Malware spotlight: Badware - Security Boulevard

Malware spotlight: Badware

Introduction: What is badware?

Malware, as the name indicates, is malicious software designed to cause damage to computer systems and networks. Badware is often used as a synonym of malware, but in reality, there are some subtle differences between the two terms. 

While malware is an umbrella term that covers a variety of malicious codes including viruses, Trojan horses, ransomware and backdoors, badware is not necessarily software created to destroy systems. In fact, it is often simply used to collect users’ information for a variety of purposes. 

In some cases, “users may treat badware infection as an annoyance to be dealt with rather than a threat to their (or their company’s) data and computing resources,” says StopBadware, Inc., an anti-malware organization created in 2006. This nonprofit makes an effort to cleanse websites that are tagged as spreading badware by maintaining a catalog of sites that have been reported to distribute badware and continues to warn consumers about “this kind of attack [that] takes advantage of a vulnerability or ‘hole’ in your web browser, a browser plug-in, or other software on your computer.”

Badware, of course, can be also used by cybercriminals to hack or socially engineer a target and eventually use that info to attack with other types of malware options.

What problems can badware bring?

Badware can be bad news for both webmaster and users. This is because it is software that is able to somehow bypass the intended use of a website or connection to arrive to a certain scope. For users, this means a number of issues. 

In the best-case scenario, badware is intrusive and designed mainly to track a user’s moves online to feed information to advertisers and marketing groups. The user will be unknowingly releasing information on his or her (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Daniel Brecht. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/Gt_pfaaqkjc/