Spyware.PasswordStealer is a generic detection for applications that may run in the background and silently collect information about the system, connected users, and network activity.  Spyware.PasswordStealer may attempt to steal stored credentials, usernames and passwords and other personal and confidential information.  This information may be transmitted to a destination specified by the author.  Spyware.PasswordStealer may allow an attacker to install additional software to the infected machine, or may direct the infected machine to participate in a malicious botnet for the purposes of sending spam or other malicious activities.

Spyware is software that is installed on a computing device without the end user’s knowledge. Any software can be classified as spyware if it is downloaded without the user’s authorization. Spyware is controversial because even when it is installed for relatively innocuous reasons, it can violate the end user’s privacy and has the potential to be abused.

Symptoms

Spyware.PasswordStealer may run silently in the background and may not provide any indication of infection to the user.  Spyware.PasswordStealer may also disable Antivirus programs and other Microsoft Windows security features.

Types of spyware

Spyware is not just one type of program. It’s an entire category of malicious software that includes adware, Trojans, keystroke loggers, and information stealing programs.

Adware – Malicious adware is often bundled in with free software, shareware programs and utilities downloaded from the internet, or surreptitiously installed onto a user’s device when the user visits an infected website. Many internet users were first introduced to spyware in 1999 when a popular freeware game called “Elf Bowling” came bundled with tracking software.

Cookies that track and record users’ personal information and internet browsing habits are one of the most common types of adware. An advertiser might use cookies to track what web pages a user visits in order to target advertising in a contextual marketing campaign. For example, an advertiser could track a user’s browser history and downloads with the intent to display pop-up or banner advertisements to lure the user to make a purchase. Because data collected by spyware is often sold to third parties, regulations such as GDPR (General Data Protection Regulation) have been enacted to protect the personally identifiable information (PII) of website visitors.

Keyboard loggers – Keyloggers are a type of system monitor that are often used by cybercriminals to steal personally identifiable information (PII), login credentials and sensitive enterprise data. Keyloggers may also be used by employers to observe employees’ computer activities, parents to supervise their children’s internet usage, users to track possible unauthorized activity on their devices or law enforcement agencies to analyze incidents involving computer use.

Hardware keyloggers resemble a USB flash drive and serve as a physical connector between the computer keyboard and the computer, while software keylogging programs do not require physical access to the user’s computer for installation. Software keyloggers can be downloaded on purpose by someone who wants to monitor activity on a particular computer, or they be downloaded unwittingly and executed as part of a rootkit or remote administration Trojan (RAT).

Trojans – Trojans are typically malicious software programs that are disguised as legitimate programs. A victim of a Trojan could unknowingly install a file posing as an official program, allowing the Trojan to have access to the computer. The Trojan can then delete files, encrypt files for ransom or allow others to have access to the user’s information.

Mobile spyware – Mobile spyware is dangerous because it can be transferred through Short Message Service (SMS) or Multimedia Messaging Service (MMS) text messages and typically does not require user interaction to execute commands. When a smartphone or tablet gets infected with mobile spyware that was sideloaded with a third party app, the phone’s camera and microphone can be used to spy on nearby activity, record phone calls, log browsing activity and keystrokes. The device owner’s location can also be monitored  through GPS or the mobile computing device’s accelerometer.

Anti-spyware tools

Spyware can be difficult to detect; often, the first indication a user has that a computing device has been infected with spyware is a noticeable reduction in processor or network connection speeds and in the case of mobile devices — data usage and battery life. Anti-spyware tools can be used to prevent or remove spyware. Anti-spyware tools can either provide real-time protection by scanning network data and blocking malicious data, or detect and remove spyware already on a system by executing scans.

  • Malwarebytes is an anti-malware/spyware tool which can remove spyware from Windows, macOS, Android, and iOS. Malwarebytes can scan through registry files, running programs, hard drives, as well as individual files. Once a spyware program is detected, a user can quarantine and delete it. However, users can’t set up automatic scanning schedules.
                                      spyware
  • Trend Micro HouseCall is another anti-spyware tool which doesn’t require user installation. Because it doesn’t require an installation, HouseCall uses minimal processor and memory resources, as well as disk space. Users cannot set automatic scans, however.
  • Windows Defender is an anti-malware Microsoft product included in Windows 10 operating system (OS) under Windows Defender Security Center. The software is a lightweight, anti-malware tool that protects against threats such as spyware, adware and viruses. Windows Defender includes multiple features such as Application Guard, Exploit Guard, Advanced Threat Protector and Analytics. Windows Defender users can set automatic “Quick” and “Full” scans, as well as set alerts for low, medium, high and severe priority items.

How do I protect myself from spyware?

To prevent spyware, users should only download software from trusted sources, read all disclosures when installing software, avoid clicking on pop-up ads and stay current with updates and patches for browser , operating system and application software. To reduce the probability of infection, network administrators should practice the principle of least privilege (POLP) and require remote workers to access network resources over a virtual private network (VPN) that runs a security scan before granting access privileges.

The best defense against spyware, as with most malware, starts with your behavior. Follow these basics of good cyber self-defense:

  • Don’t open emails from unknown senders.
  • Don’t download files unless they come from a trusted source.
  • Mouse-over links before clicking on them and make sure you’re being sent to the right webpage.

But as people have gotten smarter about cyber self-defense, hackers have turned to more sophisticated spyware delivery methods, so installing a reputable cybersecurity program is necessary to counter advanced spyware.

Real-time protection automatically blocks spyware and other threats before they can activate on your computer. Some traditional cybersecurity or antivirus products rely heavily on signature-based technology—these products can be easily circumvented, especially by new threats.
You should also look out for features that block the delivery of spyware itself on your machine, such as anti-exploit technology and malicious website protection, which blocks websites that host spyware. The premium version of Malwarebytes has a solid reputation for spyware protection.

For any Cyber Security information contact help@theweborion.com