The first recorded use of the term spyware occurred on October 16, 1995 in a Usenet post that poked fun at Microsoft's business model.Spyware at first denoted hardware meant for espionage purposes. However, in early 2000 the founder of Zone Labs, Gregor Freund, used the term in a press release for the ZoneAlarm Personal Firewall.
Since then, "spyware" has taken on its present sense. According to a 2005 study by AOL and the National Cyber-Security Alliance, 61 percent of surveyed users' computers had some form of spyware.
92 percent
of surveyed users with spyware reported that
they did not know of its presence, and 91
percent reported that they had not given
permission for the installation of the spyware.As
of 2006, spyware has become one of the
preeminent security threats to computer systems
running Microsoft Windows operating systems.
Computers where Internet Explorer (IE) is the
primary browser are particularly vulnerable to
such attacks not only because IE is the most
widely-used,[5] but because its tight
integration with Windows allows spyware access
to crucial parts of the operating system.
Before Internet Explorer 7 was released, the
browser would automatically display an
installation window for any ActiveX component
that a website wanted to install. The
combination of user naiveté towards malware and
the assumption by Internet Explorer that all
ActiveX components are benign, led, in part, to
the massive spread of spyware. Many spyware
components would also make use of flaws in
Javascript, Internet Explorer and Windows to
install without user knowledge or permission.
The Windows Registry contains multiple sections
that by modifying keys values allows software to
be executed automatically when the operating
system boots. Spyware can exploit this design to
circumvent attempts at removal.
The spyware
typically will link itself from each location in
the registry that allows execution. Once
running, the spyware will periodically check if
any of these links are removed. If so, they will
be automatically restored. This ensures that the
spyware will execute when the operating system
is booted even if some (or most) of the registry
links are removed.
Trend Micro Inc. defines Spyware as "Spyware is
any piece of software, installed or employed
without a user’s knowledge, that watches, logs,
and reports on that user’s electronic movements.
Spyware can track personal information,
demographic information, and psychosocial
information (e.g., stance on current issues)."
McAfee Inc. Defines Spyware as "Software that
transmits personal information to a third party
without the user's knowledge or consent."
Symantec Inc. does not define Spyware on this
website, but offers the following statement; "Spyware
can be downloaded from Web sites, email
messages, instant messages, and from direct
file-sharing connections. Additionally, a user
may unknowingly receive spyware by accepting an
End User License Agreement from a software
program.
Source:http://en.wikipedia.org/wiki/Spyware