The Web    Google
How Spyware Took the Next-Gen Threat Crown

How Spyware Took the Next-Gen Threat Crown
December 20, 2004

Spyware used to be defined as applets, cookies or any other method used to collect statistics on your browsing habits. Gone are the days of such a benign interpretation. Spyware has evolved into a problem that surpasses those posed by traditional worms, viruses and Trojans.

Today, these once relatively innocuous apps have evolved from anonymous, and often invisible, traffic statistics gatherers into beasts capable of crippling your PC's performance by installing unwanted toolbars, pop-up ads, desktop icons and many other nuisances.

If that's not bad enough, some Spyware will modify system files, change security zone settings, keylog your sessions, spawn Trojans and change start page settings. Today, the term "spyware" is, in my opinion, synonymous with virus, and as usual, you have been left to deal with this on your own.

How did this happen?

Like many age-old schemes, the desire for easy money has driven spyware development into the darkest corners of the Internet. Unscrupulous individuals use flaws in the Windows operating system in combination with Microsoft's browser, Internet Explorer, to distribute their wares, or more accurately, infect your machine.

Countless types of applications, browser helper objects, cookies and bots are now competing for your finite system resources in order to pitch pop ups, report your internet activity, modify OS settings and steal personal information. Simple site statistics are no longer sufficient to sustain the beast.

Spyware companies are making millions of dollars by evading laws, finding loopholes, exploiting vulnerabilities and making their products resistant to removal. When compared to what we all know as a traditional virus, spyware is much worse because viruses are not nearly as tenacious when it comes to re-propagation or resistance to removal.

This may sound like the work of evil, globally dispersed hacking networks but many spyware developers are operating within U.S. borders without so much as a hiccup from the legal system. Although as of late, the spyware problem has generated some rumblings on Capitol Hill.

Another punch to the gut is that it is very easy to track who is benefiting from your pain. Spyware partners are typically paid on a, 'per installation' basis. This means that there is a unique ID associated with each installation so that the partner can get paid. This information is easily acquired, yet no one is doing anything about it.

To further entertain us, Spyware companies are very shrewd and typically add verbiage on their sites to make you believe that all their software is installed only with your consent. What's even more hilarious is how the worst offenders have anti-spyware animations running on their sites.

If you look closely you would almost believe that you are reading a legitimate EULA when in fact, you're reading deceptive or flat out inaccurate information. Many of them tell you that the apps can be easily uninstalled using the add/remove programs feature in Windows. In my experience, this does not work. In fact, there have been times when I have seen what appears to be a complete uninstall only to find that the Spyware is still operating in the background.

Page 2: Giving Spyware the Boot

  • Virus Alert: Worm Uses Own SMTP Engine to Spread
  • Platform Logic Wraps OS, Apps With Security Protections
  • 5/13: Sqdrop-A a Dropper Trojan
  • Disaster Recovery Vs. Business Continuity
  • 7/29: Lovgate-AK a Mass-Mailing Worm
  • 4/5: Mytob-Y Worm Copies Itself to Email
  • 5/11: Rbot-ACH Worm Spreads Via Shares
  • 12/8: Rbot-RJ Worm Spreads to Shares
  • Netsky-D Ranked as High Risk
  • Symantec Offers Enhanced Portal for Enterprises
  • InstaGate SCM Offers Integrated Secure Content Management
  • Computer security background information