Spyware: what is it and what does it do?

July 19, 2021

undefined mins

Cyber takes a look at spyware following recent reports that 50,000 international journalists, lawyers and rights activists were targeted following a leak.

Fifty thousand phone numbers of people believed to be of interest to clients of Israeli surveilance firm NSO have been leaked to major news outlets according to recent reports. The allegations about use of the software, known as Pegasus, were carried by the Washington Post, the Guardian, Le Monde and 14 other media organisations around the world, according to the BBC.

It is not clear where the list came from or whose phones had actually been hacked and NSO denies any wrongdoing. It says the software is intended for use against criminals and terrorists and is made available only to military, law enforcement and intelligence agencies from countries with good human rights records.

In a statement, it said the original investigation which led to the reports, by Paris-based NGO Forbidden Stories and the human rights group Amnesty International, was "full of wrong assumptions and uncorroborated theories".

Pegasus infects iPhones and Android devices to enable operators to extract messages, photos and emails, record calls and secretly activate microphones. Forensic tests on a few phones with numbers on the list indicated more than half had traces of the spyware.

What is spyware?

According to cybersecurity giant Kaspersky, spyware is loosely defined as malicious software designed to enter your computer device, gather data about you, and forward it to a third-party without your consent. Spyware can also refer to legitimate software that monitors your data for commercial purposes like advertising. However, malicious spyware is explicitly used to profit from stolen data.

Whether legitimate or based in fraud, spyware’s surveillance activity leaves you open to data breaches and misuse of your private data. Spyware also affects network and device performance, slowing down daily user activities.

All spyware peeks into your data and all your computer activity, whether authorised or not. However, many trusted computer services and applications use 'spyware-like' tracking tools. As such, the spyware definition is reserved mostly for malicious applications nowadays.

Malicious spyware is a type of malware specifically installed without your informed consent. Step-by-step, spyware will take the following actions on your computer or mobile device:

Infiltrate - via an app install package, malicious website, or file attachment.

Monitor and capture data - via keystrokes, screen captures, and other tracking codes.

Send stolen data - to the spyware author, to be used directly or sold to other parties.

In short, spyware communicates personal, confidential information about you to an attacker.

The information gathered might be reported about your online browsing habits or purchases, but spyware code can also be modified to record more specific activities.

Data compromised by spyware often includes collecting confidential info such as: