Spyware is any software with malicious behavior that aims to gather information about a person or organization and send it to another entity in a way that harms the user by violating their privacy, endangering their device's security, or other means. This behavior may be present in malware and in legitimate software. Websites may engage in spyware behaviors like web tracking. Hardware devices may also be affected.
Scareware is a form of malware which uses social engineering to cause shock, anxiety, or the perception of a threat in order to manipulate users into buying unwanted software. Scareware is part of a class of malicious software that includes rogue security software, ransomware and other scam software that tricks users into believing their computer is infected with a virus, then suggests that they download and pay for fake antivirus software to remove it. Usually the virus is fictional and the software is non-functional or malware itself. According to the Anti-Phishing Working Group, the number of scareware packages in circulation rose from 2,850 to 9,287 in the second half of 2008. In the first half of 2009, the APWG identified a 585% increase in scareware programs.
AVG AntiVirus is a line of antivirus software developed by AVG Technologies, a subsidiary of Avast, a part of Gen Digital. It is available for Windows, macOS and Android.
Norton Internet Security, developed by Symantec Corporation, is a discontinued computer program that provides malware protection and removal during a subscription period. It uses signatures and heuristics to identify viruses. Other features include a personal firewall, email spam filtering, and phishing protection. With the release of the 2015 line in summer 2014, Symantec officially retired Norton Internet Security after 14 years as the chief Norton product. It was superseded by Norton Security, a rechristened adaptation of the Norton 360 security suite.
WinFixer was a family of scareware rogue security programs developed by Winsoftware which claimed to repair computer system problems on Microsoft Windows computers if a user purchased the full version of the software. The software was mainly installed without the user's consent. McAfee claimed that "the primary function of the free version appears to be to alarm the user into paying for registration, at least partially based on false or erroneous detections." The program prompted the user to purchase a paid copy of the program.
AntiVirus Gold is rogue software developed by ICommerce Solutions S.A. that poses as a legitimate antivirus program. It attempts to persuade users to buy the software by displaying ads and other nagware. It is believed that the name of the program is an attempt at social engineering to confuse people about the legitimate program AVG Anti-Virus.
Christopher Boyd, also known by his online pseudonym Paperghost, is a computer security researcher.
Rogue security software is a form of malicious software and internet fraud that misleads users into believing there is a virus on their computer and aims to convince them to pay for a fake malware removal tool that actually installs malware on their computer. It is a form of scareware that manipulates users through fear, and a form of ransomware. Rogue security software has been a serious security threat in desktop computing since 2008. An early example that gained infamy was SpySheriff and its clones, such as Nava Shield.
SpySheriff is malware that disguises itself as anti-spyware software. It attempts to mislead the user with false security alerts, threatening them into buying the program. Like other rogue antiviruses, after producing a list of false threats, it prompts the user to pay to remove them. The software is particularly difficult to remove, since it nests its components in System Restore folders, and also blocks some system management tools. However, SpySheriff can be removed by an experienced user, antivirus software, or by using a rescue disk.
HitmanPro is a portable antimalware program, which aims to detect and remove malicious files and registry entries related to rootkits, trojans, viruses, worms, spyware, adware, rogue antivirus programs, ransomware, and other malware from infected computers.
The Zlob Trojan, identified by some antiviruses as Trojan.Zlob, is a Trojan horse which masquerades as a required video codec in the form of ActiveX. It was first detected in late 2005, but only started gaining attention in mid-2006.
Privacy-invasive software is software that violates the user's privacy, ranging from legitimate software to malware. Privacy-invasive software is a category of software that ignores its users' right to be left alone and that is distributed with a specific intent, often of a commercial nature, which negatively affects its users.However, the software does not only "ignore" security checks, protocols and procedures, but is engineered to forcibly or stealthily attack mechanical, manual or automated systems and gain operational control of the systems put in place so that they easily gain access to any and all information in and about a system and reads it back to the attacker.
VirusHeat is malware that disguises itself as a legitimate anti-virus program. VirusHeat tricks users into buying the full version of the program through repeated false alerts and popups, purporting to alert the user that there is a system error or they are infected, and must buy the full version to remove. It was launched on February 8, 2008.
Microsoft Security Essentials (MSE) is a discontinued antivirus software (AV) product that provides protection against different types of malicious software, such as computer viruses, spyware, rootkits, and Trojan horses. Prior to version 4.5, MSE ran on Windows XP, Windows Vista, and Windows 7, but not on Windows 8 and later versions, which have built-in AV components known as Windows Defender. MSE 4.5 and later versions do not run on Windows XP. The license agreement allows home users and small businesses to install and use the product free of charge.
Personal Antivirus is rogue anti-virus software created by a company named Innovagest, and is related to other rogue software. It claims to be an anti-virus program, but instead merely displays false warnings about virus and spyware infections, and demands money to clean these infections.
MS Antivirus is a scareware rogue anti-virus which purports to remove virus infections found on a computer running Microsoft Windows. It attempts to scam the user into purchasing a "full version" of the software. The company and the individuals behind Bakasoftware operated under other different 'company' names, including Innovagest2000, Innovative Marketing Ukraine, Pandora Software, LocusSoftware, etc.
Genieo Innovation is an Israeli company, specializing in unwanted software which includes advertising and user tracking software, commonly referred to as a potentially unwanted program, adware, privacy-invasive software, grayware, or malware. They are best known for Genieo, an application of this type. They also own and operate InstallMac which distributes additional 'optional' search modifying software with other applications. In 2014, Genieo Innovation was acquired for $34 million by Somoto, another company which "bundles legitimate applications with offers for additional third party applications that may be unwanted by the user". This sector of the Israeli software industry is frequently referred to as Download Valley.
Malvertising is the use of online advertising to spread malware. It typically involves injecting malicious or malware-laden advertisements into legitimate online advertising networks and webpages. Because advertising content can be inserted into high-profile and reputable websites, malvertising provides malefactors an opportunity to push their attacks to web users who might not otherwise see the ads, due to firewalls, more safety precautions, or the like. Malvertising is "attractive to attackers because they 'can be easily spread across a large number of legitimate websites without directly compromising those websites'."
LizaMoon is a piece of malware that infected thousands of websites beginning in September, 2010. It is an SQL injection attack that spreads scareware encouraging users to install needless and rogue "anti-virus software". Although it does not use new infection techniques, it was initially thought to be notable based on the scale and speed at which it spread, and that it affected some of Apple's iTunes service. LizaMoon was initially reported to the general public by Websense Security Lab.
