Browse Definitions :

Top 10 spyware threats

What are the top 10 spyware threats?

The top 10 spyware list describes the 10 common spyware threats behind famous spyware attacks and is frequently identified by Webroot's Spy Audit, a free spyware scanner tool.

What is spyware?

Spyware is a term that refers to malicious software that is purposely designed to access a computer and record its activity. Spyware can track and record a user's browsing habits, login credentials, passwords, etc. The spyware author uses the information obtained in this data breach to engage in fraudulent activity, or sell it to a third party.

Visit our spyware feature page to learn more about this problem and how to beat it.

types of spyware
This chart describes four different types of spyware: adware, keyboard loggers, Trojans and mobile spyware.

The top 10 spyware threats

The top spyware threats facing organizations today include:

1. Advanced Keylogger

Advanced Keylogger, a keystroke logger, monitors keystrokes and takes screenshots.

2. CoolWebSearch (CWS)

CoolWebSearch (CWS) is a software suite used to exploit Internet Explorer (IE) vulnerabilities and may hijack a user's web searches, homepage and other IE settings. CWS spyware is known to rewrite search engine results, modify the infected device's host file to redirect DNS lookups and direct traffic to advertisements.

3. FinSpy (aka FinFisher)

FinSpy, or FinFisher, is an advanced suite of surveillance tools sold to law enforcement and intelligence agencies. FinSpy works on Windows, macOS, Linux, Android and iOS operating systems. Its capabilities vary depending on the platform. Law enforcement, intelligence agencies, and threat actors often use FinSpy to secretly turn on microphones to record conversations, switch on cameras, record and transmit images, transmit key logs in real time, modify files and much more.

4. Gator (GAIN)

Gator is a type of adware that may display banner advertisements based on user web surfing habits. Gator is often bundled with numerous free software programs and pirated applications. Gator monitors online user behavior and targets them with personalized ads.

5. GO Keyboard

GO Keyboard is a virtual Android keyboard app that masquerades as a legitimate mobile application. Once installed on an Android device, GO Keyboard transmits personal information to its remote servers without explicit consent from users.

Information shared by GO Keyboard spyware includes:

  • Android OS version
  • Device model and screen size
  • Google account email address
  • International Mobile Subscriber Identity (IMSI)
  • Location
  • Network type
  • Preferred language
  • Social media interactions

GO Keyboard executes code from a remote server to breach Google Play privacy policies.

6. HawkEye

HawkEye, a keylogger virus, was dormant for years but returned during the early days of the COVID-19 pandemic. Infected machines track key logs and other inputs and share this information with a remote server.

New versions of HawkEye are increasingly difficult to detect due to exceptional anti-detection features. A recent version took the form of a spyware email threat pretending to be an alert from the director-general of the World Health Organization. This social engineering attack encouraged users to download a (malicious) attachment to access information about COVID-19 and the vaccine.

7. HuntBar

HuntBar is a Trojan application that hijacks web browser settings and downloads and installs adware without the user's knowledge. Also known as Adware.Websearch or WinTools, HuntBar tracks browsing behavior, redirects web traffic to affiliate websites, forcefully displays advertisements and installs more spyware programs and toolbars on IE.

8. Look2Me

Look2Me is spyware that tracks user behavior, website logs and social media interactions and shares this information with a remote server. The information is then used to show intrusive advertisements. Look2Me spyware also downloads and installs various add-ons, extensions, toolbars and other unwanted programs on a user's computer. This makes the spyware threat more dangerous than traditional adware. Removing Look2Me is difficult because of its rootkit-type functionality.

9. Pegasus

NSO Group's Pegasus spyware is one of the latest spyware threats making headlines. Although Pegasus was initially developed to fight terrorism, evidence suggests that many clients use Pegasus to spy on journalists, political activists, political opponents and almost anyone the client desires. The governments in France, Hungary, India, Saudi Arabia, United Arab Emirates, the United Kingdom and the United States are known to have used Pegasus spyware.

10. PhoneSpy

PhoneSpy is an example of a spyware virus that pretends to be a mobile application to gain access to and infect Android mobile devices. This approach allows threat actors to remotely control mobile devices and steal data. Mobile applications with PhoneSpy aren't available on Google Play Store, so it's believed to spread through social engineering attacks and third-party platforms.

See also: Top 10 types of information security threats for IT teams, 10 ways to prevent computer security threats from insiders and top 4 mobile security threats and challenges for businesses.

This was last updated in May 2022

Continue Reading About Top 10 spyware threats

  • subnet (subnetwork)

    A subnet, or subnetwork, is a segmented piece of a larger network. More specifically, subnets are a logical partition of an IP ...

  • Transmission Control Protocol (TCP)

    Transmission Control Protocol (TCP) is a standard protocol on the internet that ensures the reliable transmission of data between...

  • secure access service edge (SASE)

    Secure access service edge (SASE), pronounced sassy, is a cloud architecture model that bundles together network and cloud-native...

  • cyber attack

    A cyber attack is any malicious attempt to gain unauthorized access to a computer, computing system or computer network with the ...

  • digital signature

    A digital signature is a mathematical technique used to validate the authenticity and integrity of a digital document, message or...

  • What is security information and event management (SIEM)?

    Security information and event management (SIEM) is an approach to security management that combines security information ...

  • product development (new product development)

    Product development -- also called new product management -- is a series of steps that includes the conceptualization, design, ...

  • innovation culture

    Innovation culture is the work environment that leaders cultivate to nurture unorthodox thinking and its application.

  • technology addiction

    Technology addiction is an impulse control disorder that involves the obsessive use of mobile devices, the internet or video ...

  • organizational network analysis (ONA)

    Organizational network analysis (ONA) is a quantitative method for modeling and analyzing how communications, information, ...

  • HireVue

    HireVue is an enterprise video interviewing technology provider of a platform that lets recruiters and hiring managers screen ...

  • Human Resource Certification Institute (HRCI)

    Human Resource Certification Institute (HRCI) is a U.S.-based credentialing organization offering certifications to HR ...

Customer Experience
  • contact center agent (call center agent)

    A contact center agent is a person who handles incoming or outgoing customer communications for an organization.

  • contact center management

    Contact center management is the process of overseeing contact center operations with the goal of providing an outstanding ...

  • digital marketing

    Digital marketing is the promotion and marketing of goods and services to consumers through digital channels and electronic ...