Posted on 12/14/2004 6:22:01 PM PST by Ernest_at_the_Beach
A security firm named the top 10 spyware threats this week, saying that the secretly-installed software poses an "insidious" threat to consumers and corporations alike.
Webroot, which makes end-user and enterprise editions of Spy Sweeper, used its relationship with Internet service provider EarthLink to tally the most prevalent spyware, then selected the worst based on its knowledge of how each works and the damage it can cause.
"We use the P-I index," said Richard Stiennon, Webroot's vice president of threat research. "P is for prevalence, I is for insidiousness."
Each of the ten spyware programs cited by Webroot was spotted at least 50,000 times in the scans that the Boulder, Colo.-based vendor does free of charge on its own Web site, or in conjunction with EarthLink.
"The people who write this stuff are gaining sophistication in their coding practices as they attempt to evade detection and removal," said Stiennon. "These ten are the most insidious programs in terms of prevalence and effect."
Some of the software in Webroot's top 10 may be familiar to users, but most is a blur of anonymous titles that don't impart their potential impact.
Among the former is Gator (also known as GAIN), long infamous because it's bundled with the popular Kazaa peer-to-peer file sharing software. Gator/GAIN, said Webroot, made the top 10 list because it spews banner ads based on your surfing habits.
Others on the list, however, are unknown to all but the most dedicated follower of spyware. They include such programs as PurityScan, which puts up pop-up ads and tricks users into installation by claiming to find and delete porn on the PC; CoolWebSearch, which can hijack searches, browser home page, and IE's settings; and Perfect Keylogger, a spy that records all visited sites, keystrokes, and mouse clicks to, for instance, divine passwords, account numbers, and other sensitive information.
The rest of the list is fleshed out with the likes of n-CASE and KeenValue (adware), TIBS Dialer (software the usurps the modem and dials toll numbers, typically porn pay-by-the-minute phone sites), Transponder and ISTbar/AUpdate (spyware posing as browser assistants), and Internet Optimizer, which hijacks Web errors and re-directs them to its own site.
"It's our goal to inform Internet users of the ramifications of having potentially unwanted programs on their systems," said Stiennon, adding that, "it's their choice to keep or remove these programs. We're just making sure they have that information so they are making knowledgeable decisions."
Webroot isn't the only ranker or rater of behind-the-scene spyware. Computer Associates, which earlier this year purchased Webroot rival PestPatrol, recently added a spyware-only section to its online alert center, where it regularly lists the top 5 threats based on the number of reports it receives from users.
It's current list puts Kazaa at the top, with GameSpy Arcade, Download Accelerators Plus, Ezula, and Adopt.Hotbar.com rounding out the five.
Spyware plagues both consumers and corporations, according to data from analysts. In a recent survey done by IDC, for instance, enterprise users labeled spyware as the fourth-biggest threat to their company's security. They're reacting to the problem by spending money on additional security, a trend that will grow dramatically in the next several years.
According to IDC, anti-spyware software revenues will reach approximately $31 million in 2004, but skyrocket by nearly 10 times to $305 million in 2008.
Thanks I am printing it right now for my son to clean his computer.
Re-read paragraph 8.
In a Windows business environment, use an Active Directory domain and clamp down on all the users permissions. This creates some minor problems up front: inevitably there are applications that need to write to odd directories and the permissions will prohibit that. An admin will have to figure out what directory is being denied and give all the users of that app permissions to write to that folder.
A great many of the problems with Windows in the business environment are vendors writing software that hasn't been tested in a locked-up domain (which is totally bizarre and lazy on their part). ACT!....CaterEase....even Palm OS won't function correctly. Out of all the problems I've had Palm OS is the only app I've been unable to make work. That's OK, I just tell people to buy an ActiveSync compatible device or they can't use one....period....end of discussion.
As for Internet Explorer at home: simply download the IE 5 Power Tweaks from Microsoft and install them. Then go into your IE options and under Security disable or restrict all scripting, Java and ActiveX.
When you go to a site you trust -like your bank - that requires scripting etc, click on IE's Tools menu. Power Tweaks adds a "Add to Trusted Zone" option there: click it and refresh the page.
It's a little bit of a hassle until you have all your sites in the list but, it's kept me free from spyware for several years now and once the bulk of your trusted sites are listed, it's no problem at all.
Mozilla's a great alternative too although, some functions still won't work on it correctly....those will be fixed eventually as demand for it grows. I'd use it full-time now if the Kiosk mode worked correctly.
Beats the heck out of running spyware programs every time I use the internet.
I'm on sbc DSL
Not exactly. You're thinking of the damage done by script kiddies scanning IP numbers for open ports to exploit. They're a legitimate concern of their own, but the spyware referenced in this thread is as dangerous to dial-up as always on connections since the majority of it is installed by the user visiting a rigged website, usually with IE and ActiveX enabled, or the user running and installing freeware or trojans. Neither occurs with any greater or lesser frequency just because the user in on a dial-up connection.
"Don't know what the top 10 are, but you catch 9 of them from Drudge."
I can attest to that.
Why is it when I go to Drudgereport.com and click on one of its links something almost always pops up asking me to send a report to Microsoft or clicking a YES/NO dialog or other nefarious stuff? Some of you may say, "well, I never get any popups when in drudgereport.com," but that is because you may not be protected and may not even know what has just happened. Believe it or not, despite all the warnings lately about Drudge, I still go there, although not as much as I used to.
That's a pretty good record....you must be a disciplined browser...
That's true. I'm the only user on this computer and I'm very careful. I've clicked on a couple of buttons on websites and had the blocker pop up. Never, ever override it! That's the clue. I hit the major news sites and Drudge and FR daily. I shop online. Never had a problem.
Try Firefox.....
"As for Internet Explorer at home: simply download the IE 5 Power Tweaks from Microsoft and install them."
Excuse my ignorance, but is IE Power Tweaks the same as TweakUI?
I see FireFox mentioned in many places that I been thinking of installing it lately. I'd like to uninstall Netscape v4.x on this machine first. Netscape came installed on my machine but have never used it.
Thanks for the suggestion.
Agreed on Outlook, never liked or used it. I use Forte Agent 1.93 and have been since it was .9X It only displays email as harmless text, thereby making me immune to all the Outlook macro viruses that were running across the net a couple years ago. Call me a Luddite but I still don't understand why its so dang desirable to have pretty HTML coded email. Heck, just the fact that merely opening a spam with a pixel bug broadcasts your existence to the spammer is reason enough for me to avoid it.
Thanks for the link to that Knoppix. I've been wanting to try it for some time but had forgotten its name. (link bookmarked) I've tried to convince myself to convert to a Linux distro every year or two since before xwindows, and always end up coming back to my comfortable ol' Win2k as I find myself working too hard to make Linux work for me and realizing that I'm just not suffering in Windows that much. (the draconian registration requirement of XP however will definitely move me to Linux once the wheels finally fall of Win2k)
Turn off System Restore, run your Spyware/Adware elimination programs, reboot, and then turn on System Restore again. They're probably copying themselves there.
Hey folks, what's the name of that one that sits in the background and makes fart noises randomly?
????
Imagine no spyware - none, zilch, nada.
Imagine no adware - nothing, zero, not a single one.
Imagine no trojans.
Imagine no viruses - nothing to protect against. Imagine not even _running_ any anti-virus software on your computer.
Imagine computing for 17 years, online for 17 years, and never having had a virus, not once. Ever.
Imagine being able to read _any_ email, without fear. To visit _any_ website you wish, without fear. Imagine be able to download _anything_ you wished, and not even have to check it for infection, or worry about some hidden application buried within it, just waiting to attack your computer.
Imagine turning on your computer with the confidence that you can leave it online a day, a week, a month, and return to find it in exactly the same state - unmolested - as you left it in.
Now, STOP imagining. That's been my personal computing experience (really!) for the last 17 years online.
Impossible, you say? Not if you're using a Mac.
Granted, someone _could_ possibly concoct a virus or some other malaware for OS X. However, if it _does_ happen, it's going to be a "man bites dog" story. It'll be headlines not because it's another virus, but because there has never been an attack on OS X. And it will be dealt with quickly.
I've got a friend at work who has used computers as long (longer?) than I have, but he came from the "PC side" of things. Two of his most memorable comments to me were "it took me ten years to learn DOS", and, "I hate computers!".
I've been fooling with personal computers since 1986 (the Mac since 1987) and I _enjoy_ computers! Why is that?
Cheers!
- John
It's a darn bot that stays resident, and whenever I'm giving a presentation it runs audio "blurbs" and "zots". It's hard to find, and it seems to be innocuous, just annoying. Never heard of it? I found a writeup on it once, but I can't remember the name.
That is real interesting.....
So you Browse with the same machine that you use for Sales Presentations?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.