Results 1 to 3 of 3

Thread: Introduction to Spyware Keyloggers

  1. #1
    Senior Member
    Join Date
    Jan 2002
    Posts
    218

    Introduction to Spyware Keyloggers

    below is an interesting article from security focus concerning spyware and keylogging... an aspect of certain spyware we often overlook:

    Spyware overview
    Spyware is a categorical term given to applications and software that log information about a user's online habits and report back to the software's creators. The effects of these programs range from unwanted pop-up ads and browser hijacking to more dangerous security breaches, which include the theft of personal information, keystroke logging, changing dialup ISP numbers to expensive toll numbers, and installing backdoors on a system that leave it open for hackers.

    Spyware usually gets into the computer through banner ad-based software where the user is enticed to install the software for free. Other sources of spyware include instant messaging, various peer-to-peer applications, popular download managers, online gaming, many porn/crack sites, and more. Note that most, but not all, spyware is targeted exclusively at Microsoft's Internet Explorer web browser. Users of modern Web browser alternatives, such as Mozilla's Firefox and Apple's Safari, are generally not affected by spyware at all.

    The most recent delivery methods used by malicious spyware require no permission or interaction with the users at all. Dubbed as "drive-by downloads," [ref 1] the spyware application is delivered to the user without his knowledge simply when he visits a particular website, opens some zipped files, or clicks on a malicious pop-up ad that contains some active content such as ActiveX, Java Applets, and so on. Spyware can also be hidden in image files or in some cases has been shipped along with the drivers that come with a new hardware device.

    click here to view the rest of the article

    i would cut n paste, but the article is rather intensive, complete with graphics. definitely worth a read in my opinion.

  2. #2
    Frustrated Mad Scientist
    Join Date
    Dec 2004
    Posts
    1,152
    I did'nt quite get what this bit was going on about?

    This same keylogger was next installed on a different test PC through another program's installer and then configured to send keystrokes captured in an email to a test email-id. Ironically, the program used for this example was Spybot Search & Destroy [ref 10], a legitimate freeware tool that does a good job of detecting spyware. This is a good example of how other legitimate applications can also be used to install spyware, unbeknownst to the reader.
    Are they saying that Spybot s&D can be used to install a keylogger?

  3. #3
    Senior Member
    Join Date
    Jul 2004
    Posts
    469
    I think they're saying they added some spyware to the installer of spybot. This way when you install spybot, you get the spyware... for free!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •