The recent controversy around Pegasus spyware developed by Israeli company NSO group has shed light on the widespread prevalence of software that can hack into computers and steal a user’s information.
Malicious actors use such software to hack into devices and gain access to private information of individuals. This can be then used to not just spy on an individual’s movement but also cybercriminals can also steal their money, files or even identity.
Watch: What is Pegasus spyware? How it steals your information
Before understanding different types, it is critical to get an idea of the history of spyware.
History of spyware
While the term ‘spyware’ only came up in mid-1990s, the type of malicious software was already created much before that. It started with developers tracking usage of programs by adding a spyware component to them. This data was used to sell these programs to advertisers.
Today, there are a wide variety of spyware used not just by companies and advertisers but also spammers and scammers. The rapid advancement in cybersecurity technologies has brought about highly sophisticated software that can find loopholes in even encrypted apps and software to hack devices.
Types of spyware used by hackers
Infostealers: This type of spyware scans infected devices to steal personal information like usernames, passwords, browsing histories, personal documents and files. Infostealers generally exploit browser vulnerabilities. Infostealer software add extra fields to web-based forms using “injection scripts”, which sends your information to the hacker when you submit information on a website.
Keyloggers: Also known as system monitor, this spyware records every keystroke on the keypad. There are hardware-based and software-based keyloggers that record your keypad activity in real time or during active sessions. While hackers may use them to record login details, financial credentials, search history and conversations on social media apps, keyloggers are also used by monitor employee activity. Some parental control software can also use keyloggers.
Password Stealers: Specifically programmed to extract login credentials, password stealers work like infostealers on infected computers and phones. Instead of stealing your password when you type, this spyware gets attached to your browser and steals all passwords saved on the device. Password stealers came to prominence in 2012.
Banker Trojans: As the name suggests, Banker Trojans can steal private credentials stored or used in online banking systems. Once hackers gain access, they can reroute transactions, alter their value and even make addition transactions. Banking institutions and financial firms are often the targets of such spyware.