Sneaky Sneaky Spyware
Posted 12-18-2007 at 05:11 PM by BMR777
Hello and Welcome to my Blog!
In my spare time I like to do spyware research, that is purposefully infect a test computer with something malicious and see what happens. If you think this makes me crazy, you should know that I'm not. I do all of my testing inside of a Virtual Machine, a test computer that is completely separate from my main computer. Virtual Machines are nice because they offer the same experience as a real XP computer, but they can be deleted with the simple press of the delete key.
What I have found is that these malicious software makers are particularly crafty. There's spyware that operates by locking users out of system areas so that the spyware can prevent it's own removal. If you've ever wondered why the Task Manager is suddenly "Disabled by the Administrator" or why Control Panel is no longer on the Start Menu, you're probably infected with something. The best course of action for you to follow would be for you to first regain access to the locked areas of your system so you can clean your system and then follow the TSF 5 Steps to Remove Spyware in order to clean your system.
Spyware makers also rely on social engineering tricks to get you to fork over your hard earned money. The latest trend is spyware that pretends to be AntiSpyware software. These "rogue" antispyware programs usually make up fake threats on your system and will only remove these threats if you pay to have them removed. Some may even install via security holes and hijack your desktop background or show you fake security alerts. Remember that most reputable antispyware programs give you a free trial where they will both detect AND remove any found threats. Reputable antispyware software will also never install without your consent.
Another spyware trend involves "hacking" the advertising banners of popular websites. The bad guy will contact a popular website to try and buy ad space for a banner. The banner is usually for something harmless and when the banner is tested, nothing bad happens. The banner, however, is lying in wait. Once a certain date comes around, the banner begins to redirect users from the legitimate site to a site that is attempting to distribute spyware or malware. This is accomplished by hiding malicious code inside of a flash banner and then using redirection capabilities inside of flash to attack users. With this technique, even the most harmless site can be easily compromised.
So how can you protect yourself? The best thing to is to have up to date antivirus and antispyware software. I recommend AVG Free Antivirus and Microsoft's Free Windows Defender, but many reputable free and paid programs exist.
I also recommend the MVP's Custom Hosts file. This file blocks thousands of known malicious websites as well as ad sites. Block ads and spyware with one simple file!
McAfee SiteAdvisor is also cool. This tiny free tool sits in your browser and alerts you and changes colors if you are on a malicious website.
The best way to stay safe online, however, is to be vigilant. Don't download files from people or sites you don't trust. Also be wary of anything free that seems to good to be true.
Brandon Rusnak ~ BMR777
In my spare time I like to do spyware research, that is purposefully infect a test computer with something malicious and see what happens. If you think this makes me crazy, you should know that I'm not. I do all of my testing inside of a Virtual Machine, a test computer that is completely separate from my main computer. Virtual Machines are nice because they offer the same experience as a real XP computer, but they can be deleted with the simple press of the delete key.
What I have found is that these malicious software makers are particularly crafty. There's spyware that operates by locking users out of system areas so that the spyware can prevent it's own removal. If you've ever wondered why the Task Manager is suddenly "Disabled by the Administrator" or why Control Panel is no longer on the Start Menu, you're probably infected with something. The best course of action for you to follow would be for you to first regain access to the locked areas of your system so you can clean your system and then follow the TSF 5 Steps to Remove Spyware in order to clean your system.
Spyware makers also rely on social engineering tricks to get you to fork over your hard earned money. The latest trend is spyware that pretends to be AntiSpyware software. These "rogue" antispyware programs usually make up fake threats on your system and will only remove these threats if you pay to have them removed. Some may even install via security holes and hijack your desktop background or show you fake security alerts. Remember that most reputable antispyware programs give you a free trial where they will both detect AND remove any found threats. Reputable antispyware software will also never install without your consent.
Another spyware trend involves "hacking" the advertising banners of popular websites. The bad guy will contact a popular website to try and buy ad space for a banner. The banner is usually for something harmless and when the banner is tested, nothing bad happens. The banner, however, is lying in wait. Once a certain date comes around, the banner begins to redirect users from the legitimate site to a site that is attempting to distribute spyware or malware. This is accomplished by hiding malicious code inside of a flash banner and then using redirection capabilities inside of flash to attack users. With this technique, even the most harmless site can be easily compromised.
So how can you protect yourself? The best thing to is to have up to date antivirus and antispyware software. I recommend AVG Free Antivirus and Microsoft's Free Windows Defender, but many reputable free and paid programs exist.
I also recommend the MVP's Custom Hosts file. This file blocks thousands of known malicious websites as well as ad sites. Block ads and spyware with one simple file!
McAfee SiteAdvisor is also cool. This tiny free tool sits in your browser and alerts you and changes colors if you are on a malicious website.
The best way to stay safe online, however, is to be vigilant. Don't download files from people or sites you don't trust. Also be wary of anything free that seems to good to be true.
Brandon Rusnak ~ BMR777
Total Comments 3
Comments
-
Avast is pretty amazing at the minute too, I have completely removed AVG now, as Avast does twice as good a job. Virtual PC is one of the handiest training tools I have ever come across. Its so much easier than letting noobs loose on the real desktop!!Posted 08-23-2008 at 08:31 PM by stressfreesoul
-
Hi guys..
I also used AVG before.. But Now I have removed AVG and Installed AVAST ... I think Its the Best Antivirus ... Try it . Its Totaly free for personal Computers.and it updates every day.. from 7 databases... Cool no.. Try it.. Im sure You will Love it. SOOOOO POWERFULL>....
Posted 08-26-2008 at 08:38 AM by isuru
Updated 08-26-2008 at 08:40 AM by isuru -
I use Anti-Vir on the PCs I service. It works pretty transparently when updating and is easy to support over the phone.Posted 08-27-2008 at 06:29 PM by ebackhus
