Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

How Spyware Took The Next-Gen Threat Crown (On The Internet's No #1 Threat Today MUST READ!!!)
ESecurityPlanet.com ^ | 12/20/04 | Sonny Discini

Posted on 12/21/2004 2:39:48 AM PST by goldstategop

Spyware used to be defined as applets, cookies or any other method used to collect statistics on your browsing habits. Gone are the days of such a benign interpretation. Spyware has evolved into a problem that surpasses those posed by traditional worms, viruses and Trojans.

Today, these once relatively innocuous apps have evolved from anonymous, and often invisible, traffic statistics gatherers into beasts capable of crippling your PC's performance by installing unwanted toolbars, pop-up ads, desktop icons and many other nuisances.

If that's not bad enough, some Spyware will modify system files, change security zone settings, keylog your sessions, spawn Trojans and change start page settings. Today, the term "spyware" is, in my opinion, synonymous with virus, and as usual, you have been left to deal with this on your own.

How did this happen?

Like many age-old schemes, the desire for easy money has driven spyware development into the darkest corners of the Internet. Unscrupulous individuals use flaws in the Windows operating system in combination with Microsoft's browser, Internet Explorer, to distribute their wares, or more accurately, infect your machine.

Countless types of applications, browser helper objects, cookies and bots are now competing for your finite system resources in order to pitch pop ups, report your internet activity, modify OS settings and steal personal information. Simple site statistics are no longer sufficient to sustain the beast.

Spyware companies are making millions of dollars by evading laws, finding loopholes, exploiting vulnerabilities and making their products resistant to removal. When compared to what we all know as a traditional virus, spyware is much worse because viruses are not nearly as tenacious when it comes to re-propagation or resistance to removal.

This may sound like the work of evil, globally dispersed hacking networks but many spyware developers are operating within U.S. borders without so much as a hiccup from the legal system. Although as of late, the spyware problem has generated some rumblings on Capitol Hill.

Another punch to the gut is that it is very easy to track who is benefiting from your pain. Spyware partners are typically paid on a, 'per installation' basis. This means that there is a unique ID associated with each installation so that the partner can get paid. This information is easily acquired, yet no one is doing anything about it.

To further entertain us, Spyware companies are very shrewd and typically add verbiage on their sites to make you believe that all their software is installed only with your consent. What's even more hilarious is how the worst offenders have anti-spyware animations running on their sites.

If you look closely you would almost believe that you are reading a legitimate EULA when in fact, you're reading deceptive or flat out inaccurate information. Many of them tell you that the apps can be easily uninstalled using the add/remove programs feature in Windows. In my experience, this does not work. In fact, there have been times when I have seen what appears to be a complete uninstall only to find that the Spyware is still operating in the background.

My anti-virus suite will surely help me, won't it?

No. If you look at this from the standpoint of AV providers, there is no financial benefit, thus, there is no motivation to add spyware removal features.

Many of the best removal tools are freely available for download. It does not make sense to attempt to develop something better than people already expect for free. Additionally, it is much harder to keep up with spyware than worms, viruses and Trojans because most of the aforementioned were not designed for financial gain and were typically developed by loose bands of unfunded hacking groups to prove a point.

When compared to the financial forces that are backing spyware, the cost to AV companies to keep up would be astronomical. Without a significant increase in product costs, AV companies cannot allocate resources to battle what has become the new front on the assault of your Internet experience.

I have a personal firewall and I patch my system all the time. Shouldn't I be safe?

Absolutely not. For openers, Microsoft is slow to deliver patches in relation to the speed and efficiency that malware developers disseminate their apps. Statistics show that browsing a single site can yield over a dozen infections.

What's worse is that Browser Helper Objects (BHOs) are invisible to personal firewalls. The traffic is seen as originating from your browser, not the malicious helper. Spyware developers know precisely how personal firewalls behave and their apps are written to take advantage of allowed protocols and applications. Adding insult to injury, spyware uses Microsoft's own zone security model against them by simply placing malicious sites in Internet Explorer's trusted zone.

OK so which spyware removal tool is the best?

There is no single tool out there that can rid you of your troubles. Typically, running two or three different scanners will yield different results. A popular tag team approach to vanquishing the unwelcome code includes installing both Lavasoft's Adaware and Spybot Search and Destroy.

Also, detecting spyware is completely different from removing it.

As of late, spyware makers have started delivering apps that cannot be removed with automated tools so even if you ditch IE in favor of an alternate browser you may still find yourself spending hours trying to remediate infections. Sadly, users end up lost in search engine results and scanning forums hoping to find a remediation process that worked for other poor souls.

In some cases, a complete OS reinstall is quicker than bearing this pain. You may also find yourself victimized by your own desire to remove spyware. Some crooked coders have actually developed what look to be legitimate spyware scanners, which are, in fact, spyware propagators.

What can we do?

Sadly, the funding that's fueling spyware development is far greater than the funding devoted to stopping it. Until the playing field evens out, spyware is going to continue to invade our privacy, steal information and cause financial and personal loss.

For now, the best thing you can do is visit trusted sites and be vigilant about scanning your machine with a variety of anti-spyware tools. Keep in mind that most bona fide removal tools are developed by independent groups of developers and small development firms. Paying for anti-spyware software is not an indicator that you are getting a superior product over free, open source alternatives.


TOPICS: Business/Economy; Crime/Corruption; News/Current Events; Technical
KEYWORDS: computers; exploit; getamac; internetexploiter; lookoutexpress; lowqualitycrap; malware; microsoft; patch; removalcleanup; scumware; securityflaw; sonnydiscini; spyware; threat; trojan; virus; windows; worm
Navigation: use the links below to view more comments.
first previous 1-20 ... 101-120121-140141-160161-169 next last
To: goldstategop

Before I re-ran Norton, I had run Ad-Aware, XoftSpy and Adware Filter. I had not run Spybot.

Just ran Spybot and it found 3 non-critical items which I told it to delete. Those 3 items were not the ones I listed above.

I don't understand why Norton is identifying these "threats" but giving me no option to remove them.

As for going to the registry...that scares me to death. I'm a WIMP, not a geek.


121 posted on 12/21/2004 7:50:03 AM PST by Timeout
[ Post Reply | Private Reply | To 120 | View Replies]

To: goldstategop

...save


122 posted on 12/21/2004 7:52:20 AM PST by WestCoastGal (61 DAYS...The name of the Lord is a strong tower. The righteous man will run to it and be safe.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: RedEyeJack
My own opinion is that anything that takes over your private computer without your informed consent should be illegal and that anyone distributing such programs and those paying to have it distributed (the engine that drives this train) should be held criminally responsible.

It can be argued that spyware's actions constitute theft. Burglary, I suppose, although that depends on the statutory definition. The problem is that the "consent" is rarely, if ever, truly informed.

123 posted on 12/21/2004 7:53:03 AM PST by Chemist_Geek ("Drill, R&D, and conserve" should be our watchwords! Energy independence for America!)
[ Post Reply | Private Reply | To 4 | View Replies]

To: Timeout

Has Norton quarantined them? If so you can delete the quarantined files.


124 posted on 12/21/2004 7:54:46 AM PST by goldstategop (In Memory Of A Dearly Beloved Friend Who Lives On In My Heart Forever)
[ Post Reply | Private Reply | To 121 | View Replies]

To: Chemist_Geek

Try wading through a 6,000 screen EULA to find out exactly what the license says. The waste of bandwidth alone is criminal.


125 posted on 12/21/2004 7:56:05 AM PST by goldstategop (In Memory Of A Dearly Beloved Friend Who Lives On In My Heart Forever)
[ Post Reply | Private Reply | To 123 | View Replies]

To: goldstategop
The spyware I hate most is the infamus Cool-Web-Search series of browser hijackers. Coming in second would be Gator/GAIN. Here is a good site for tools to remove both. CWS Chronicles.
126 posted on 12/21/2004 7:57:00 AM PST by Paul_Denton
[ Post Reply | Private Reply | To 1 | View Replies]

To: goldstategop
Has Norton quarantined them?

No. That's what is so odd. Norton identifies them but is giving me no option to either delete or quarantine or fix them. Normally there's an "action" button to use, but in this case it's giving me no options.

127 posted on 12/21/2004 7:57:40 AM PST by Timeout
[ Post Reply | Private Reply | To 124 | View Replies]

To: Timeout

Have you contacted Symantec tech support with the details? They may be able to help you resolve the issue.


128 posted on 12/21/2004 7:59:21 AM PST by goldstategop (In Memory Of A Dearly Beloved Friend Who Lives On In My Heart Forever)
[ Post Reply | Private Reply | To 127 | View Replies]

To: goldstategop

I guess that's my next move...although I hate Symantec more than Gator itself.


129 posted on 12/21/2004 8:03:16 AM PST by Timeout
[ Post Reply | Private Reply | To 128 | View Replies]

To: goldstategop
Bump for later reference.

I hate this stuff and love this stuff at the same time.

Hate it of course when it gets on my systems (rare) but I make a lot of money removing it from others'.

Very conflicted. ;)

130 posted on 12/21/2004 8:06:51 AM PST by kAcknor (That's my version of it anyway....)
[ Post Reply | Private Reply | To 1 | View Replies]

To: flair2000
As I was beginning to type the password, my modem hung up, and then started dialing another number that I had never heard of. I immediately shut down the computer. It took several runs of CW Shredder to completely remove this garbage. These people coming up with this stuff are getting much better at it. A lot of them are in former East bloc countries and are out of reach, and their governments are of no help.

That happened to me once. I assumed it was just my modem reconnecting to the internet until some dialer garbage popped up. I physically disconnected my phone line and it took several runs of CW Shredder, Hijack This, and Spybot S&D to get rid of it.

131 posted on 12/21/2004 8:08:25 AM PST by Paul_Denton
[ Post Reply | Private Reply | To 16 | View Replies]

To: goldstategop
bookmarked
132 posted on 12/21/2004 8:09:00 AM PST by Warhammer (I used to be indecisive. Now I'm not sure.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: goldstategop
Try wading through a 6,000 screen EULA to find out exactly what the license says. The waste of bandwidth alone is criminal.

Oh, I know. That's the whole intent behind the 6,000 screens of verbal garbage and garbled verbiage. They can claim, if actually held responsible some sunny day, that they received consent for everything that was done.

133 posted on 12/21/2004 8:19:53 AM PST by Chemist_Geek ("Drill, R&D, and conserve" should be our watchwords! Energy independence for America!)
[ Post Reply | Private Reply | To 125 | View Replies]

To: All
There is also Avast. It is an anti-virus program but I found it has stopped several spy programs from being installed. It is free and for those gamers ammong us, it does not hog up system resources.
134 posted on 12/21/2004 8:29:09 AM PST by Paul_Denton
[ Post Reply | Private Reply | To 133 | View Replies]

To: goldstategop

I have Spyware S&D on my pc, along with Adaware (earlier version). It was too late by the time I discovered them and installed them on my pc. Whatever is on that pc, disabled my Norton AntiVirus, and some tools provided by Windows. Many times when I tried to run S&D or Norton, my system would shut down. Then it would pop up with a warning that my virtual memory was too low. I could not find the programs that were running and causing the problem. Time for the geek squad, because my HD now sounds like a coffee grinder.

I'd like to get my hands on the creeps who dream up these worms, malware, trojans, etc.

When my pc is fixed, the first thing I'm going to do is go back to my bookmarked threads, and install everything....probably including Fire Fox.

Thanks again for your help :-)


135 posted on 12/21/2004 8:37:10 AM PST by TheSpottedOwl ("In the Kingdom of the Deluded, the Most Outrageous Liar is King".)
[ Post Reply | Private Reply | To 100 | View Replies]

To: goldstategop
Then again, you could get a Macintosh, and forego worrying about...
- Spyware - there _isn't_ any
- Adware - none at all!
- Viruses - no known virus exists for OS X, not a single one
- Trojans - nothing out there
There's no reason to even use anti-virus software on a Macintosh anymore. Anti-spyware programs? What the heck are they? (laughs)

Just for the heck of it, after reading the intial article, I launched Norton Anti-Virus for Mac and let it scan my most important volumes. As usual, nothing to report. I hadn't run Norton in at least a year - there's no reason to. I'm wondering why I bother to keep it on my drive any more.

The only way the spyware/adware/virus/trojan problems are going to be solved on the PC side is to ditch Windows and go to an entirely new operating system. I doubt there will be any other workable solution. As soon as one "opening" is closed, another seems to be opened and exploited by those who do such things. I can't understand why Microsoft engineered its operating and application software to have so many hidden - and intentional - security holes.

On the other hand, I _do_ understand that many businesses are - for now - locked into the Windows World. But that could change. Of course, they probably won't "go Mac", and I don't expect that; it will be some other OS. But what?

Nevertheless, regardless of what you're using at work, if you're tired of fighting the spyware and adware at home, and want to GET RID those hassles, you might consider checking out the Mac side of things!

Cheers!
- John

136 posted on 12/21/2004 8:37:22 AM PST by Fishrrman
[ Post Reply | Private Reply | To 1 | View Replies]

To: goldstategop

bump


137 posted on 12/21/2004 8:56:53 AM PST by Centurion2000 (Truth, Justice and the Texan Way)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Happy2BMe

Bad boys! Bad boys!
Whatca gonna do?
Whatca gonna do when they come for you?

Bad boys! Bad boys!
Whatca gonna do?
Whatca gonna do when they come for yoooooooouuuuu?


138 posted on 12/21/2004 12:00:17 PM PST by MeekOneGOP (There is only one GOOD 'RAT: one that has been voted OUT of POWER !! Straight ticket GOP! ©)
[ Post Reply | Private Reply | To 102 | View Replies]

To: All

SpywareBlaster. It's free, works better than Spybot, in the background, with no input except updating definitions weekly. It's also FREE.

Do it. NOW.


139 posted on 12/21/2004 1:18:43 PM PST by TheSaurus
[ Post Reply | Private Reply | To 2 | View Replies]

To: octobersky

self ping for later


140 posted on 12/21/2004 1:40:00 PM PST by octobersky
[ Post Reply | Private Reply | To 7 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-20 ... 101-120121-140141-160161-169 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson