Spyware Removal
November 13, 2010 by admin
Filed under pc recovery
Spyware is just,”….some piece of software that the user doesn’t know about that transmits personal information.” The article describes the motivation and targets of spyware, the ways the spyware hacks the information and gives awareness to naive users about spyware intrusion.
Introduction:
Spyware is a class of malware that collects information from the system without the data owner’s consent. This data may include keystrokes, screenshots, authentication credentials, personal email addresses, web form field data, Internet usage habits, and other personal information. These data is delivered to online attackers who sell it to others or use it themselves to execute financial crimes, identity theft, or use it for marketing or spam. For a program to qualify as spyware it must collect data without the data owner’s knowledge or consent and must deliver or make it available in some way to an unauthorized party.
Three types of attackers get benefit of the spywares
-
Online attackers
-
Marketing organizations
-
Trusted insiders
Online Attackers
Online attackers primary interest in spyware is using it to steal personal information for financial crimes like carding (illicit trafficking in stolen credit card and credit card information), for identity theft, or to sell that information to someone else who then executes more traditional financial crimes.
Marketing Organizations
Marketing organizations are mostly interested in personal information such as email addresses, online shopping and browsing habits, keywords in search queries, and other personal and trend related information that can be used to execute marketing campaigns like spam, spim (unsolicited messages received via instant messaging systems), browser popups, home page hijacking, and more.
Spying by a Trusted Insider2
A trusted insider might be an employee who leverages spyware to collect corporate information which can be sold in the underground economy, used for blackmail, or used to gain access to more valuable information at some later time.
Targeted data:
Some commonly targeted data includes:
-
Internet activity
-
email and contact information
-
Windows PStore data
-
clipboard contents
-
keystrokes
-
screenshots
-
network traffic
Internet activity: These types of data are mostly the user financial data, identity data such as credit card, browsing habits, online purchasing habits.
Email and contact information: Email addresses are be harvested from an infected user’s system and marketed for use in spam mailing lists. Common techniques are getting it from email applications’ address books, and scanning files on the system’s disks for strings that match the format of an email address.
Windows PStore data: windows has a protected data store which mostly contains users outlook passwords, passwords for web sites, MSN Explorer passwords, IE AutoComplete passwords, IE AutoComplete fields, digital certificates. The attacker uses PStore API to get over the encrypted content of PStore.
Clipboard Content: System clipboard sometimes contains sensitive information. Some includes user credentials that are copied and pasted into login forms or product registration codes. Attacker can easily get access to the clipboard and uses the user’s sensitive data.
Key Strokes: This is the simple and very effective technique used by spyware for revealing user identity by reading the keystrokes of the user which may consists of user name, email ids, and passwords.
Ways to defend:
Educating the user about the threat of spywares. Always be alert of spywares, by denying the user sophisticated facilities like save passwords, auto complete actions. Avoid trusting unknown or high risk sources. Before entering to surf a site or registering in a site always read the terms and condition where they may tell about their credentials over our personnel data. Some application asks for some third-party software which to installed during the installation of that application. So beware of such default checked options during installation of software. Always stay with up-to-date patches for the operating system and applications. Using best antivirus and anti-spywares which help us to defend against threads. Avoiding application which are mostly targeted by spywares like Microsoft IE and using alternative applications will help to defend against spyware.
