Browse Definitions :

Top 10 spyware threats

What are the top 10 spyware threats?

The top 10 spyware list describes the 10 common spyware threats behind famous spyware attacks and is frequently identified by Webroot's Spy Audit, a free spyware scanner tool.

What is spyware?

Spyware is a term that refers to malicious software that is purposely designed to access a computer and record its activity. Spyware can track and record a user's browsing habits, login credentials, passwords, etc. The spyware author uses the information obtained in this data breach to engage in fraudulent activity, or sell it to a third party.

Visit our spyware feature page to learn more about this problem and how to beat it.

types of spyware
This chart describes four different types of spyware: adware, keyboard loggers, Trojans and mobile spyware.

The top 10 spyware threats

The top spyware threats facing organizations today include:

1. Advanced Keylogger

Advanced Keylogger, a keystroke logger, monitors keystrokes and takes screenshots.

2. CoolWebSearch (CWS)

CoolWebSearch (CWS) is a software suite used to exploit Internet Explorer (IE) vulnerabilities and may hijack a user's web searches, homepage and other IE settings. CWS spyware is known to rewrite search engine results, modify the infected device's host file to redirect DNS lookups and direct traffic to advertisements.

3. FinSpy (aka FinFisher)

FinSpy, or FinFisher, is an advanced suite of surveillance tools sold to law enforcement and intelligence agencies. FinSpy works on Windows, macOS, Linux, Android and iOS operating systems. Its capabilities vary depending on the platform. Law enforcement, intelligence agencies, and threat actors often use FinSpy to secretly turn on microphones to record conversations, switch on cameras, record and transmit images, transmit key logs in real time, modify files and much more.

4. Gator (GAIN)

Gator is a type of adware that may display banner advertisements based on user web surfing habits. Gator is often bundled with numerous free software programs and pirated applications. Gator monitors online user behavior and targets them with personalized ads.

5. GO Keyboard

GO Keyboard is a virtual Android keyboard app that masquerades as a legitimate mobile application. Once installed on an Android device, GO Keyboard transmits personal information to its remote servers without explicit consent from users.

Information shared by GO Keyboard spyware includes:

  • Android OS version
  • Device model and screen size
  • Google account email address
  • International Mobile Subscriber Identity (IMSI)
  • Location
  • Network type
  • Preferred language
  • Social media interactions

GO Keyboard executes code from a remote server to breach Google Play privacy policies.

6. HawkEye

HawkEye, a keylogger virus, was dormant for years but returned during the early days of the COVID-19 pandemic. Infected machines track key logs and other inputs and share this information with a remote server.

New versions of HawkEye are increasingly difficult to detect due to exceptional anti-detection features. A recent version took the form of a spyware email threat pretending to be an alert from the director-general of the World Health Organization. This social engineering attack encouraged users to download a (malicious) attachment to access information about COVID-19 and the vaccine.

7. HuntBar

HuntBar is a Trojan application that hijacks web browser settings and downloads and installs adware without the user's knowledge. Also known as Adware.Websearch or WinTools, HuntBar tracks browsing behavior, redirects web traffic to affiliate websites, forcefully displays advertisements and installs more spyware programs and toolbars on IE.

8. Look2Me

Look2Me is spyware that tracks user behavior, website logs and social media interactions and shares this information with a remote server. The information is then used to show intrusive advertisements. Look2Me spyware also downloads and installs various add-ons, extensions, toolbars and other unwanted programs on a user's computer. This makes the spyware threat more dangerous than traditional adware. Removing Look2Me is difficult because of its rootkit-type functionality.

9. Pegasus

NSO Group's Pegasus spyware is one of the latest spyware threats making headlines. Although Pegasus was initially developed to fight terrorism, evidence suggests that many clients use Pegasus to spy on journalists, political activists, political opponents and almost anyone the client desires. The governments in France, Hungary, India, Saudi Arabia, United Arab Emirates, the United Kingdom and the United States are known to have used Pegasus spyware.

10. PhoneSpy

PhoneSpy is an example of a spyware virus that pretends to be a mobile application to gain access to and infect Android mobile devices. This approach allows threat actors to remotely control mobile devices and steal data. Mobile applications with PhoneSpy aren't available on Google Play Store, so it's believed to spread through social engineering attacks and third-party platforms.

See also: Top 10 types of information security threats for IT teams, 10 ways to prevent computer security threats from insiders and top 4 mobile security threats and challenges for businesses.

This was last updated in May 2022

Continue Reading About Top 10 spyware threats

  • network traffic

    Network traffic is the amount of data that moves across a network during any given time.

  • dynamic and static

    In general, dynamic means 'energetic, capable of action and/or change, or forceful,' while static means 'stationary or fixed.'

  • MAC address (media access control address)

    A MAC address (media access control address) is a 12-digit hexadecimal number assigned to each device connected to the network.

  • Evil Corp

    Evil Corp is an international cybercrime network that uses malicious software to steal money from victims' bank accounts and to ...

  • Trojan horse

    In computing, a Trojan horse is a program downloaded and installed on a computer that appears harmless, but is, in fact, ...

  • quantum key distribution (QKD)

    Quantum key distribution (QKD) is a secure communication method for exchanging encryption keys only known between shared parties.

  • benchmark

    A benchmark is a standard or point of reference people can use to measure something else.

  • spatial computing

    Spatial computing broadly characterizes the processes and tools used to capture, process and interact with 3D data.

  • organizational goals

    Organizational goals are strategic objectives that a company's management establishes to outline expected outcomes and guide ...

  • talent acquisition

    Talent acquisition is the strategic process employers use to analyze their long-term talent needs in the context of business ...

  • employee retention

    Employee retention is the organizational goal of keeping productive and talented workers and reducing turnover by fostering a ...

  • hybrid work model

    A hybrid work model is a workforce structure that includes employees who work remotely and those who work on site, in a company's...

Customer Experience
  • database marketing

    Database marketing is a systematic approach to the gathering, consolidation and processing of consumer data.

  • cost per engagement (CPE)

    Cost per engagement (CPE) is an advertising pricing model in which digital marketing teams and advertisers only pay for ads when ...

  • B2C (Business2Consumer or Business-to-Consumer)

    B2C -- short for business-to-consumer -- is a retail model where products move directly from a business to the end user who has ...