This is a list of spyware programs.
These common spyware programs illustrate the diversity of behaviours found in these attacks. Note that as with computer viruses, researchers give names to spyware programs which may not be used by their creators. Programs may be grouped into "families" based not on shared program code, but on common behaviors, or by "following the money" of apparent financial or business connections. For instance, a number of the spyware programs distributed by Claria are collectively known as "Gator". Likewise, programs that are frequently installed together may be described as parts of the same spyware package, even if they function separately.
Adware, often called advertising-supported software by its developers, is software that generates revenue for its developer by automatically generating online advertisements in the user interface of the software or on a screen presented to the user during the installation process. The software may generate two types of revenue: one is for the display of the advertisement and another on a "pay-per-click" basis, if the user clicks on the advertisement. Some advertisements also act as spyware, collecting and reporting data about the user, to be sold or used for targeted advertising or user profiling. The software may implement advertisements in a variety of ways, including a static box display, a banner display, a full screen, a video, a pop-up ad or in some other form. All forms of advertising carry health, ethical, privacy and security risks for users.
Malware is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or which unknowingly interferes with the user's computer security and privacy. Researchers tend to classify malware into one or more sub-types.
Spyware is software with malicious behaviour that aims to gather information about a person or organization and send it to another entity in a way that harms the user by violating their privacy, endangering their device's security, or other means. This behaviour may be present in malware and in legitimate software. Websites may engage in spyware behaviours like web tracking. Hardware devices may also be affected.
In computing, a Trojan horse is any malware that misleads users of its true intent by disguising itself as a standard program. The term is derived from the ancient Greek story of the deceptive Trojan Horse that led to the fall of the city of Troy.
Spybot – Search & Destroy (S&D) is a spyware and adware removal computer program compatible with Microsoft Windows. Dating back to the first Adwares in 2000, Spybot scans the computer hard disk and/or RAM for malicious software.
CA Anti-Spyware is a spyware detection program distributed by CA, Inc. Until 2007, it was known as PestPatrol.
Mobile malware is malicious software that targets mobile phones or wireless-enabled Personal digital assistants (PDA), by causing the collapse of the system and loss or leakage of confidential information. As wireless phones and PDA networks have become more and more common and have grown in complexity, it has become increasingly difficult to ensure their safety and security against electronic attacks in the form of viruses or other malware.
Christopher Boyd, also known by his online pseudonym Paperghost, is a computer security researcher.
Rogue security software is a form of malicious software and internet fraud that misleads users into believing there is a virus on their computer and aims to convince them to pay for a fake malware removal tool that actually installs malware on their computer. It is a form of scareware that manipulates users through fear, and a form of ransomware. Rogue security software has been a serious security threat in desktop computing since 2008. An early example that gained infamy was SpySheriff and its clones, such as Nava Shield.
SpySheriff is malware that disguises itself as anti-spyware software. It attempts to mislead the user with false security alerts, threatening them into buying the program. Like other rogue antiviruses, after producing a list of false threats, it prompts the user to pay to remove them. The software is particularly difficult to remove, since it nests its components in System Restore folders, and also blocks some system management tools. However, SpySheriff can be removed by an experienced user, antivirus software, or by using a rescue disk.
Kaspersky Anti-Virus is a proprietary antivirus program developed by Kaspersky Lab. It is designed to protect users from malware and is primarily designed for computers running Microsoft Windows and macOS, although a version for Linux is available for business consumers.
HitmanPro is a portable antimalware program, which aims to detect and remove malicious files and registry entries related to rootkits, trojans, viruses, worms, spyware, adware, rogue antivirus programs, ransomware, and other malware from infected computers.
Malwarebytes Inc. is an American Internet security company that specializes in protecting home computers, smartphones, and companies from malware and other threats. It has offices in Santa Clara, California; Clearwater, Florida; Tallinn, Estonia; Bastia Umbra, Italy; and Cork, Ireland.
Genieo Innovation is an Israeli company, specializing in unwanted software which includes advertising and user tracking software, commonly referred to as a potentially unwanted program, adware, privacy-invasive software, grayware, or malware. They are best known for Genieo, an application of this type. They also own and operate InstallMac which distributes additional 'optional' search modifying software with other applications. In 2014, Genieo Innovation was acquired for $34 million by Somoto, another company which "bundles legitimate applications with offers for additional third party applications that may be unwanted by the user". This sector of the Israeli software industry is frequently referred to as Download Valley.
Download Valley is a cluster of software companies in Israel, producing and delivering adware to be installed alongside downloads of other software. The primary purpose is to monetize shareware and downloads. These software items are commonly browser toolbars, adware, browser hijackers, spyware, and malware. Another group of products are download managers, possibly designed to induce or trick the user to install adware, when downloading a piece of desired software or mobile app from a certain source.
Onavo, Inc. was an Israeli mobile web analytics company owned by Meta Platforms. The company primarily performed its activities via consumer mobile apps, including the virtual private network (VPN) service Onavo Protect, which analysed web traffic sent through the VPN to provide statistics on the usage of other apps.
A potentially unwanted program (PUP) or potentially unwanted application (PUA) is software that a user may perceive as unwanted or unnecessary. It is used as a subjective tagging criterion by security and parental control products. Such software may use an implementation that can compromise privacy or weaken the computer's security. Companies often bundle a wanted program download with a wrapper application and may offer to install an unwanted application, and in some cases without providing a clear opt-out method. Antivirus companies define the software bundled as potentially unwanted programs which can include software that displays intrusive advertising (adware), or tracks the user's Internet usage to sell information to advertisers (spyware), injects its own advertising into web pages that a user looks at, or uses premium SMS services to rack up charges for the user. A growing number of open-source software projects have expressed dismay at third-party websites wrapping their downloads with unwanted bundles, without the project's knowledge or consent. Nearly every third-party free download site bundles their downloads with potentially unwanted software. The practice is widely considered unethical because it violates the security interests of users without their informed consent. Some unwanted software bundles install a root certificate on a user's device, which allows hackers to intercept private data such as banking details, without a browser giving security warnings. The United States Department of Homeland Security has advised removing an insecure root certificate, because they make computers vulnerable to serious cyberattacks. Software developers and security experts recommend that people always download the latest version from the official project website, or a trusted package manager or app store.
Shedun is a family of malware software targeting the Android operating system first identified in late 2015 by mobile security company Lookout, affecting roughly 20,000 popular Android applications. Lookout claimed the HummingBad malware was also a part of the Shedun family, however, these claims were refuted.
AdGuard is an ad blocking service provided by AdGuard Software Limited with applications for Microsoft Windows, Linux, MacOS, Android and iOS. AdGuard is also available as a browser extension.
It is possible that this spyware is distributed with the adware bundler WildTangent or from a threat included in that bundler.