Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/a26f9f83/public_html/articles/includes/config.php on line 159
Most Dangerous Types of Spyware are on the Rise: How to Choose the Weapon > NetSparsh - Viral Content you Love & Share

Most Dangerous Types of Spyware are on the Rise: How to Choose the Weapon

Bad News - the Threat is Bigger than it Seemed

How recently it was ? when even many journalists thought that spyware gathers mostly information to be used for targeted advertising. Definitions like "spyware, a.k.a. adware, is?" were pretty common in articles. Keyloggers and system monitors were mentioned as dangerous, but relatively rare. Until the Spy Audit survey made by ISP Earthlink and Webroot Software clearly showed - they are not rare at all.

The results of the survey are here:

http://www.earthlink.net/spyaudit/press/ and http://www.earthlink.net/about/press/pr_spyauditsurvey/

Reading them will be time well-spent for everybody who uses Internet and at least sometimes deals with information valuable enough to be stolen; in fact, it means just everybody.

"Industry experts suggest that these types of programs [i.e. spyware in general] may reside on up to 90 percent of all Internet-connected computers" ? that's the exact quote. Considering the number of computers scanned during this survey (which lasted for a whole year 2004), there is nothing left but to come to the conclusion ? it must be true to fact.

Despite the fact that one of the Spy Audit authors is an anti-spyware vendor, there is no doubt that the results are trustworthy ? there has been more than 4.6 million system scans made in 2004. It seems that the results of the survey might be like the bolt from the blue even for the specialists, not to mention general public.

16.48% of all scanned consumer PCs in 2004 had a system monitor installed. It means that 16.48% of these users were definitely under monitoring (who monitors them ? that's another question). 16.69% had a Trojan horse program, and this is a troubling sign, too ? it is a keylogging module that Trojans often have inside. "Information-stealing Trojan" in descriptions most often means "keylogger-containing Trojan". Both figures give us an overwhelming 33.17% PCs contaminated with some program with information stealing capability. Even if not all these Trojans were information-stealing ones, the situation is distressing anyway.

Schools of Phish and Herds of Trojan Horses

"Traditional" phishing and spoofing (sending emails linked to a bogus bank Web site and waiting for unwitting customers) are, unfortunately, not new phenomena. It is a modernized two-stage scam which includes contaminating the victim's machine with a keylogger-containing Trojan horse program that is spreading like a wildfire now.

This scheme is without doubt much more dangerous; in this case the victim needn't follow the link in the email. Trojan horse lurks in the background until the victim types particular titles or URLs into his browser. Once the user visits one of a number of banking Web sites the malicious code is triggered into action, capturing passwords and taking screenshots. Then the information is sent to remote hackers who can use it to break into the bank account and steal money.

There were several outbreaks in activity of such information-stealing Trojans which targeted bank customers in 2004. Actually, such a scam was first used in Brazil ? when the notorious Trojan named Troj/Banker-AJ appeared, experts recalled that the security firm Sophos had warned earlier in 2004 about criminals who used similar techniques to break into Brazilian online bank accounts.

Crooks may use pretty ingenious and "efficient"(if such a word could be appropriate for this activity) techniques to place the Trojan into users' PCs ? letters can be mimicking CNN news alerts, or offering to reserve the very latest book about Harry Potter in the series before it is published in July. Who knows what will they invent next?

Looking for Solutions to the Problem

In 2004 it become as clear as day to anyone - from being not much more than a nuisance for PC users, spyware turned into one of the major threats to information security. Since the Internet has become a part of daily life and business, rapid growth of such kinds of cybercrime as identity theft and phishing endanger the whole society. Some types of spyware, namely software capable of stealing valuable information (like passwords, SSNs), certainly facilitate these crimes.

Software vendors by all means are responding to the threat to meet the enormous demand for anti-spyware protection.

Several big anti-virus vendors, such as Norton and McAfee, have already begun providing anti-spyware protection as well. Microsoft also joined the anti-spyware market this year (and has already become a target for the malicious Trojan called Bankash-A; fortunately, no serious damages reported so far). Symantec plans to announce new features to fight spyware in some of its enterprise antivirus and intrusion prevention products.

Besides, there also are ? literally - hundreds of stand-alone anti-spyware developers and vendors. The number of anti-spyware software they all develop, promote and sell is constantly growing - and will grow in future. So will the profits. According to predictions from the market advisory firm IDC, the market for anti-spyware solutions is expected to boom in the next few years. Anti-spyware software revenues will soar from US$12 million in 2003 to $305 million in 2008.

But what about end users ? are they going to benefit from such a variety of anti-spyware solutions available at the market? Or will they just feel bewildered and lost in all this mass of ads offering instant relief from nasty and dangerous spyware? It looks like most people are already confused because advertising is pretty much alike ? how to distinguish a high-quality product from some hit-or-miss software developers fabricated in haste just to get quick profit?

What a user can (actually must) do is to know what exactly he or she is buying or installing for free. Here are several simple common-sense tips:

The first step is to visit the site of the company that produces this product. Look it through. Read "about us" section. How long does this company exist? Ignore "testimonials" ? there is no guarantee that it wasn't the company's PR manager who wrote them. It would be better to search, say, Google groups for opinions.

A good old background check will also do a lot of good. It takes some time, though ? but peace of mind later is worth half an hour's browsing the Web now. The simplest way is to search for the product's name along with such words like "installs", "spyware", "adware", "popups", etc.

There are even lists of suspicious, low-performing, or adware-installing products. See, for example, http://www.spywarewarrior.com/rogue_anti-spyware.htm - an ample list of anti-spyware you'd better not buy. By the way, the whole this site is worth studying thoroughly.

The fact that you are not a tech person doesn't mean you can afford not knowing the basic principles these products are based on. What a user can expect from an anti-spy product and what is simply impossible?

Most anti-spyware products apply signature databases, i.e. rely on simple pattern-matching technique. Detecting spy software is the crucial step of the whole process ? all the protection depends on whether the anti-spy software is able to detect as many malicious programs as possible. The bigger the database is and the more often it is updated, the more reliable protection the product will provide.

Signature base, which most anti-spy products depend on, is actually the "list" of signatures ? small pieces of spy programs' codes. Anti-virus or anti-spy program actually scans the system and compares its codes with those in signature bases. So, in this case only the spies whose signatures already are in the base will be detected and eventually "caught". As long as anti-spy software is regularly updated and the system doesn't come across some unknown spy product, everything is all right.

The problem is that there is good deal of people capable of creating something brand-new, unknown to anti-spyware developers. The period of time when a new spy already exists, but the updates have not been released yet, is the very time when cybercriminals make their biggest profits.

The advantage of signature base analysis is that programs based on this method of detection can be of wider range ? it is possible to include signatures from different types of spyware and adware into a single database. However, regular release of updates for these bases becomes crucial. If the developer fails to do it properly and on time, there is a considerable risk for such a program to become "Jack of all trades and a master of none."

The conclusion is simple ? if a product applies signature database, it's better to choose anti-spyware with the biggest and most frequently updated base. Don't expect absolute protection ? with this technique it is simply unattainable.

But in case of information-stealing programs, like keyloggers or keylogging-containing Trojans, a single "overlooked" program may mean lost valuable data. Since signature analysis can't ensure protection against constantly appearing brand-new keyloggers, blocking the very process of keylogging would be better. Such a technology already exists, and it may be the next step towards more reliable protection against the most malicious types of spy programs.

Alexandra Gamanenko currently works at Raytown Corporation, LLC - the independent software developing company, which created the technology capable of blocking the very process of keylogging. Visit its website: http://www.anti-keyloggers.com

In The News:

This RSS feed URL is deprecated, please update. New URLs can be found in the footers at https://news.google.com/news

The Verge

Huawei Mate 10 Pro review: software sadness
The Verge
We're less than two months into 2018, and so far, the year hasn't been very good for Huawei. The Chinese company had hoped that this would be the year when it would finally be able to break into the US market and compete with Apple and Samsung. But ...
Hands-on with the $800 US model Huawei Mate 10 Pro: Fantastic hardware, software still needs workZDNet

all 5 news articles »

Moneycontrol.com

UPDATE 1-Indian software services sector to grow 7-9 pct in FY19 - lobby group
Reuters
HYDERABAD, India, Feb 20 (Reuters) - India's software services exports will see revenue growth of 7-9 percent in constant currency terms in the fiscal year to March 2019, a leading lobby group forecast on Tuesday, as the industry continues to recover ...
Indian software services sector to grow 7-9% in FY19: Lobby groupMoneycontrol.com
Indian software services growth to remain flat at 7-9% in FY19 too: NasscomBusiness Standard

all 9 news articles »

The Guardian

Vodafone pilots new software to thwart rogue drones
The Guardian
A drone carries medical supplies to King's College Hospital in south London. Photograph: David Parry/PA. Vodafone is testing technology to track and control drones to let authorities protect aircraft from accidents and terrorist attacks and stop ...

and more »

Forbes

The Best Tax Software
Forbes
Our budget pick, TaxAct Tax Software, is a great alternative. However, it's less intuitive and is geared toward those who already have a good working knowledge of filing taxes. Although it's less expensive, this pick offers solid security and is a ...


Washington Post

In our eyes, Google's software sees heart attack risk
Washington Post
By looking at the human eye, Google's algorithms were able to predict whether someone had high blood pressure or was at risk of a heart attack or stroke, Google researchers said Monday, opening a new opportunity for artificial intelligence in the vast ...
Google's software can predict whether you're at risk of a heart attack by looking at your eyesSouth China Morning Post
Google's eye-scanning software predicts heart attack riskPekin Daily Times
Prediction of cardiovascular risk factors from retinal fundus photographs via deep learning | Nature Biomedical ...Nature
The Verge
all 43 news articles »

Bloomberg

Daimler Downplays Report on Rigged US Emission-Test Software
Bloomberg
Daimler AG sought to play down a newspaper report that its own engineers questioned the legality of software used to control diesel equipment in its vehicles, saying U.S. authorities knew about the allegations and haven't taken action. Documents ...
Daimler included emissions-cheating software on diesels, German magazine saysArs Technica
Daimler may have used software to cheat on US emissions testsEngadget
Software may have helped Daimler pass US emissions tests: reportReuters
Nasdaq -Automotive News (blog) -Fiji Times -Phys.Org
all 75 news articles »

The Register

KFC: Enemy of waistlines, AI, arteries and logistics software
The Register
Brits suffering through the nationwide KFC famine can enjoy with wry amusement the fact that an AI can be fooled into thinking an image of Colonel Sanders and the restaurant's logo are a stop sign. The fast food famine arose after KFC UK last week ...

and more »

Los Angeles Times

Toyota Prius software fix may reduce fuel efficiency, experts say
Los Angeles Times
Assertions that the Toyota software change decreased the car's fuel economy are contained in a lawsuit seeking class-action status filed this month in U.S. District Court in Los Angeles. "Unbeknownst to drivers, Toyota reduced the vehicles' fuel ...


Constellation Software Announces Appointment of Robin van Poelje to its Board of Directors
GlobeNewswire (press release)
TORONTO, Feb. 19, 2018 (GLOBE NEWSWIRE) -- The board of directors of Constellation Software Inc. (“Constellation”) (TSX:CSU) announced today the appointment of Robin van Poelje to the Company's Board of Directors. Mr. van Poelje is the founder and ...

and more »

PR Newswire (press release)

Epson Announces Projector Control Software to Easily Manage Multiple Projectors Simultaneously
PR Newswire (press release)
With the new EPPT software, we offer an easy tool for users to set up and execute unique projection applications," said Ramzi Shakra, product manager, large venue projectors, Epson America, Inc. "This new tool is intuitive to use and will allow our ...

and more »
Google News

C++ Function Templates

C++ Function templates are those functions which can handle different... Read More

Microsoft CRM Integration with Microsoft Retail Management System (RMS) ? Overview

Microsoft Client Relation Management system (Microsoft CRM) and Microsoft RMS... Read More

Microsoft Great Plains Implementation in Russia ? Overview for Consultant

Microsoft Business Solutions Great Plains is very popular ERP platform... Read More

Exactly What Does FTP Stand for and What Can it do for Me?

FTP stands for "file transfer protocol". FTP is basically a... Read More

How To Identify, Cure and Prevent Spyware/Adware Infections

Just when you thought you were Web savvy, one more... Read More

Microsoft Axapta, Navision or Great Plains: ERP Selection for Large Corporation

If you would like to pick something from Microsoft, or... Read More

Microsoft Great Plains Implementation for Midsize & Large Corporation: Lockbox Processing

Microsoft Great Plains is now targeting large and midsize businesses... Read More

Microsoft RMS ? Great Plains Integration ? Overview For IT Specialist

Microsoft Great Plains and Microsoft Retail Management System (Microsoft RMS)... Read More

Computer Based Language Development and Spell-checking

Language development computer: Computer-based method for aiding language development seems... Read More

Groupware: What Works the Way Businesses Do?

GroupwareThe internet is full of 1.5 million to 7 million... Read More

Oracle Development: JDeveloper 10G ? Java, J2EE, EJB, MVC, XML - Overview For Programmer

In 2004 Oracle, Inc. made its new step toward J2EE... Read More

Five Tips For A Great Software Demo

Whether you need to close a sale, gather end-user feedback,... Read More

Run Your Own Search Engine

Our hosted solution allow you to run your own search... Read More

Are You Waiting for Microsoft Longhorn Operating System

I love new technology. I am still ready to wait... Read More

Perfectly New Database Query Tool - Foxy SQL Pro Released

Are you a database professional? Do you work with a... Read More

A Simple Guide To Wikis

A wiki is an editable text-based website. But you don't... Read More

Microsoft Great Plains Implementation & Customization: Computer Parts Retailer Example

Microsoft Great Plains fits to majority of horizontals and retail... Read More

Will Adobe Manage to Replace Industry Work Horse Quark Express by Giving Adobe InDesign for Free?

And kill the best layout software in the process of... Read More

Most Common Ways to Accumulate Spyware (where It is Downloaded to Your PC)

It is possible that if one avoided all sources of... Read More

Razzle Dazzle Them

Once upon a time not so long ago, there was... Read More

Enterprise Resource Planning Overview

ERP (Enterprise Resource Planning) Overview covers What is ERP, Brief... Read More

Linux vs Windows Operating Systems

With so many Microsoft Windows related viruses, errors, and other... Read More

HelpDesk & Asset Management Software - Choosing The Right One

If you are to buy a HelpDesk & Asset Management... Read More

ERP System of the Future: Database, Business Logic and Interface

We will base our prognosis on our Microsoft Business Solutions... Read More

Dashboard Widgets for Windows

For a windows user like me, just can watch with... Read More