Posted on 12/14/2004 6:22:01 PM PST by Ernest_at_the_Beach
A security firm named the top 10 spyware threats this week, saying that the secretly-installed software poses an "insidious" threat to consumers and corporations alike.
Webroot, which makes end-user and enterprise editions of Spy Sweeper, used its relationship with Internet service provider EarthLink to tally the most prevalent spyware, then selected the worst based on its knowledge of how each works and the damage it can cause.
"We use the P-I index," said Richard Stiennon, Webroot's vice president of threat research. "P is for prevalence, I is for insidiousness."
Each of the ten spyware programs cited by Webroot was spotted at least 50,000 times in the scans that the Boulder, Colo.-based vendor does free of charge on its own Web site, or in conjunction with EarthLink.
"The people who write this stuff are gaining sophistication in their coding practices as they attempt to evade detection and removal," said Stiennon. "These ten are the most insidious programs in terms of prevalence and effect."
Some of the software in Webroot's top 10 may be familiar to users, but most is a blur of anonymous titles that don't impart their potential impact.
Among the former is Gator (also known as GAIN), long infamous because it's bundled with the popular Kazaa peer-to-peer file sharing software. Gator/GAIN, said Webroot, made the top 10 list because it spews banner ads based on your surfing habits.
Others on the list, however, are unknown to all but the most dedicated follower of spyware. They include such programs as PurityScan, which puts up pop-up ads and tricks users into installation by claiming to find and delete porn on the PC; CoolWebSearch, which can hijack searches, browser home page, and IE's settings; and Perfect Keylogger, a spy that records all visited sites, keystrokes, and mouse clicks to, for instance, divine passwords, account numbers, and other sensitive information.
The rest of the list is fleshed out with the likes of n-CASE and KeenValue (adware), TIBS Dialer (software the usurps the modem and dials toll numbers, typically porn pay-by-the-minute phone sites), Transponder and ISTbar/AUpdate (spyware posing as browser assistants), and Internet Optimizer, which hijacks Web errors and re-directs them to its own site.
"It's our goal to inform Internet users of the ramifications of having potentially unwanted programs on their systems," said Stiennon, adding that, "it's their choice to keep or remove these programs. We're just making sure they have that information so they are making knowledgeable decisions."
Webroot isn't the only ranker or rater of behind-the-scene spyware. Computer Associates, which earlier this year purchased Webroot rival PestPatrol, recently added a spyware-only section to its online alert center, where it regularly lists the top 5 threats based on the number of reports it receives from users.
It's current list puts Kazaa at the top, with GameSpy Arcade, Download Accelerators Plus, Ezula, and Adopt.Hotbar.com rounding out the five.
Spyware plagues both consumers and corporations, according to data from analysts. In a recent survey done by IDC, for instance, enterprise users labeled spyware as the fourth-biggest threat to their company's security. They're reacting to the problem by spending money on additional security, a trend that will grow dramatically in the next several years.
According to IDC, anti-spyware software revenues will reach approximately $31 million in 2004, but skyrocket by nearly 10 times to $305 million in 2008.
Cool Web seems to involve a whole bunch of different sources and different bugs.
The particular problem I had was that one of my kids managed to infect MS Media Player. It LOOKED like media player, but something else had taken its place and disguised itself as Media Player. I had to delete it, clean up the Registry, and re-download Media Player from MS Update. But from the research I did at the time, there are dozens of different things various coolweb leeches can do to your computer, some no doubt worse than others.
I don't have Spam. I don't have Spyware. I don't get viruses. I don't get obnoxious or offensive email. I've run Norton once a week since I bought this computer and subscribed to Earthlink. That was in April. Norton has never found a thing. Zip. Zero. Nada. My internet service is clean as a whistle. Earthlink is a fabulous service.
BTTT
Yep. And these b***ards are not without a perverted sense of humor:
Before I got the last AdAware update, I kept getting an XXX site-file downloaded, with a desktop icon and everything. The program could actually disable my AdAware program the first two runs....there was a "ts" on the task bar when it froze. Finally dawned on me that it was "Tough S**t"!!!
I'm being barraged. I have to run the AdAware before and after every connection. I have many bots mentioned above. And, when you eliminate them, they have back-up that attempt to re-install, apparently. Gotta run twice when you get 'em the first time. Grrrrrrr
And these things are dismantling my features on IE. Mebbe that's why I posted twice?? Only hit the box once.
You don't have kids who get on the computer and install spyware every time you turn your back. But innoculating with Spybot, Spyware Blaster, and Spyware Guard have blocked most of it. When they go to reinstall Kazaa or the latest thing their friends have told them about, my computer won't let them do it.
So who is your ISP?
Cool Web search was listed in the report. That one has affected my sons computer and I have not been able to remove with Spyhunter and Adaware. It would not let me get to AVG to download that virus protector. In one evening I removed 141 spyware and 900 ads.
This virus/ worm spyware came when my son checked optimizer.exe. It also put up a porn site for the ie browser. I had to sut down his internet because of this. Now he is using my computer. I am checking it constantly.
As far as I know, no operating system other than Windows has spware or malware.
The Mac's probably a better solution than Linux for most people because it runs a much wider array of consumer-friendly software.
Until another OS increases its market share past 10% or so, I think the risks are minimal. As long as spyware makers can profit from the top 90% more effectively than going after 5% slices of the market, I don't see much of a threat using Linux or the Mac.
D
ROFL!!! .....Good One!!!
Juno. Stuff is coming through email...seemingly without even opening attachments....spam. I'm pretty deficient at figuring this stuff out; just do what my wife says.
I had 2 virus installed in my computer with Norton...Pestpatrol found and eliminated them.
Surprised to see Look2Me isn't in the top ten. That POS kept me busy for a week on my sisters machine. Writes itself into Exploxer.exe, writes multiple backups into the registry and multiple randomly named .dll's into the system directory. Took the Adaware, a notebook and the Win2k recovery console to finally get rid of it. I got $100 for the first guy that finds and punches the author in the face for writing this little abomination.
Currently I'm running pretty safely (as is my sister now) with Adaware, Spybot, Firefox, AVG, Sun Java (people forget this upgrade) Zone Alarm and a router. And I deactivated ActiveX for all but Windows update.
Since I switched over to the Firefox browser, I get zero spyware programs when I surf, again according to Ad-aware.
Might be worth the money.....?Cool Web Search is in a special and hideous class of its own.... the product is CWSHREDDER I think, included in this:
InterMute is pleased to announce that SpySubtract now includes CWShredder™, the best defense against the CoolWebSearch Browser Hijack. Also, SpySubtract 2.6 has thousands of additional Spyware signatures to keep you protected.
See post #56.
If you are just using Dialup , a package like offered by Intermute should be a big help....The really bad stuff comes with being on an always on network ( broadband ).
the best advice I got for removal (I'm windows XP) is to disable system restore, run the anti- programs, reboot, run them again, then re-enable system restore.
Firefox knocks down the popupads very well too... i can even browse Drudg's site without problems.... couse I do it only when I am using my Linux machine....
"They include such programs as PurityScan, which puts up pop-up ads and tricks users into installation by claiming to find and delete porn on the PC; CoolWebSearch, which can hijack searches, browser home page, and IE's settings; and Perfect Keylogger, a spy that records all visited sites, keystrokes, and mouse clicks to, for instance, divine passwords, account numbers, and other sensitive information."
CWS is nasty stuff indeed. I hate all of these b@stards. They are ruining the web for the newbies who don't know how to deal with this stuff.
I've gone to co-workers homes and spent hours cleaning their machines of crap, usually it's the kids or the nanny who who initially get it infected.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.