Home
HomeGlossarySpyware

Spyware

MITRE ATTACK layer: Collection

ON THIS PAGE

Unlock 442% ROI*

Control all your endpoints in a single platform.

4.6/5
Book a Demo

*Return on investment over three years as per the Total Economic Impact™ (TEI) study by Forrester

Spyware is malicious software designed to silently observe, collect, and exfiltrate data from a target system without user knowledge or consent. Its value isn’t immediate disruption, but persistence and invisibility. Modern spyware focuses less on files and more on identity, behavior, and context.

How is Spyware abused

Attackers deliver spyware via trojanized apps, malicious installers, or zero-click exploits, especially on mobile devices. Instead of loud keylogging, it harvests session cookies, OAuth tokens, clipboard data, and messaging content, blending into normal system and cloud traffic.

Why Spyware matters

Spyware enables long-term surveillance and silent impersonation. Victims can be monitored for months without knowing, allowing attackers to read emails, hijack accounts, commit fraud or gather intelligence often without triggering security alerts. If you’re only looking for malware binaries to find spyware, you’re already late.

Real-world example

NSO Group’s Pegasus (Ongoing)

NSO Group’s Pegasus spyware continues to be identified on the phones of journalists, lawyers, and activists worldwide. In many cases, zero-click infections granted attackers full access to microphones, cameras, call logs, location data, and even encrypted messaging apps. Pegasus infections are difficult to detect because they leave minimal forensic traces and often exploit previously unknown vulnerabilities in mobile OS. Although NSO Group markets Pegasus as a lawful tool intended to combat crime, governments around the world have routinely used it to spy.

Source

Get the full attack repository

Get our entire attack repository in a single, offline-ready PDF guide, featuring 25+ real-world attacks.

Please enter a valid email.Please enter a email.
By clicking 'Download EBOOK', you agree to processing of personal data according to the Privacy Policy.

Related topics

Collection
Malware
Read more
Collection
Man-in-the-Middle Attack
Read more
Collection
Insider Threat
Read more

Additional Resources

Research
Achieve 442% ROI and reduce patching time by 95% — Forrester TEI Report

See how organizations gained 442% ROI and major efficiency improvements with Endpoint Central.

Read more
Security validation
Experience enterprise-grade protection proven in real-world tests — AV-Comparatives Report

Discover how Endpoint Central’s antivirus earned recognition through rigorous, real-world security validation in just eight months.

Read more
Guide
Simplify endpoint security and build cyber resilience — Endpoint Security For Dummies

Get a clear, practical guide to understanding threats and strengthening your organization’s security.

Read more

Trusted by

Unified Endpoint Management and Security Solution
Patch ManagementSoftware DeploymentEndpoint SecurityOS DeploymentAsset ManagementMobile Device MgmtTools & Configurations