Mangesh A. Wadibhasme
What is Spyware?
Spyware is a type of malware that's hard to detect. It collects information about your surfing habits,
browsing history, or personal information (such as credit card numbers), and often uses the internet to pass this information along to third parties without you knowing. Key loggers are a type of spyware that monitors your
key strokes.
spyware is mostly used for the purposes of tracking and storing internet users' movements on the web and serving up pop-up ads to internet users.
1.System monitors
2.Trojans 3.Adware
4.Tracking Cookies
Spyware is mostly classified into 4 types:-
The first recorded on October 16, 1995 in a UseNet post that poked fun at microsoft's business model.
Spyware at first denoted software meant for espionage purposes.
However, in early 2000 the founder of zone labs, gregor freund, used the term in a press release for the zone alarm personal firewall.
Use of exploits in JavaScript, internet explorer and windows to install.
History and development of spyware.
Unwanted behavior and degradation of system performance.
Unwanted CPU activity, disk usage, and network traffic.
Stability issues:-
Application's freezing.
Failure to boot.
System-wide crashes.
Difficulty connecting to the internet.
Disable software firewalls and anti-virus software.
Effect and Behavior.
Installed when you open an email attachment. Spyware installs itself Install by using deceptive tactics Common tactics are using a Trojan horse. USB Keylogger. browser forces the download and installation of spyware.
Routes of Infection.
• Installing anti-spyware programs.
• Network firewalls and web proxies to block access to web sites known to install
spyware
• Individual users can also install firewalls.
• Install a large hosts file.
• It Install shareware programs offered for download.
• Downloading programs only from reputable sources can provide some
protection from this source of attack
Security Practices.
Anti-Spyware Program.
Products dedicated to remove or block spyware.
Programs such as pc tool’s spyware doctor, lava soft's ad-aware se and patrick kolla's spybot - search & destroy.
Antivirus 2009Antivirus GoldContravirusMacsweeperPest Trap
PsguardSpy WiperSpydawnSpylockedSpysheriff
SpyshredderSpyware QuakeSpywarestrikeUltimatecleanerWinantivirus Pro 2006
Windows Police ProWinfixerWorldantispy
Some known offenders include:
Rouge Anti - Spyware Program.
popups prompting them to install them to protect their computer, this software is called rogue software.
do not install any freeware claiming to be anti-spyware unless it is verified to be legitimate.
Fake antivirus products constitute 15 percent of all malware.
These common spyware programs illustrate the diversity of behaviors found in these attacks
A group of programs.
Takes advantage of internet explorer
vulnerabilities.
The package directs traffic to advertisements
on web sites including coolwebsearch.Com. It
displays pop-up ads.
Rewrites search engine results, and alters the
infected computer's hosts file to direct DNS
lookups to these sites.
1).CoolWebSearch
Examples!!!!
These common spyware programs illustrate the diversity of behaviors found in these attacks
Sometimes called finspy. High-end surveillance suite sold to law
enforcement and intelligence agencies.
2).FinFisher
Examples!!!!
These common spyware programs illustrate the diversity of behaviors found in these attacks
Wintools or adware.Websearch,
Installed by an active-x drive-by download
at affiliate web sites.
These programs add toolbars to ie.
Track aggregate browsing behavior.
3).Huntbar
Examples!!!!
These common spyware programs illustrate the diversity of behaviors found in these attacks
Transmits detailed information to
advertisers about the web sites which
users visit.
It opens pop-up ads that cover over
the web sites of competing companies
4).Zango
Examples!!!!
These common spyware programs illustrate the diversity of behaviors found in these attacks
Downloads itself to a computer via an active-x code and reports information back to control server.
Some information can be the search-history, the websites visited, and even keystrokes.
5). Zango Trojan
Examples!!!!
Applications Of Spyware.
"Stealware" and affiliate fraud.
Affiliate Fraud is a violation of the terms of services.
Terminated from affiliate networks including linkshare and
sharesale.
Mobile devices can also be vulnerable to chargeware.
Applications.
Identity theft and fraud
Coolwebsearch.Com spyware had used it to transmit “chat
session user names, passwords", bank information, etc.
The Federal Trade Commission estimates that 27.3 million
Americans have been victims of identity theft
That financial losses from identity theft totaled nearly $48 billion
for businesses and financial institutions and at least $5 billion in
out-of-pocket expenses for individuals.
Applications.
Digital rights management
It can be removed with the removewga tool.
Some copy-protection technologies have borrowed from spyware
While the main purpose of this deliberately uninstallable
application is to ensure the copy of windows on the machine was
lawfully purchased and installed.
Applications.
Personal relationships
Used to monitor electronic activities of partners relationships.
Loverspy, was specifically marketed for this purpose
Depending on local laws regarding communal/marital property
Observing a partner's online activity without their consent may be illegal
Applications.
Browser cookies
Business purposes
Anti-spyware programs often report web advertiser’s HTTP Cookies.
The small text files that track browsing activity, as spyware
Applications.
LEGAL ISSUES.
Criminal lawUS FTC actionsNetherlands OPTACivil lawLibel suits by spyware developersWebcam Gate
Legal Issues.
Thank You!
Stay Connected
Top Related