An A-Z guide to the technical terms used in digital security
A type of web browser plug-in used to gain additional functionality.
Toolbars tend to be associated with adware programs, as they are often bundled together.
A plain text file containing a unique ID and browsing information related to the user, which is constantly updated during an active browsing session, in order to track the user's browsing habits.
Tracking cookies are generally used by websites to determine the pages and advertisements a user has seen or any other activity performed during the last visit on that particular website. This allows websites to 'recreate and continue' any activity from the previous visit - for example, a visitor who's seen Ad A on the first visit is next shown Ad B at the next visit - and helps provide the visitor with a seamless browsing experience.
Different websites can share tracking cookies, and each website with the same tracking cookie can read the information and write new information into it. Websites that use tracking cookies continue to recreate cookies in the browser's cache at each visit.
One potential issue with tracking cookies involves privacy, as not all users care to have their web browsing activity tracked in this manner. Current versions of popular web browsers include options to empty the browser cache folder when the application is closed.
Software that monitors user behavior or gathers information about the user.
Trackware is considered a security concern because the information gathered may include personally identifiable details. Once gathered, the collected information may be forwarded to a remote server. This type of information gathering may be objectionable if the user is unaware it is happening and/or has not authorized it.
Trackware is most commonly associated with programs dealing with advertising (adware). They are also often distributed bundled together with other, legitimate programs.
Also known as a trojan horse program, this is a deceptive program that performs additional actions without the user's knowledge or permission. It does not replicate.
Trojans were named after the Trojan Horse of Greek legend, and are sometimes referred to as Trojan Horse programs.
Quite often, the trojan will have, or pretend to have, a functionality that offers a useful service to the user - a screensaver, a utility program, a service pack or application update and so on - in order to encourage the user to run the file. While the legitimate action is executing, the trojan silently performs its unauthorized routines in the background.
The effects of a trojan's payload on a computer system can range from mildly annoying pranks (like changing desktop icon positions), to serious, user-inhibiting functions (like disabling the keyboard or mouse) to critically destructive actions (like erasing files or stealing data). Trojans can cause significant damage by stealing financially sensitive data such as bank account credentials, or personal information that could be used for identity theft.
There are numerous types of trojans, which may be categorized based on the malicious action(s) they perform.
For more information, see the article Trojans.
The type 'Trojan-Clicker' was formerly used by F-Secure to identify a trojan that remains resident in system memory and continuously or regularly attempts to connect to specific websites. This is done to inflate the visit counters for those specific pages.
The purpose of a trojan-clicker is to either earn money for appearing to drive traffic to specific sites (fraud) or to drain the budget of a competitor (attack) by artificially inflating the referrals that are paid for.
With changes in the threat landscape, programs previously identified as ' Trojan-Clickers' would now be classified as 'Trojans'.
A type of trojan that, once installed on computer, silently downloads files from remote web and FTP sites.
Once downloaded, the trojan-downloader quietly installs itself, connects to a remote server to download, install and runs other files on the infected computer. Once its primary download/execution routine is completed, the downloader may proceed to a secondary payload routine.
A type of trojan that drops one or more malware onto a system.
Unlike a trojan-downloader, which must retrieve other files from a website or server, a trojan-dropper will contain the other files already compressed within its own body.
In many cases, trojan-droppers also contain innocent files or multimedia files that are shown to the user to disguise malicious activities. In the meantime, the dropper silently installs and runs the other programs it carries.
A type of trojan that, once installed, allows an attacker to use the infected computer as a proxy to connect to the Internet.
Trojan-proxies are often used by hackers to hide the location of the original host from any investigating authorities, as the connection can only be traced back to the computer where the trojan is installed.
Trojan-PSW or Trojan-PWS
A Trojan-PSW or Trojan-PWS is similar to a trojan-spy, but is geared towards monitoring the user's activities in order to steal account login details, including passwords (the PSW stands for password).
Such malware typically go after bank or finance-related accounts, as well as social media accounts. Some of these malware may also include spying and data-stealing routines.
This type of trojan will often use a keylogging compoenent to record keystrokes entered into the computer or device. Once the required data is gathered, the malware forwards it to a remote website or server.
A type of trojan that monitors the user's activities on an infected computer.
A trojan-spy has a wide range of capabilities, including performing keylogging, monitoring processes on the computer and stealing data from files saved on the machine.