As with other things in life, there are no absolutes. There's always something in the middle that can either be good or bad depending on the circumstances surrounding it. The same is true in software. As there are benign and malicious programs, there are also programs that are walking the thin line between the two. They are called riskware.

Riskware are computer programs that possess features that have the potential to be dangerous. What makes this software dangerous lies in the motivation of the person behind it and/or its possible effect on the user.

Think of a gun. If a person's motivation is to use that gun to kill someone then that gun becomes a dangerous weapon, but in the hands of the police, it becomes an effective tool to maintain peace and order. We all know that when a gun is used, its effect on the one being shot might be deadly. Also, just brandishing or pointing the gun will already have an effect. A person at the end of the barrel might react in a way that will prove to be detrimental.

Classification of Riskware

Riskware is usually classified based on its function or behavior. The following are the common types of riskware:

Hacker tools


Spyware is software that collects information without the victim's knowledge. It can easily be classified as an information stealer because of its functionality. But the main difference it has with malicious information stealers is that spyware is packaged as commercial software. It is purchased and used by someone who has physical access to or owns the computer system where it is installed. For example, it can be used by a parent who wants to monitor a child's activity while on the computer or by someone who wants to spy on a spouse's online activities.

The use of spyware clearly violates the victim's privacy, and in some states is illegal. But in some cases, the use of spyware is acceptable as long as the monitored user is aware of this. An example of this is an office setting wherein the employees are made aware that their online activities are being recorded by the company every time they use company systems.


Adware is riskware that displays ads in the form of pop-ups. Some adware comes preloaded with ads to be displayed, while some track users' online browsing behavior and displays ads based on their tracked behavior.

Aside from it being a nuisance because of the number of pop-up ads that appear, causing disruption to the user, it invades the privacy of the users by monitoring online activities to produce targeted ads.

Hacker Tools

Hacker tools are system admin tools in the wrong hands. For example, network security tools used to map and secure the network can be used by hackers to map a target network. Again, going back to the gun analogy, it is the motive behind the use of the tools.


A joke program is a program that is not really malicious but its effect on the user is what makes it dangerous. It might cause the user to do something to the system. For example, a joke program that displays a message saying that the computer has been destroyed and needs formatting might convince the user enough to actually format the drive. It sounds funny but the effect can be significant, especially if the syatem being formatted contains important data or is a critical system within the company.

Another classic example is Microsoft Sysinternal's Blue Screen of death (BSOD) screensaver on a server. If someone had no idea that it is just a screen saver and saw it in a server, that sys admin might be alarmed and reboot the server in an attempt to fix it.

This is an excerpt from: Malware, Rootkits & Botnets A Beginner's Guide

Learn how to improve the security posture of your organization and defend against some of the most pervasive network attacks. Malware, Rootkits & Botnets A Beginner's Guide explains the nature, sophistication, and danger of these risks and offers best practices for thwarting them.

After reviewing the current threat landscape, the book describes the entire threat lifecycle, explaining how cybercriminals create, deploy, and manage the malware, rootkits, and botnets under their control. You'll learn proven techniques for identifying and mitigating these malicious attacks. Templates, checklists, and examples give you the hands-on help you need to get started protecting your network right away.

A reader says, "This book demystifies the complexities of a very critical topic anyone with a computer or device must know. The book takes the reader into a journey of understanding the world of malware, rootkits and botnets. The good part about this journey is that there is no experience required. It is a very easy read and you won't get stumped or trapped in technical jargon. Instead, the book explains these jargons so you can carry a very intelligent conversation about malware with industry experts."

Reader Ricardo A Dionisio says, "Very nice book. Was able to really comprehend the basic of the "new threats" on the digital world. Christopher is very knowledgeable on this field. Will look forward on new books from this author. A++."

For more information click here

Learn more at

More Windows Administration Information:
• Botnets - What Are They?
• How to Remove Virus Without Internet Access
• DriveLock Hard Drive Protection
• Smart Card
• Root Kit - The Hackers Backdoor to Your Computer
• Guide to Selecting the Right Spyware Removal Tool
• Top Features to Look for in Antivirus Software
• Remove Stubborn Malware Infection With McAfee Labs Stinger
• The Complete Malware Prevention, Protection, and Removal Guide
• Avoid the Indigestion of Cookies