Frank from Ohio asks:
I did a spyware scan the other day and it turns out that I had some “Trojans” and “tracking cookies” on my computer (my program got rid of them). I have no idea what a Trojan is; as a matter of fact, I don’t understand what a lot of things mean in regards of spyware. Is spyware the same as adware? I am totally confused.
And for good reason. There are so many nasty “bugs” running around the internet that keeping track of them is almost a full time job.
Below is a list of basic terms that I have compiled that will hopefully help ease your confusion a bit.
ADWARE: This is a software program that is installed without a users’ knowledge that the program is being installed on the computer. Adware is typically used to track the computer user’s browsing habits so that ads can be specifically geared towards them. A great example of adware is gator.com. Gator.com fills in web forms, but it is one of the most aggressive adware programs out there. Not only does it bog you down with advertisements, it also bogs down your computer by stealing disk space, memory, CPU time, etc.
Adware also includes tracking cookies (see cookies below).
BACKDOOR SANTA: Okay, so you download something off of the internet that you can really use. The problem with this particular program, however, is that while you may able to use it, the program is busy collecting statistics of your computer use, the sites you visit, what you purchase, etc. When it installs this programs (without your knowledge), it also opens a door for other threats to get in. You will have no idea this is going on; no pop-ups, no extra advertising. A couple of examples of Backdoor Santa programs include Alexa and Hotbar. If you see one of these toolbars unexpectedly show up in your browser, go into Add/Remove Programs and remove it immediately; you have been hit by a Backdoor Santa.
BHO: A Browser Helper Object is a program that runs automatically when you open your browser. While some BHO’s are useful (Adobe Acrobat is one; it has a plugin enabling you to read PDF files), there are many BHO’s that take over your home page and then direct you to adult sites, or sites that are loaded with spyware.
There are trojans that use BHO’s to change, add or delete registry settings and download executable files, all unbeknownst to you. The result is a very slow computer, and it’s slow because it has been hijacked through a Browser Help Object.
BLENDED THREAT: A blended threat is an attack that seeks to make the most damage and highest speed of toxicity by mixing up different threats. A blended threat will use the characteristics of both a virus and a worm, for example, and takes advantage of a computer’s vulnerability. A blended threat might send a virus via an e-mail attachment, coupled with a Trojan Horse that will cause serious harm to a user’s computer. Nimda (admin spelled backwards) was a huge blended threat (virus/worm) and spread itself through e-mail, jeopardized websites, among other things. It became the internet’s most widespread blended threat.
BOTNETS: Botnets are a group of computers that are connected to the internet and have been taken over by hackers. The hacker is in charge of all of the computers and they behave like a “robot network” (hence the term “botnet”). The hacker who has taken over a network (small or large) can then use all of these computers to infect other computers with viruses, distribute any kind of malware, or use it to inflict any number of malicious activities.
BROWSER HIJACKER: A couple of months ago my daughter was doing some research for one of her classes and went to Google to type a search term in. She was automatically redirected to another site. And another. She couldn’t even get back to Google; she had to close out her browser.
Her computer had been hijacked. A browser hijacker redirects a computer’s usual browser settings to those of their customers’ websites and can also add their favorites to your own. The hijacker writes external code that will change your home page to one of their choosing, in addition to changing registry settings so that even if you manually change your home page back, it will automatically revert itself to the hijacker’s hope page choice.
The hijacker sometimes plants a special file that redirects your computer to one of their choosing, such as an adult site or a sponsored search.
When I went to get rid of this thing that my daughter had contacted, I found that the hijacker would not let me open any of her anti-spyware programs, and would not let me access any page to download anything to get rid of it. I ended up doing quite a few things to get rid of it; it had compromised her system pretty badly.
COMPUTER VIRUS: Computer viruses are programs that are written to intentionally infect and destroy your computer. Executable files are the easiest way for a virus to get into your system. A virus is inactive until it is activated, i.e. running an infected file or starting a computer with a disk that is already infected. A virus runs the gamut of making your computer behave oddly all the way to erasing your hard drive. Viruses do not infect zip files, unless the zipped file was infected before it was zipped (compressed). Viruses sometimes copy themselves to infect other computers, thus the virus grows. Every program that is infected is in effect acting as its own virus, causing the virus to spread.
COOKIES: No, don’t think chocolate chip. Cookies (on computers) are small files that are downloaded to your computer to send information back to its website. They are normally a good thing. Let’s say you are an eBay user. You would normally have to log in every time you go to your account if it weren’t for the small cookie that has been placed on your system. By having that cookie, your computer is saying,”Okay, we’ve been here before, it’s safe to go here again, we don’t have to provide ID”, thereby eliminating the annoying always-have-to-log-in situation.
Here’s the however.
However, certain websites place their cookies (called Adware tracking cookies) on your system that send information to them regarding your online activities and then send that information over to their parent company, all without your knowledge. The information on the websites you visit allows them to display advertisements that attract your interest.
Tracking cookies are not necessarily dangerous, they just slow down your system a lot; you could even find yourself receiving pop-up ads even when you aren’t on the internet.
DIALERS: Dialers are pieces of software that get installed on your computer and have the ability to make phone calls from your modem without the user’s knowledge or consent. They connect your computer to other computers (usually pornographic) through your telephone line and are usually pay-per-call, so you are charged the whole time you are connected.
GRAYWARE: I hadn’t even heard of this one. If an application is classified as annoying or objectionable, yet it isn’t considered to be dangerous or as serious as malware, it is called Grayware. Grayware can encompass Adware or dialers; they are pretty much programs that have been written solely to harm someone’s computer. (What possible enjoyment do these people get from hurting my computer? Do they sit around and laugh about “all of these people who are probably not using their computer right now because of us”? Seriously, don’t these virus/malware program writers have anything else to do? I digress.)
KEYLOGGERS: “The World’s Best Keylogger! Capture every keystroke guaranteed! Secretly record everything on your computer!” Yeah, that’s all fine and good if you think your kid is logging in hours in the internet on some sites he’s not supposed to; some companies use them to monitor their employees’ activities. Unfortunately that isn’t the only thing keylogging is about.
A keylogger is software designed to record everything typed into a computer – passwords, user id’s, e-mail addresses, credit card numbers, etc. It can be installed the same way any piece of spyware or malware can be done. You can get it by going to certain websites, or you may download a file that has a keylogger attached and you probably won’t even notice it. Without your knowledge someone is watching every keystroke you make.
MALWARE: Malware (short for malicious software) is software designed to invade a computer without the owner’s consent. Malware encompasses viruses, worms, trojan horses, and spyware. In short, it is the general term for all malicious software.
PHISHING: Phishing is email fraud, plain and simple. I don’t know if you ever get that occasional e-mail from a poor misguided underprivileged soul needing “only $10,000”; that’s Phishing. Most Phishing e-mails look pretty legitimate. “Banks” will send e-mails reporting of fraudulent schemes and ask for private banking information that “will help them determine if you have been a victim” and redirect you to a fraudulent site where any information that is given to that site is sent to the attacker. I once got an eBay e-mail informing me that “suspicious account activity” and that I needed to log in and check my account. I am usually on top of things and knew this was bogus and reported the e-mail to eBay. Had I clicked on the link provided, I would have been redirected to the attacker’s site of choice, not eBay. The lists of Phishing scams are endless.
SPYWARE: Spyware is tracking software that hides itself and gathers information without the computer user’s knowledge or permission. Spyware collects personal information, redirects a user to websties that have viruses or forward browsing preferences on to a thrid party. Spyware is just what it says: It “spies”.
STALKING HORSE: Stalking Horses are bundled into many popular programs and are often presented as additional software that you need. The Stalking Horse then sends ad networks send ads to your computer.
TROJAN HORSE: A trojan horse is a highly damaging program that can wreak havoc on your computer. The difference between trojan horses and viruses is that a trojan horse, unlike a virus, does not copy itself; rather, it disguises itself as a legitimate program and has destructive code built in so as to destroy a computer system without the user’s knowledge.
WORM: A program that makes copies of itself over a network, using a computer’s resources, shutting down systems, as well as damaging and compromising the computer’s security.
I hope this guide gave you a better understanding of all of the lovely computer hazards we all face. It is quite daunting out there! In Part 2 of this series I will give you ways to protect yourself, as well as non-failing programs that will rid you of most of this garbage.
So be safe – it’s a jungle out there!