DNA Explainer: How different types of spyware are used by hackers to steal your information – DNA India


Popularized now by Pegasus the term ‘spyware’ came up in mid-1990s, but the malicious software was already in existence long before.

Stock image | Courtesy: Pexels

Written By

Edited By

Chitresh Sehgal


DNA webdesk

Updated: Jul 28, 2021, 06:19 PM IST

The recent controversy around Pegasus spyware developed by Israeli company NSO group has shed light on the widespread prevalence of software that can hack into computers and steal a user’s information.

Malicious actors use such software to hack into devices and gain access to private information of individuals. This can be then used to not just spy on an individual’s movement but also cybercriminals can also steal their money, files or even identity.

Watch: What is Pegasus spyware? How it steals your information

Also read

Want to check if your phone has been infected with Pegasus spyware? Here’s a way to find out

Before understanding different types, it is critical to get an idea of the history of spyware.

Also read

EXCLUSIVE: Zee investigates NSO Group, Israeli firm which owns ‘Pegasus’ spyware that hacked WhatsApp

History of spyware

While the term ‘spyware’ only came up in mid-1990s, the type of malicious software was already created much before that. It started with developers tracking usage of programs by adding a spyware component to them. This data was used to sell these programs to advertisers.

Today, there are a wide variety of spyware used not just by companies and advertisers but also spammers and scammers. The rapid advancement in cybersecurity technologies has brought about highly sophisticated software that can find loopholes in even encrypted apps and software to hack devices.

Types of spyware used by hackers

Infostealers: This type of spyware scans infected devices to steal personal information like usernames, passwords, browsing histories, personal documents and files. Infostealers generally exploit browser vulnerabilities. Infostealer software add extra fields to web-based forms using “injection scripts”, which sends your information to the hacker when you submit information on a website.

Keyloggers: Also known as system monitor, this spyware records every keystroke on the keypad. There are hardware-based and software-based keyloggers that record your keypad activity in real time or during active sessions. While hackers may use them to record login details, financial credentials, search history and conversations on social media apps, keyloggers are also used by monitor employee activity. Some parental control software can also use keyloggers.

Password Stealers: Specifically programmed to extract login credentials, password stealers work like infostealers on infected computers and phones. Instead of stealing your password when you type, this spyware gets attached to your browser and steals all passwords saved on the device. Password stealers came to prominence in 2012.

Banker Trojans: As the name suggests, Banker Trojans can steal private credentials stored or used in online banking systems. Once hackers gain access, they can reroute transactions, alter their value and even make addition transactions. Banking institutions and financial firms are often the targets of such spyware.