Features and prevention methods of gray software in network security

With the proliferation of viruses, worms, Trojans, backdoors, and mixed threats, attacks against new vulnerabilities are generated much faster than before, while social engineering) traps have also become a major focus of new attacks. Attacks with social engineering traps include spyware, network fraud, email-based attacks, and malicious Web sites. These attacks are often disguised as legitimate applications and email information. They are designed to trick users into exposing sensitive information, downloading and installing malicious programs. Traditional security devices are hard to block, advanced detection and security technologies are often required. This article focuses on the features and protection methods of gray software.

1. What is gray software?

Gray software is a general term. It is a type of software installed on a computer to track or report specific information to a specific target. These software is usually installed and executed without being permitted. Many gray software can quietly complete their work when they need to download and run applications, such as tracking computer usage and stealing privacy. When a large number of mail viruses become headlines every month, users may be aware of the risks of opening uncertain emails. However, for gray software, users do not need to open attachments or execute infected programs. Simply accessing websites using this technology will become victims of the gray software. Many gray software only generate junk information, such as pop-up windows. It is true that there is a clear distinction between "harmless" gray software and attacks that steal valuable information such as credit card accounts, passwords, and ID card numbers.

Gray software often comes from the following behaviors: (1) Download shared software, free software, or other forms of file sharing; (2) open an infected email; (3) Click the pop-up advertisement; (4) access to an irresponsible or fraudulent website; (5) install trojans.

Gray software is not necessarily malware. The ultimate goal of many gray software programs is to track website visitors to obtain search results for a specific business purpose. Typical symptoms of gray software are slow systems, pop-up advertisements, and homepages directed to other websites, resulting in harassment. However, Hackers often use the gray software technology for other purposes, such as using browsers to load and run certain programs. These programs can publicly access the system, collect information, track keyboard input, modify settings, or create some damages.

Gray software can be divided into the following categories:

(1) advertising software

Advertising software is usually embedded into software that users download and install for free. After installation, the browser window will pop up from time to spread advertisements, interfering with the normal use of users.

(2) spyware

Spyware is usually embedded in free software. It can track and analyze user behaviors, such as users' habits of Browsing webpages. The tracking information will be returned to the author's website for record and analysis. It will change the computer performance.

(3) dialing software

Dial-Up software is a gray software that controls the Modem of a computer. These programs usually call long-distance calls or call expensive phone numbers to generate revenue for hackers.

(4) joke software

The joke software modifies the system settings, but does not destroy the system. For example, you can modify the system mouse or Windows background image, and some game software is usually a joke or prank.

(5) Point-to-Point Software

Point-to-Point Software (P2P) can complete file exchange. It may be legal to use it to accomplish business goals. It is often illegal to use it to exchange illegal music, movies, and other files.

(6) keyboard record software

Keyboard records may be one of the most dangerous gray software. These programs can capture keyboard input and obtain the user name, password, and credit card number for Email, chat, and instant messaging.

(7) hijacking software

It can modify some browser settings to change users' interests, such as homepage, favorites, or menu. You can even modify the DNS settings to redirect the DNS to a malicious DNS server.

(8) plug-ins

The plug-in Adds code or new features to existing programs to control, record, and send browsing preferences or other information to external addresses.

(9) network management software

It is a gray software designed for malicious purposes. It can change network settings, destroy network security, or cause other network damages. Remote Management tools allow external users to remotely control, change and monitor computers on the network.

(10) BHO

BHO is installed as a DLL file of common software and can control the behavior of Internet Explorer. Not all BHO objects are malicious, but they have the ability to track browsing preferences and collect other information.

(11) toolbar

It can modify the toolbar features of a computer, monitor the habits of browsing the Web page, send information to developers, or change the host function.

(12) download the gray Software

It secretly downloads and installs other software without your knowledge. These programs are usually run during startup and can install AD software, dial-up software, and other malicious code.

1 2 3 Next Page

[Content navigation]
Page 7: What is gray Software	Page 1: Symptoms of gray Software
Page 7: protection methods of gray Software