Grayware
Grayware is an umbrella term applied to a wide range of applications that are installed on a user's computer to track and/or report information back to some external source. These applications are usually installed and run without the permission of the user. Some forms of grayware come as Trojan applications that trick users into installing them. Sources of grayware can come from any number of places and activities:
- Downloading shareware, freeware, or other forms of file sharing services
- Opening infected emails
- Clicking on pop-up advertising
- Visiting frivolous or spoofed web sites
- Installing Trojan applications
Not all grayware sources are necessarily malevolent. Web site developers are using newer techniques to track the usage patterns of visitors to offer more customized search results that result in higher sales.
Typically, the symptoms of having grayware installed on a host may be slower performance, more pop-up advertising, web browser home pages being redirected to other sites, etc. Today’s hackers have also learned that grayware techniques can be used to load and run programs that open access, collect information, track keystrokes, modify system settings, or inflict other kinds of damage.
Adware – see Adware
Diallers - are grayware applications that are used to control the PC's modem. These applications are often used to call premium 900 numbers to create revenue for the thief.
Gaming - Gaming grayware applications are usually installed to provide joke or nuisance games.
Joke - Joke grayware are applications that are used to change system settings, but do no damage to the system. Examples include changing the system cursor or Windows' background image.
Peer-to-Peer - P2P grayware are applications that are installed to perform file exchanges. (P2P) While P2P is a legitimate protocol that can be used for business purposes, the grayware applications are often used to illegally swap music, movies, and other files.
Spyware – see Spyware
Key Loggers - are perhaps one of the most dangerous grayware applications. These programs are installed to capture the keystrokes made on a keyboard. These applications can be designed to capture user and password information, credit card numbers, email, chat, instant messages, and more.
Hijacker - are grayware applications that manipulate the Web browser or other settings to change the user's favourite or bookmarked sites, start pages, or menu options. Some Hijackers have the ability to manipulate DNS settings to reroute DNS requests to a malicious DNS server.
Plugins - Plugin grayware applications are designed to add additional programs or features to an existing application in an attempt to control, record,
and send browsing preferences or other information back to an external destination.
BHO - BHO grayware applications are DLL files that are often installed as part of a software application to allow the program to control the behaviour of Internet Explorer. Not all BHOs are malicious, but the potential exists to track surfing habits and gather other information stored on the host.
Toolbar - Toolbar grayware applications are installed to modify the computer's existing toolbar features. These programs can be used to monitor web habits, send information back to the developer, or change the functionality of the host.
Download - Downloaders are grayware applications that are installed to allow other software to be downloaded and installed without the user's knowledge.
These applications are usually run during the start-up process and can be used to install advertising, dial software, or other malicious code.
IPI provide secure networks across the globe. If you would like to learn more about IPI Wide Area Networking products and services, please click here.