Which type of malware pretends to be a useful program but collects user information for a remote attacker?

The type of malware that pretends to be a useful program while specifically collecting user information for a remote attacker is spyware. Spyware is designed to secretly gather information about a user, such as browsing habits, login credentials, and other personal data, often without their knowledge or consent. It can be bundled with legitimate software, leading users to believe they are installing a helpful application when, in fact, they are introducing malicious code that tracks and transmits their information to an external party.

In contrast to spyware, worms and viruses are primarily focused on self-replication and spreading across networks or systems, rather than the stealthy collection of personal data. Rootkits, on the other hand, are intended to hide the existence of certain processes or programs from normal methods of detection, primarily allowing other malicious activities to be concealed rather than actively gathering user information. Therefore, spyware is the most accurate descriptor for malware that masquerades as a useful application while stealing data for an attacker.