Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

How Spyware Took The Next-Gen Threat Crown (On The Internet's No #1 Threat Today MUST READ!!!)
ESecurityPlanet.com ^ | 12/20/04 | Sonny Discini

Posted on 12/21/2004 2:39:48 AM PST by goldstategop

Spyware used to be defined as applets, cookies or any other method used to collect statistics on your browsing habits. Gone are the days of such a benign interpretation. Spyware has evolved into a problem that surpasses those posed by traditional worms, viruses and Trojans.

Today, these once relatively innocuous apps have evolved from anonymous, and often invisible, traffic statistics gatherers into beasts capable of crippling your PC's performance by installing unwanted toolbars, pop-up ads, desktop icons and many other nuisances.

If that's not bad enough, some Spyware will modify system files, change security zone settings, keylog your sessions, spawn Trojans and change start page settings. Today, the term "spyware" is, in my opinion, synonymous with virus, and as usual, you have been left to deal with this on your own.

How did this happen?

Like many age-old schemes, the desire for easy money has driven spyware development into the darkest corners of the Internet. Unscrupulous individuals use flaws in the Windows operating system in combination with Microsoft's browser, Internet Explorer, to distribute their wares, or more accurately, infect your machine.

Countless types of applications, browser helper objects, cookies and bots are now competing for your finite system resources in order to pitch pop ups, report your internet activity, modify OS settings and steal personal information. Simple site statistics are no longer sufficient to sustain the beast.

Spyware companies are making millions of dollars by evading laws, finding loopholes, exploiting vulnerabilities and making their products resistant to removal. When compared to what we all know as a traditional virus, spyware is much worse because viruses are not nearly as tenacious when it comes to re-propagation or resistance to removal.

This may sound like the work of evil, globally dispersed hacking networks but many spyware developers are operating within U.S. borders without so much as a hiccup from the legal system. Although as of late, the spyware problem has generated some rumblings on Capitol Hill.

Another punch to the gut is that it is very easy to track who is benefiting from your pain. Spyware partners are typically paid on a, 'per installation' basis. This means that there is a unique ID associated with each installation so that the partner can get paid. This information is easily acquired, yet no one is doing anything about it.

To further entertain us, Spyware companies are very shrewd and typically add verbiage on their sites to make you believe that all their software is installed only with your consent. What's even more hilarious is how the worst offenders have anti-spyware animations running on their sites.

If you look closely you would almost believe that you are reading a legitimate EULA when in fact, you're reading deceptive or flat out inaccurate information. Many of them tell you that the apps can be easily uninstalled using the add/remove programs feature in Windows. In my experience, this does not work. In fact, there have been times when I have seen what appears to be a complete uninstall only to find that the Spyware is still operating in the background.

My anti-virus suite will surely help me, won't it?

No. If you look at this from the standpoint of AV providers, there is no financial benefit, thus, there is no motivation to add spyware removal features.

Many of the best removal tools are freely available for download. It does not make sense to attempt to develop something better than people already expect for free. Additionally, it is much harder to keep up with spyware than worms, viruses and Trojans because most of the aforementioned were not designed for financial gain and were typically developed by loose bands of unfunded hacking groups to prove a point.

When compared to the financial forces that are backing spyware, the cost to AV companies to keep up would be astronomical. Without a significant increase in product costs, AV companies cannot allocate resources to battle what has become the new front on the assault of your Internet experience.

I have a personal firewall and I patch my system all the time. Shouldn't I be safe?

Absolutely not. For openers, Microsoft is slow to deliver patches in relation to the speed and efficiency that malware developers disseminate their apps. Statistics show that browsing a single site can yield over a dozen infections.

What's worse is that Browser Helper Objects (BHOs) are invisible to personal firewalls. The traffic is seen as originating from your browser, not the malicious helper. Spyware developers know precisely how personal firewalls behave and their apps are written to take advantage of allowed protocols and applications. Adding insult to injury, spyware uses Microsoft's own zone security model against them by simply placing malicious sites in Internet Explorer's trusted zone.

OK so which spyware removal tool is the best?

There is no single tool out there that can rid you of your troubles. Typically, running two or three different scanners will yield different results. A popular tag team approach to vanquishing the unwelcome code includes installing both Lavasoft's Adaware and Spybot Search and Destroy.

Also, detecting spyware is completely different from removing it.

As of late, spyware makers have started delivering apps that cannot be removed with automated tools so even if you ditch IE in favor of an alternate browser you may still find yourself spending hours trying to remediate infections. Sadly, users end up lost in search engine results and scanning forums hoping to find a remediation process that worked for other poor souls.

In some cases, a complete OS reinstall is quicker than bearing this pain. You may also find yourself victimized by your own desire to remove spyware. Some crooked coders have actually developed what look to be legitimate spyware scanners, which are, in fact, spyware propagators.

What can we do?

Sadly, the funding that's fueling spyware development is far greater than the funding devoted to stopping it. Until the playing field evens out, spyware is going to continue to invade our privacy, steal information and cause financial and personal loss.

For now, the best thing you can do is visit trusted sites and be vigilant about scanning your machine with a variety of anti-spyware tools. Keep in mind that most bona fide removal tools are developed by independent groups of developers and small development firms. Paying for anti-spyware software is not an indicator that you are getting a superior product over free, open source alternatives.


TOPICS: Business/Economy; Crime/Corruption; News/Current Events; Technical
KEYWORDS: computers; exploit; getamac; internetexploiter; lookoutexpress; lowqualitycrap; malware; microsoft; patch; removalcleanup; scumware; securityflaw; sonnydiscini; spyware; threat; trojan; virus; windows; worm
Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-80 ... 161-169 next last
To: chronic_loser

Anti-scumware Bump!


21 posted on 12/21/2004 3:37:31 AM PST by goldstategop (In Memory Of A Dearly Beloved Friend Who Lives On In My Heart Forever)
[ Post Reply | Private Reply | To 19 | View Replies]

To: dennisw

Heh ... just fired up my two anti spy ware programs for the first time in a month. And it's definitely true that one should use at least two programs ...... They don't pick up the same spy ware and crap ware.


22 posted on 12/21/2004 3:39:25 AM PST by dennisw (Help put the "Ch" back in Chanukah)
[ Post Reply | Private Reply | To 10 | View Replies]

To: goldstategop

thanks


23 posted on 12/21/2004 3:40:08 AM PST by flair2000
[ Post Reply | Private Reply | To 18 | View Replies]

To: goldstategop
I was running as the article suggested Ad-aware and Spybot together and then tried Webroots Spy Sweeper which found several undetected BHO's, so I use Spy Sweeper only now although I have just downloaded 'Prevx' to try thanx.
24 posted on 12/21/2004 3:40:18 AM PST by Critical Bill
[ Post Reply | Private Reply | To 1 | View Replies]

To: MadAnthony1776

Anti virus programs come first for me. Spy ware can endanger your security but for the most part it's just a dang nuisance and intrusion into "my space".


25 posted on 12/21/2004 3:42:15 AM PST by dennisw (Help put the "Ch" back in Chanukah)
[ Post Reply | Private Reply | To 20 | View Replies]

To: flair2000

I agree wholeheartedly with the suggestion to switch to Mozilla Firefox. Two months ago my 70 year old father called me because his 'internet was gone'. After two days of trying I ended reinstalling windows xp on his machine. I then installed Firefox, removed access to IE, and he has been in fine shape since.

Personally, I switched to the Macintosh platform last spring, and have no intention of going back to Windows if at all possible!


26 posted on 12/21/2004 3:45:31 AM PST by spower
[ Post Reply | Private Reply | To 23 | View Replies]

To: Critical Bill

Don't forget to download JavaCool Software's Spywareblaster. It keeps the nasties from ever installing on your computer by setting killbits in the Registry that prevent them from running if they do somehow get on your computer.


27 posted on 12/21/2004 3:45:40 AM PST by goldstategop (In Memory Of A Dearly Beloved Friend Who Lives On In My Heart Forever)
[ Post Reply | Private Reply | To 24 | View Replies]

To: goldstategop

IMHO this issue is why windoze is what it is...a leaky program designed to surreptitiously aid and abet the marketing industry.


28 posted on 12/21/2004 3:45:56 AM PST by mo
[ Post Reply | Private Reply | To 1 | View Replies]

To: goldstategop

Another good reason to switch to a Macintosh.

Work on your work, not your computer.

: )


29 posted on 12/21/2004 3:46:57 AM PST by Barney59 (Merry Christmas & a Happy New Year)
[ Post Reply | Private Reply | To 1 | View Replies]

To: dennisw

You need a good anti-Trojan scanner as well as anti-intrusion software like Prevx or Pivx's Qwik Fix. Then get a HOSTS file that blocks malware sites from loading and make it read-only so it can't be changed by scumware hickjackers.


30 posted on 12/21/2004 3:47:53 AM PST by goldstategop (In Memory Of A Dearly Beloved Friend Who Lives On In My Heart Forever)
[ Post Reply | Private Reply | To 25 | View Replies]

To: dennisw

In my wife's case there was so much spyware that it prevented the anti-virus program from running. You really need both.


31 posted on 12/21/2004 3:48:41 AM PST by MadAnthony1776
[ Post Reply | Private Reply | To 25 | View Replies]

To: mo

Good third party security software does what Windows ought to have done in the first place - make Internet browsing safe.


32 posted on 12/21/2004 3:49:26 AM PST by goldstategop (In Memory Of A Dearly Beloved Friend Who Lives On In My Heart Forever)
[ Post Reply | Private Reply | To 28 | View Replies]

To: MadAnthony1776
Her daughter came over and we finally got the anti-spyware to run and there were thousands of files infected with spyware.

I recently had to put my computer in the shop and use a loner. The loner had not been cleaned up or restored – and it seems the previous user was very heavy into Internet games and porn.
The first thing I did was delete several dozen bookmarks and run Norton. Norton removed a few dozen files. I kicked back and forgot about it – until CoolWeb started showing up as my homepage. I prefer Google. I then ran several other virus and spyware programs – and found over 1,200 infected and malicious files. Several could not be removed either automatically or manually. I went to safe mode as the administrator and ran everything again – which resulted in eliminating all but one file. I had to go into the registry and close every program one at a time until I found it, a very long and laborious process. When I found it I could not delete it but had to replace it with a dummy program.
33 posted on 12/21/2004 3:50:19 AM PST by R. Scott (Humanity i love you because when you're hard up you pawn your Intelligence to buy a drink.)
[ Post Reply | Private Reply | To 20 | View Replies]

To: MadAnthony1776

An anti-virus program (such as Norton Anti-Virus) is good at locating viruses and worms. Its not too good at detecting syware, trojans and keyloggers. That's where a good anti-Trojan scanner like Ewido Security Suite comes into play. Its picks up stuff an anti-virus scanner misses. So you need both. Then you need a good firewall (Norton Personal Firewall) to stealth your ports on the Internet. Then there's a spyware prevention software like Spywareblaster to prevent drive by installations of rogue software behind your back and spyware scanners like Ad-Aware and Spybot Search& Destroy to detect and remove installed spyware programs. For the ultimate in peace of mind, anti-intrusion software like Prevx or Pivx's Qwik Fix, shuts down potential Windows vulnerabilities that hackers and scumware pushers use as avenues of attack. Having as many tools in your Windows security kit will keep you from having the nightmare of others taking over your computer for less than benign purposes.


34 posted on 12/21/2004 3:56:56 AM PST by goldstategop (In Memory Of A Dearly Beloved Friend Who Lives On In My Heart Forever)
[ Post Reply | Private Reply | To 31 | View Replies]

To: goldstategop

my point though is that when superficially things don't make sense....i.e. why "can't" bill Gates build a tight OS ...is that, IMHO, by following the money trail, I would speculate MS receives some type of kickback somewhere, from the marketing industry, for allowing them to access info re what people are using their boxes for....


35 posted on 12/21/2004 3:58:13 AM PST by mo
[ Post Reply | Private Reply | To 32 | View Replies]

To: R. Scott

You could have saved a lot of labor with CoolWeb Shredder. http://www.intermute.com


36 posted on 12/21/2004 3:58:41 AM PST by goldstategop (In Memory Of A Dearly Beloved Friend Who Lives On In My Heart Forever)
[ Post Reply | Private Reply | To 33 | View Replies]

To: goldstategop

Tell me about it! A friend of mine brought her laptop to me and I worked on it three days before getting out all the viruses and malware. Stinger found three worms, AVG found one virus and Ad-Aware found 130 incidents of Malware. Her original complaint was that when she got online a box would pop up and shut her down in 60 seconds. Ok, sounded like Blaster, Sasser or one of the variants. I turned off System Restore and ran both fixes in safe mode and they didn't find anything. I ran a DOS scanner and it didn't find anything. I finally downloaded Ad-Aware and it found 130 incidents. I traced the problem to two programs and uninstalled them. Ran it again and found 84 incidents of Malware so I removed them. Installed a program called SpywareBlaster for future prevention and one called CWShredder and ran them. I hooked the laptop to my LAN and went online to Windows Update. She needed 56 critical updates. I didn't have any trouble getting them and haven't had anymore shutdowns so it appears that the problem is gone. Did I tell you that this girl is so computer illiterate that she has never updated her virus scanner that I put in there when I set up the system, never goes to Windows Update site and doesn't know what "reboot" or "desktop" means? She and I are going to have a very long talk when she picks this laptop up. I don't mind helping but there will be no more jobs like this done for free because of stupidity. She also has a 19-year old son that installed a program called Soap Internet Washer. It was causing problems so I asked her about it. She asked what it was and I told her that a lot of people use it to cover their tracks if they go on porn sites. She said to remove it because she didn't put it there but "he wouldn't do something like that". Yeah right!


37 posted on 12/21/2004 4:00:07 AM PST by Melinda in TN
[ Post Reply | Private Reply | To 1 | View Replies]

To: goldstategop

I run Symantic Anti-virus and Ad-aware Anti-Spyware programs. They both work good.


38 posted on 12/21/2004 4:00:10 AM PST by MadAnthony1776
[ Post Reply | Private Reply | To 34 | View Replies]

To: mo

Read the EULA. If you don't know what the software's going to be doing - don't install it! 'Nuff said.


39 posted on 12/21/2004 4:01:41 AM PST by goldstategop (In Memory Of A Dearly Beloved Friend Who Lives On In My Heart Forever)
[ Post Reply | Private Reply | To 35 | View Replies]

To: Melinda in TN

Pay a couple of extra dollars and have updates downloaded and installed automatically. And with Windows Update, keep automatic updates turned ON. There, its not so hard to protect a computer!


40 posted on 12/21/2004 4:04:37 AM PST by goldstategop (In Memory Of A Dearly Beloved Friend Who Lives On In My Heart Forever)
[ Post Reply | Private Reply | To 37 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-80 ... 161-169 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson