Anatomy of Spyware
Whenever you try to get rid of spyware, a question invariably pops up in your mind: How does malware actually work? How did it get on my machine and how does it act.
(To learn more about spyware, visit www.spywarelib.com)
The first major component of spyware is the social engineering part. Basically this is the part that tries to fool you to install it. An e-mail attachment, a malicious ‘free’ software, a file distributed on P2P networks or a booby trapped website are good examples of such social engineering vehicles.
The Spyware in Your System
Once the spyware has reached your system, its first attempt is to deepen itself high enough so it becomes more resilient to removal attempts. Most of the time this means writing entries in the registry, making copies of itself in several places and inserting command lines in various batch files which run at the startup.
Once the entrenchment part is over, things can go several ways. Some spyware programs may try to prevent future anti-spyware software program installations, by effectively killing any program which it judges to be of this type or by blocking access to the websites offering anti spyware solutions, while others simply make some actions like viewing hidden files impossible.
Next spyware programs finally ‘call in home’. This basically means that the malware program connects to a remote server so it can receive further instructions.
Finally the spyware will receive a payload, basically additional files or data which enable it to do its nasty purpose. For pop up generators this means a list of websites to promote, for trojans it means a list of e-mail to send and a basic e-mail server and so on.
There is a list of spyware available online at www.spywarelib.com, which has information about widely infecting spyware. It can be viewed for free and information can be obtained to protect the computer.