Mangesh A. Wadibhasme

What is Spyware?

Spyware is a type of malware that's hard to detect. It collects information about your surfing habits,

browsing history, or personal information (such as credit card numbers), and often uses the internet to pass this information along to third parties without you knowing. Key loggers are a type of spyware that monitors your

key strokes.

spyware is mostly used for the purposes of tracking and storing internet users' movements on the web and serving up pop-up ads to internet users.

1.System monitors

2.Trojans 3.Adware

4.Tracking Cookies

Spyware is mostly classified into 4 types:-

The first recorded on October 16, 1995 in a UseNet post that poked fun at microsoft's business model.

Spyware at first denoted software meant for espionage purposes.

However, in early 2000 the founder of zone labs, gregor freund, used the term in a press release for the zone alarm personal firewall.

Use of exploits in JavaScript, internet explorer and windows to install.

History and development of spyware.

Unwanted behavior and degradation of system performance.

Unwanted CPU activity, disk usage, and network traffic.

Stability issues:-

Application's freezing.

Failure to boot.

System-wide crashes.

Difficulty connecting to the internet.

Disable software firewalls and anti-virus software.

Effect and Behavior.

Installed when you open an email attachment. Spyware installs itself Install by using deceptive tactics Common tactics are using a Trojan horse. USB Keylogger. browser forces the download and installation of spyware.

Routes of Infection.

• Installing anti-spyware programs.

• Network firewalls and web proxies to block access to web sites known to install

spyware

• Individual users can also install firewalls.

• Install a large hosts file.

• It Install shareware programs offered for download.

• Downloading programs only from reputable sources can provide some

protection from this source of attack

Security Practices.

Anti-Spyware Program.

Products dedicated to remove or block spyware.

Programs such as pc tool’s spyware doctor, lava soft's ad-aware se and patrick kolla's spybot - search & destroy.

Antivirus 2009Antivirus GoldContravirusMacsweeperPest Trap

PsguardSpy WiperSpydawnSpylockedSpysheriff

SpyshredderSpyware QuakeSpywarestrikeUltimatecleanerWinantivirus Pro 2006

Windows Police ProWinfixerWorldantispy

Some known offenders include:

Rouge Anti - Spyware Program.

popups prompting them to install them to protect their computer, this software is called rogue software.

do not install any freeware claiming to be anti-spyware unless it is verified to be legitimate.

Fake antivirus products constitute 15 percent of all malware.

These common spyware programs illustrate the diversity of behaviors found in these attacks

A group of programs.

Takes advantage of internet explorer

vulnerabilities.

The package directs traffic to advertisements

on web sites including coolwebsearch.Com. It

displays pop-up ads.

Rewrites search engine results, and alters the

infected computer's hosts file to direct DNS

lookups to these sites.

1).CoolWebSearch

Examples!!!!

These common spyware programs illustrate the diversity of behaviors found in these attacks

Sometimes called finspy. High-end surveillance suite sold to law

enforcement and intelligence agencies.

2).FinFisher

Examples!!!!

These common spyware programs illustrate the diversity of behaviors found in these attacks

Wintools or adware.Websearch,

Installed by an active-x drive-by download

at affiliate web sites.

These programs add toolbars to ie.

Track aggregate browsing behavior.

3).Huntbar

Examples!!!!

These common spyware programs illustrate the diversity of behaviors found in these attacks

Transmits detailed information to

advertisers about the web sites which

users visit.

It opens pop-up ads that cover over

the web sites of competing companies

4).Zango

Examples!!!!

These common spyware programs illustrate the diversity of behaviors found in these attacks

Downloads itself to a computer via an active-x code and reports information back to control server.

Some information can be the search-history, the websites visited, and even keystrokes.

5). Zango Trojan

Examples!!!!

Applications Of Spyware.

"Stealware" and affiliate fraud.

Affiliate Fraud is a violation of the terms of services.

Terminated from affiliate networks including linkshare and

sharesale.

Mobile devices can also be vulnerable to chargeware.

Applications.

Identity theft and fraud

Coolwebsearch.Com spyware had used it to transmit “chat

session user names, passwords", bank information, etc.

The Federal Trade Commission estimates that 27.3 million

Americans have been victims of identity theft

That financial losses from identity theft totaled nearly $48 billion

for businesses and financial institutions and at least $5 billion in

out-of-pocket expenses for individuals.

Applications.

Digital rights management

It can be removed with the removewga tool.

Some copy-protection technologies have borrowed from spyware

While the main purpose of this deliberately uninstallable

application is to ensure the copy of windows on the machine was

lawfully purchased and installed.

Applications.

Personal relationships

Used to monitor electronic activities of partners relationships.

Loverspy, was specifically marketed for this purpose

Depending on local laws regarding communal/marital property

Observing a partner's online activity without their consent may be illegal

Applications.

Browser cookies

Business purposes

Anti-spyware programs often report web advertiser’s HTTP Cookies.

The small text files that track browsing activity, as spyware

Applications.

LEGAL ISSUES.

Criminal lawUS FTC actionsNetherlands OPTACivil lawLibel suits by spyware developersWebcam Gate

Legal Issues.

Thank You!

Stay Connected