![\"Glossary](\"https:\/\/spyapp.net\/blog\/wp-content\/uploads\/spyapp-blog\/09-adware-spyware-malware-inline-1.png\")
<\/figure>\nMalware<\/strong> (malicious software) is the umbrella term for any software designed to act against the interests of the device’s owner. Everything else in this article is a kind of malware \u2014 or, in adware’s case, sometimes a borderline neighbor of it. When a scan report or a news story says “malware” without qualification, it means “malicious, category unspecified.”<\/p>\n So the real question is never “is it malware or spyware?” \u2014 spyware is<\/em> malware. The useful distinctions are about what the software does<\/strong> and how it gets in<\/strong>.<\/p>\n Spyware<\/strong> collects information about you without informed consent and sends it to someone else. On Android that means reading messages and call logs, tracking location, harvesting contacts and photos, recording audio, logging keystrokes, or capturing the screen \u2014 usually several at once, uploaded quietly in the background.<\/p>\n Spyware’s defining trait is stealth as a feature<\/strong>: it works best when you never notice it, so it hides its icon, disguises its name, and minimizes visible behavior. Its costs still leak out \u2014 battery, data, heat \u2014 which is why the classic detection signs are resource symptoms plus unexplained entries in Accessibility and device-admin settings (our warning-signs guide<\/a> covers all ten).<\/p>\n Stalkerware<\/strong> is spyware’s most personal subspecies: commercial spyware marketed as “monitoring” software and used to surveil a specific person \u2014 typically a partner \u2014 by someone with physical access to their phone. Technically it’s ordinary spyware; practically it’s different in one crucial way: the attacker is someone in your life, which changes how you should respond. Our stalkerware guide<\/a> covers the safety-first approach.<\/p>\n Adware<\/strong> exists to push advertising at you and get paid per view or click. The mild end is annoying but disclosed: a free app with banner ads is just a business model. Adware earns its place in security discussions at the aggressive end:<\/p>\n The line between “monetized app” and “adware” is consent and proportion; the line between adware and spyware is what gets collected. Plenty of apps live in the grey zone, which is why scan verdicts have a middle category: our scanner returns WARNING<\/strong> for exactly this tier \u2014 not provably malicious, but bundling aggressive ad SDKs or requesting data far beyond its purpose.<\/p>\n A trojan<\/strong> is defined not by what it does but by how it arrives: malware disguised as something desirable. On Android the costume is usually an APK \u2014 a “premium unlocked” mod of a paid app, a fake update, a game cheat, a repackaged copy of a famous brand. You install it voluntarily because the disguise worked.<\/p>\n What’s inside varies: spyware, a banking-credential stealer (overlay attacks that paint fake login screens over real banking apps), an SMS fraudster, a dropper<\/strong> (a small clean-looking app that later downloads the real payload), or a RAT<\/strong> \u2014 remote access trojan \u2014 giving an attacker live control. The disguise is the constant; the payload is whatever pays.<\/p>\n This is why source skepticism and certificate checks matter so much: a trojan can copy an app’s icon and interface perfectly, but it can’t copy the developer’s signing certificate \u2014 the check that exposes repackaged fakes in our pre-install routine<\/a>.<\/p>\n PUP<\/strong> \u2014 potentially unwanted program \u2014 is the industry’s diplomatic term for software that’s technically consensual but practically hostile: apps that bury data collection on page 14 of a privacy policy, bundle extras you didn’t ask for, nag relentlessly, or resist uninstallation. Not quite malware by legal definition, not quite legitimate by any human one. Most “cleaner” and “booster” apps live here, promising performance magic Android doesn’t need while collecting whatever they can.<\/p>\n Two famous terms round out the vocabulary. A virus<\/strong> is technically malware that self-replicates by infecting other files \u2014 common in PC history, rare on Android, where the word survives mostly as a synonym for malware in general (“my phone has a virus”). Ransomware<\/strong> encrypts your data or locks your screen and demands payment; it exists on Android but is far less common than on desktops, partly because app sandboxing limits what one app can encrypt, and cloud-synced photos and contacts blunt the leverage.<\/p>\nSpyware: software that watches you<\/h2>\n
Adware: software that monetizes your attention<\/h2>\n
\n
Trojans: defined by the disguise<\/h2>\n
PUPs and the legal grey zone<\/h2>\n
A note on viruses and ransomware<\/h2>\n
Why the categories change what you do<\/h2>\n