Spyware Runs Rampant, Study Says

Discussion in 'Networking and Security' started by Nolan-Vinny-Sam, Apr 18, 2004.

  1. Spyware Runs Rampant, Study Says
    Paul Roberts

    Think spyware isn't spreading? According to a new report from EarthLink and Webroot Software, there's an average of almost 28 spyware programs running on each computer. More serious, Trojan horse or system monitoring programs were found on more than 30 percent of all systems scanned, raising fears of identity theft.

    The report presents the results of scans of over 1 million Internet-connected computers. Many of the 29 million spyware programs that were found were harmless "adware" programs that display advertising banners or track Web surfing behaviors. However, the companies also found more than 300,000 instances of programs that are capable of stealing personal information or providing unauthorized access to computers, the companies say.

    Tracking Tools
    Spyware is a generic term that describes a wide range of programs that track user behavior on a computer, often for marketing purposes. The programs are sometimes bundled with other software, such as peer-to-peer file sharing programs, and installed legally on users' systems. However, once installed, they run surreptitiously in the background and can be difficult to detect and remove.

    The report covers the first three months of 2004 and compiles information from scans conducted by both EarthLink and Webroot. It is the first of what will be regular updates that track the prevalence of spyware, the companies say.

    The results show the proliferation of spyware and should encourage computer users to take steps to protect themselves from spyware, according to a joint statement from both companies.

    In particular, the detection of over 184,000 Trojan horse programs on the systems scanned and a similar number of system monitoring programs, such as key-logging software, underscore the potential for identity theft and system compromise for Internet users, says a statement attributed to Matt Cobb, EarthLink vice president of core applications.

    Protection Available
    The Atlanta-based ISP began offering spyware protection for customers in October. EarthLink added a program called Spyware Blocker for free as part of its TotalAccess package of software programs and tools, which EarthLink subscribers can download from the company's Web site.

    Spyware is gaining greater attention from software companies as well as lawmakers.

    In recent months, antivirus companies, including Network Associates, have released anti-spyware products.

    Also, in February, a group of U.S. senators introduced the Software Principles Yielding Better Levels of Consumer Knowledge (SPYBLOCK) Act, which would prohibit installing software on somebody else's computer without notice and consent and outlaw the use of "any information collection, advertising, distributed computing, or settings modification feature" that's installed without consent of the computer's owner.

  2. izeickl


    I highly recommend SpyBot


    Just download run it and let it scan for over 5000+ spy software on your comp...also dectects/deletes spy cookies, ad sites logging your ip/visited webpages, search terms etc. I was suprised to find some on my system as im v.careful but it found some none the less.

    Also, can recommend getting an updated HOSTS file from here:


    Windows checks the hosts file intially for DNS lookups before going to a DNS server. The host file here points all ad sites etc to (I.e your computer) so when a webpage goes to load an advert from say doubleclick.com, instead of the advert you get a "Page can not be displayed" where the advert would appear....does not affect the content of the page your looking at, just the advert.

    It has 1000s of ad/spyware sites listed. Just download it, and copy the file to one of

    Windows 95/98/Me c:\windows\hosts

    Windows NT/2000/XP Pro c:\winnt\system32\drivers\etc\hosts

    Windows XP Home c:\windows\system32\drivers\etc\hosts

    Its just a standard plain text file, so you can look inside it if you want and see what all is being blocked.
  3. do a thing for the latest, more sophisticated intrusions. My advice...
    Be be savvy user, take countermeasures and scan and scan again plus know your system, files and infrastructure of the machine, IE etc. Do not use IE if you can avoid it and use a firewall if all possible. Do not visit web-sites you do not trust or know. (kind of kills eCommerce, doesn't it?)
    I as some others here are ex programmers and IT guys it is easier for us who used machines for a living but must be hell to the computer based trader who knows shit about software, OS and other security related issues.
  4. If I use a firewall and I also scan regularly with Adware, Spybot and Norton.

    Do you think that is enough or should I be doing more ?
  5. I don't think spybot has been updated in months. Adaware self update periodically though.
  6. And the 1 percent can kill you...I am a merchant (have online merchant account and pcPay) where I can run a credit card through.
    The best would be a hardware firewall * not the crap software
    you use, I have an encrypted linux machine as firewall (with two NIC cards) and with ONLY certain ports open and I only allow trusted connection through.

    Most hackers scan your ports and machines and immediately leave when they see a linux or if they knew that the linux is in a secure mode. They only go after the easy Windows prey...
    The internet is problematic since if you get in the secure mode you can DO anything meaningful at all. So IE is the problem - GET RID of it and get a free browser (no more pop up crap) Netscape is also bad and it is not even supported anymore since MSFT screwed them..

    ad free browsers are
    Opera (my fav)
    and countless others
  7. Idoogye


    abound. One of the better ones: "Firefox" (formerly "Firebird"), from Mozilla: http://www.mozilla.org/. It may be better than "Opera", I think.
  8. Thanks guys I just downloaded Mozilla and I am surfing with it now,:)

    So does this mean that I will be safer ?
  9. your safety is a comprehensive policy and education to go for the long haul. The nasty adware and IE holes will be a plus with a new browser. Many attack IE exclusively since it is badly written and too much intertwined with the OS.
    Other steps to follow depending on what os you use;
    Turn off the "server"
    Turn off the IIS (web server) and SMTP mail server(will be automatically shut off) but many hackers highjack your PC to mail stuff from your SMTP
    Turn off messaging
    (some of are in server only - i.e. XP professional, 2000 server, 2003 server..
  10. One



    I use a firewall, adaware, and spybot, like you, but have also found that trend micro's free scan has consistently caught a few the others missed. It's free and it's at their site.
    #10     Apr 18, 2004