 July 2008
- This is an Attack. To view all attacks, please see the Attack Category page.
Description
The spyware is a program that captures statistic information from user´s computer and sends it over internet without user acceptance. This information is usually obtained from cookies and web browser’s history. The spyware can also install other software, display advertisement, or redirect the web browser activity. A spyware differs from virus, worm and adware from various ways. The spyware does not self-replicate and distribute like virus and worm, and not necessarily displays advertisements like adware. The common characteristics between spyware and virus, worm, and adware are:
1. exploitation of infected computer for commercial purposes
2. the display, in some cases, of advertisements
Risk Factor
High
Some Spywares are very dificult to remove because they can hide they-selfs into Browser Cookies and Offline HTML Content in Temporary files.
Example
Figure 1. A lot of toolbars added by spyware, and some working as spyware
References
- http://cwe.mitre.org/data/definitions/506.html - Malicious
- http://en.wikipedia.org/wiki/Spyware - Spyware
Related Threats
Related Attacks
Related Vulnerabilities
TBD
Related Countermeasures
TBD