Everything You Need To Know About Spyware and Malware

You are at your computer, checking out software on EBay. The computer is really sluggish, and you are not running anything else. You click on a link, and BLAM you are redirected to a search page you've never heard of and the "back" button won't work.

You've got Spyware! Just what is "Spyware?" The word brings to mind exploding pens and shoe phones. In fact, software makers have struggled to define what spyware is, and is not.

The Anti-Spyware Coalition, a group of companies that include EarthLink, Microsoft, and Hewlett-Packard, have recently published a document that defines spyware as such: "Spyware impairs users control over material changes that affect their user experience, privacy or system security; use of their system resources, including what programs are installed on their computers; or collection, use and distribution of their personal or otherwise sensitive information"

In simpler terms, spyware "spies" the software on your computer, personal information, what web pages you look at, and in some cases, usernames and passwords. Ugh.

The first spyware distribution was in 1999, and is attributed to a popular freeware program called "Elf Bowling." Many users found to their dismay that this "harmless game," was sending information to the creators, Nsoft. This spawned the first anti-spyware program in the year 2000.

Now, both spyware and anti-spyware programs are too numerous to count.

There are several types of software that fall under the generic description of spyware. Let's look at a few, and what they do.

Adware - adware is an application that displays advertising banners. The reason this is criticized is that it can send information back to the company, who then "targets" you with specific banners based on the web pages you've opened. This is different from clicking on a banner for more information. This program sneaks in the "back door," not "advertising" its presence. Please note that the word "AdWare" is a trademark of AdWare Systems, an honest software company. They are not a part of adware, just share the unfortunate name.

Key loggers are just that. They collect the keystrokes you make, like logging into your bank account, and send it to the hacker. Now he has your account number, user name, and password.

Hijackers and Toolbars are another form of spyware. Hijackers take over your browser, opening pages you don't want, and preventing you from opening ones you need - like a site that tells you how to get rid of them. Toolbars are the same sort of thing. Now, you may want to have a toolbar like Yahoo or Google on your browser. They can make searches easier, and may have popup or ad blockers. The malware forms of these try to look like them, but they have completely different motives.

Malware is a generic term for "malicious" software. These programs don't just collect information; they are out to get your computer. Technically, these are not spyware, but a brief explanation seems to be in order. Malware spreads itself through the computer, changing files, making copies to send, even erasing the hard drive. Virus' and worms are a part of this group.

Other malware programs are "Trojan Horse, or Backdoor." These hide quietly in your computer until you connect to the internet. Then they creep around your browser, "reporting in" to the owner, who then uses your computer "address" to send out virus's, malware, and spam. Some hackers link several computers to send so much nonsense information to a particular web site that it is overwhelmed, causing it to shut down.

How does spyware end up on your computer? You're not going to like this . . . but most likely you loaded it on yourself! Wait! Before we get nasty letters, let us explain. Remember those "smileys" you downloaded last week? How about the cute cursor the nine year old picked? Most of these "free" programs have spyware attached, or imbedded in them. Even Adobe Reader loads a "Yahoo search bar" when you update the reader.

Remember when you installed the program and that gray box popped up with a thousand lines of small print? Did you read it? I doubt anyone does. The spyware distributor counts on that. If you do manage to slog through the legalese, and stuff only advanced programmers would know (or care about), there will be a few innocuous lines, something along the lines of: "this program will collect information to better your enjoyment of this program," or "a web search toolbar will be added to your browser." When you click on the "accept" button to install the software, you have also agreed to the spyware program.

Another way is when a box pops up claiming to be legitimate software needed to view the site properly, or that it is an update. It only has a "yes" button, implying that you are required to allow the download. These are copying legitimate updates from places like Microsoft, or Macromedia.

Just what is spyware going to do to your computer? Anything you can do, he can do better. It is an executable that can record keystrokes, read your files, watch your word processing program, change your home page, add and delete files, read your cookies (with personal info), then "phone home" with the info. Some spyware will crash your browser if you try to uninstall it. Others may "pretend" to be uninstalled, but they wait until your back is turned to load itself back on your system.

You don't know how the stuff was loaded on your computer, but it is causing all kinds of problems. The computer is running slower, certain programs are not working, and on occasion, you see the dreaded "blue screen of death." (crash). Don't worry, you are not alone According to an October 2004 study by America Online and the National Cyber-Security Alliance, 80% of surveyed users' computers had some form of spyware, with an average of 93 spyware components per computer. 89% of surveyed users with spyware reported that they did not know of its presence, and 95% reported that they had not given permission for it to be installed.

Now what do you do? There are several good "spyware removal" programs out there. But be warned! There are also a number of programs that claim to be anti-spyware that do not work, or worse add more spyware to your system! A good resource for "suspect" spyware is the list at: http://www.spywarewarrior.com/rogue_anti-spyware.htm They have a list of over 200 programs that claim to take care of spyware, but may not do what they claim.

Once you get your computer "clean," how do you avoid getting "dirty" again? There are firewalls and programs designed to watch for known spyware. When you register, the "known spyware" definitions can be updated on a regular basis.

You could use a browser other than Internet Explorer (most spyware exploits problems here). This writer loves Mozilla Firefox - it's free at www.mozilla.org

Our lawmakers are doing their best to stem the tide of spyware/malware. For example, in Washington State, USA, it is illegal for anyone other than the owner/operator of a computer to install software that alters web browser settings, monitors keystrokes, or disables computer security software.

The Gibson Research Corporation, www.grc.com, has several free fixes to "plug holes" in Internet Explorer's security.

There is hope. In 2005, NY Attorney General Eliot Spitzer brought suit against Intermix Media, Inc. Intermix's spyware program spread by drive-by download (loaded without permission), and installed itself in such a way it was very difficult to remove. Intermix settled for $7.5 million dollars.

Spyware is here to stay. Your best bet is to be informed - know the tricks used by spyware to load itself. Use a firewall or spyware blocker program. Most important, understand exactly what that new program will install on your innocent computer.

ABOUT THE AUTHOR:
Mike Christy is the owner of http://www.spywarecenter.info which is a free information site providing the latest Spyware news and instructions on how to remove Spyware from your computer.

How the NSA Took Linux To the Next Level Slashdot - 7 hours ago In RBAC, permissions are provided based on roles that are granted by the security system. The concept of a role differs from that of a traditional group in ... Anatomy of Security-Enhanced Linux (SELinux) OS News all 1,730 news articles

Private security firms say no way to meet demand of 2010 Winter Games The Canadian Press, VANCOUVER - 10 hours ago VANCOUVER — There's no way the private security industry can meet the demands from either Olympic organizers or the RCMP for help during the 2010 Winter ... RCMP checking into downtown Vancouver hotel for 2010 Olympic Games The Canadian Press all 32 news articles

No need to check background of cabinet spouses, partners, says Day The Canadian Press, OTTAWA - 8 hours ago OTTAWA — Public Safety Minister Stockwell Day says there's no need to run security checks on the spouses or partners of federal cabinet ministers, ... Foreign Affairs Minister Maxime Bernier under fire CTV.ca Minister to face grilling by Commons over judgment Globe and Mail Bloc calls for Bernier security probe Toronto Star Canada.com - The Gazette (Montreal) all 322 news articles

Secure Computing delivers security gateway virtual appliances for ... Al-Bawaba, Jordan - 3 hours ago Secure Computing Corporation (Nasdaq: SCUR), a leading enterprise gateway security provider, has announced it is working with VMware to provide customers ...

Rebate excludes many taxpayers with foreign spouses The Associated Press - 9 hours ago But Shelat is married to a foreigner who still hasn't completed the often years-long process that allows her to apply for a Social Security number. ...

China's biggest city beefs up subway security check Xinhua, China - 1 hour ago The increased workforce was expected to help speed up security checks during work day rush hours to ensure smooth traffic flow as well as improve Metro ...

NDTV.com

IB blames 'slack' BSF for infiltration Times of India, India - 7 hours ago It is fairly common for security forces engaged in counter-terrorism operations to lower their guard during periods of lull. What is also common is that ... Jammu terrorist attack defies BSF claims Merinews Hostage crisis over in Jammu, 2 terrorists killed CNN-IBN Militants strikes back: Heavy Firing along LoC Little About Reuters India - CNN-IBN all 130 news articles

China's energy security moves it closer to the Middle East Daily Star - Lebanon, Lebanon - 6 hours ago Therefore China has a significant interest in the Middle East, and any changes in the situation there will affect China's energy security. ...

Xinhua

Security source: Terrorists firing mortars to avoid retaliation Ynetnews, Israel - 5 hours ago 'We cannot continue living under fire without proper fortification,' one resident says The problem, according to a security source, stems from the ... Negev council head: Government busy with investigations instead of ... Ynetnews all 47 news articles

Turkish Press

Gov't of Sudan to lodge complaint to UN Security Council against Chad Xinhua, China - 6 hours ago KHARTOUM, May 11 (Xinhua) -- Sudan announced on Sunday it would lodge an official complaint to the United Nations Security Council against Chad's government ... Sudan steps up security, says Darfur rebels advance Reuters Sudan Imposes Curfew to Hunt for Darfur Rebels in Capital; Cuts ... Voice of America Sudan cuts ties with Chad The Associated Press Yahoo! Italia Notizie - The Media Line all 750 news articles