spyware posts

FBI Spyware Used to Gain Access to Suspects' Computers

by Ian Rowan — Apr 22nd 2009 at 1:24PM

A recent Wired.com story reports that the FBI has been using a proprietary spyware program to snoop on alleged ne'er-do-wells since at least 2004. According to heavily redacted documents that Wired obtained by invoking the Freedom of Information Act, the FBI has developed a sophisticated program it calls 'computer and Internet protocol address verifier,' or CIPAV, that can infiltrate target computers and report information back to an FBI server in Virginia. The software has been crucial in the investigations of many cases that include extortion schemes, terrorist threats, illegal hacking, bomb threats, and electronic bank robbing.

The documents describe how the software is delivered to the target user -- via MySpace Chat messages containing links to an FBI-run Web site loaded with CIPAV. Apparently, the software gains access via the user's system vulnerabilities and runs 'silently' in the background. After logging the computer's IP Address, MAC address, open ports, a list of running programs, the operating system, internet browser and version, and the last-visited Web address, CIPAV sends the information back to the FBI database and switches to a stealth "pen register" mode, with which CIPAV can continually monitor the computer's Internet use.

Tags: cipav, crime, expire-images:2010-4-22, fbi, hack, law and order, LawAndOrder, security, spying, spyware, top, wired

Computers

New SpyWare Pretends to be Anti-Virus, Offers Fake Reviews

by Terrence O'Brien — Feb 24th 2009 at 10:23AM

Anti-Virus-1, a new bit of malware making its way around the Internet, has picked up a unique trick for fooling users; it spreads fake reviews of itself to convince users that it is a legitimate piece of anti-virus software.

Anti-Virus-1 is what is often referred to as scareware. It uses social engineering techniques to lure its unsuspecting victims into handing over information like credit card numbers and into installing even more malware. Anti-Virus-1 pretends to be a piece of security software called AntiVirus2010, and even redirects your browser to legitimate Web sites with fake reviews of it.

But Anti-Virus-1 doesn't stop with fake reviews. It also employs fake security alerts, copies the design of Microsoft Security Center, runs a fake blue screen crash, fakes a reboot, and -- finally -- hijacks Internet Explorer.

Running anti-spyware tools should remove the infection, and you can find complete instructions for disposing of it at BleepingComputer.com. [From: Ars Technica]

Related Links:

Tags: anti-virus-1, hoaxes, malware, scareware, security, spyware, top

Cameras, Computers

Valentine's Day Is the Time For Spying

by Chad Mumm — Feb 12th 2009 at 5:10PM

Hallmark cards and candy hearts aren't the only products that see a bump in sales around Valentine's day. Spyware and tracking devices usually see a boost as spouses hope to catch their partners red-handed during the holiday, when private investigators say cheating partners are most likely to make contact with a secret lover. Although the holiday usually means a wave of new clients for private investigators, business has been slow this year. Blaming the slumping economy, Kelly Riddle, who owns an investigative firm, told USA Today: "if they have a cheating spouse with a job, now is not the time to rock the boat."

Instead of paying the high cost for hiring an investigator, many suspicious spouses are taking the DIY approach, purchasing spyware to monitor e-mail and online activity, and buying James Bond-like gadgets such as GPS trackers and hidden cameras. Still, before you go all super-spy on your spouse, consider that if you find yourself needing to spy on your significant other, is there really enough trust left in your relationship to make it worth saving at all? [From: USA Today]

Next: '9 Affordable V-Day Gifts'

Tags: cheating, cheating spouses, cheating-spouse, cheatingspouse, CheatingSpouses, gps tracking, gpstracking, hidden camera, hidden cameras, HiddenCamera, HiddenCameras, spouses, spyware, top

Computers, Tech Tips

Get an Anti-Spyware Program

by Jon Chase — Feb 6th 2009 at 10:01AM

Spyware is everywhere; the average PC user has, at any given time, about 24 hidden nasties slowing their PC as it gathers up their private info, sends out spam, or just generally makes life miserable. Download, install and run a trusted anti-spyware program like Spybot Search and Destroy (free!) and be amazed at what it finds.

For more Tech Tips, click here.

Tags: antispyware, spybot, spyware, techtip

Computers

America Still Hosts the Most Computer Viruses, Study Finds

by Will Safer — Dec 27th 2008 at 11:30AM

A new report released by anti-virus and security firm Sophos put 2008's online threats into perspective and give a hint of what 2009 may bring for all of us connected folks out there.

Here are some of the reports biggest finds: The United States is still the source of most malware; current events like the election or financial crisis are the topics of most scam e-mail messages; and Apple Macintosh users' overconfidence in their computers' ability to ward off viruses could cost them in the long run.

According to Sophos the "U.S. hosts 37 percent of all malware sites followed by China (27.7 percent) and Russia (9.1 percent)." And the United States' share is increasing, despite some high-profile shut downs of major malware purveyors, going up 37 percent in 2008. By contrast, though, what are the benefits of living in a totalitarian society like China? China's share of malware dropped by nearly 50 percent during that time. (Proving once again that freedom isn't free.)

Plenty of spam e-mail took advantage of interest in the political process and the financial mess we're in. Promises of secrets about the presidential candidates or ways to make and save money led the way, and more than a few people clicked links they shouldn't have and provided personal information to the ne'er-do-wells out there in cyberspace.

The curious point among all these expected security highlights? That Apple Macintosh users, who so far haven't had to suffer much from computer viruses, may see the growing popularity of their computer platform lead to a growing interest by those who write computer viruses. And since the Mac users are so confident in their platform's insulation from attack, they may in fact be more likely to leave their computers open to risk. But on that risk front only time will tell. [Source: ARS Technica.]

Tags: Apple Macintosh, AppleMacintosh, malware, reports, research, security, spam, spyware, studies, virus

Cell Phones, iPhone

iPhone Spyware Gets More Sophisticated

by Terrence O'Brien — Dec 19th 2008 at 3:41AM

Spyware on the iPhone hasn't evolved quite as far as that on your Windows PC, but iSpyware is slowly becoming a real danger. Until now, spyware and viruses on the iPhone have been primarily proof-of-concept applications that would be difficult if not impossible for a user to accidentally install. Installing one of these baddies required a jailbroken phone, input from the user, and the apps left an icon on the home screen alerting everyone to its presence.

Now a piece of malicious software called Flexispy is getting ready to be unleashed upon the populace. Though the spyware still requires a jailbroken iPhone, it appears to require no user interaction and leaves no visible trace behind. Flexispy is particularly nasty too: It tracks text messages, e-mails, call logs, and can even pinpoint your exact location via GPS.

How long before the NSA hires these guys? [From: Silicon Alley Insider]

Tags: apple, flexispy, jailbreak, spyware, virus

Computers, Google

YouTube Virus Turns Out to be False Alarm

by Terrence O'Brien — Dec 5th 2008 at 10:22AM

Rumors are flying that YouTube is infecting unsuspecting computer users with a computer virus. Before we go any further, let us just calm your fears -- it's not true. But that doesn't mean it's safe to let down your guard.

It turns out that out-of-date antivirus programs are erroneously labeling clips on YouTube as containing Actns/Swif.T, a particularly nasty piece of malware that urges you to install a software package called Antivirus 2009. Of course, Antivirus 2009 is a piece of spyware, and a notoriously difficult one to remove at that.

Since YouTube generates its own Flash code for playing back videos, it is unlikely that it would host malicious code. Even so, Flash has proven to be quite insecure (as we're sure you've learned from the piles of crap installed on your computer via MySpace pages).

So keep your guard up, and that security software up-to-date. [From: ValleyWag]

Tags: antivirus, breaking news, BreakingNews, security, spyware, video, virus, web, web video, WebVideo, youtube

Computers

Fake Obama Victory E-Mail Contains Computer Virus

by Lee Bains — Nov 6th 2008 at 2:01PM

While Barack Obama's election to the office of President has been cause for plenty of Internet celebration, it has also -- indirectly -- been the cause of strife for some Internet users due to a malware attack using the President-Elect's name, Sophos.com investigates.

Sophos investigators have uncovered numerous spam e-mail campaigns baiting potential victims with promises of Obama's acceptance speech footage and election results. Generally, these malicious pages will prompt viewers to download viruses disguised as video players, or other such programs.

Identifying the malware as the type known both as Mal/Behav-027 and Mal/Heuri-E, the folks at Sophos promise to continue monitoring its development and issue warnings accordingly. How to protect yourself? Well, for one thing, be wary clicking on any random links in e-mails, and make sure your anti-virus software is up-to-date. (AVG Anti-Virus offers a free version of itself that's quite good!) [From: Sophos.com]

Related Links:

Click Here for Info on the 12 Most Dangerous E-mails

Tags: barack obama, BarackObama, breaking news, BreakingNews, dangerous e-mails, DangerousE-mails, elections, malware, safety, security, spam, spyware

Computers

Sellers of 'Scareware' Sued in Washington State

by Tim Stevens — Sep 30th 2008 at 3:15PM

Chances are you've seen some flashing ads from time to time on certain sites, ads that say your computer is infected with a virus or running more slowly than usual and that, if you don't buy their software, you're utterly screwed! In case you didn't know, we assure you that there's virtually no way for a flashing ad like that to have any idea what's wrong with your PC. So, those ads are basically lies, using scare tactics to sell their software. This is an approach Microsoft and the State of Washington are taking steps to stop, and they're taking one such "Scareware" company to court.

The company is Branch Software, makers of Registry Cleaner XP, a $40 piece of software that pledges to "make your system more stable, run quicker, and prevent annoying popups." The software offers a free scanner that will find supposed issues, but investigators found that free scan found the same 43 flaws on every machine it was tested with -- then naturally asked them to cough up some money to "fix" them.

Microsoft also filed to find the identities of those hawking Antivirus 2009, Malwarecore, WinDefender, WinSpywareProtect, and XPDefender. You can imagine what's next in store for them once they are revealed. [From: washingtonpost.com]

Tags: adware, registry cleaner xp, RegistryCleanerXp, safety, scareware, security, spyware

Computers

Fake Obama Sex Video Contains Computer Virus

by Tim Stevens — Sep 11th 2008 at 10:54AM

Like Megatron's Decepticon minions from 'Transformers,' spyware and malware keep finding new ways to hide themselves in an effort to infect your home computer. The latest attempt is a supposed video showing Barack Obama engaged in some sort of sinful act. It's all a lie -- it's just another piece of malicious software looking to hide itself on your machine.

In this case, the malware is a trojan called Mal/Hupig-D. It runs in the background and, as with most malware, steals passwords, credit card numbers, bank account information, and can pretty much do whatever it wants once installed. That's no fun, of course, so as with every other example we keep posting about, watch what you click, and keep that virus scanner up to date! [From: Yahoo! News]

Tags: breaking news, BreakingNews, elections, malware, obama, republican conspiracy, RepublicanConspiracy, security, spyware, trojan, virus

Computers

New Web Attack Hijacks Your Clipboard

by Terrence O'Brien — Aug 18th 2008 at 3:01PM

An interesting new Web attack is making the rounds that hijacks your computer's clipboard and uses it against you. The code has been found lurking in Flash-based advertisements on legitimate web sites (we knew there was a reason we hated Flash).

So what does this new Web attack do? It places a link (that is difficult to delete) to a Web site selling fake security software in your clipboard. The infection automatically flushes your clipboard any time you copy or cut text to it and replaces it with the bogus link.

What has security experts concerned is its potential to become widespread. The software has been found on both Macs and PCs and even targets users of alternative browsers such as Firefox. This new attack is particularly hard to protect yourself and defend against, especially considering the attack's proven ability to lurk in plain sight on legitimate Web sites.

Some users have reported success in thwarting the attack by simply killing Firefox from the task manager or rebooting but, as always, we recommend up-to-date security software; including virus protection and spyware protection. The truly paranoid can stop the attack before it happens by installing Flashblock, an add-on for Firefox that will prevent any Flash-based content from loading without your specific consent. [From: BBC]

Click Here for the Top Internet Threats Right Now

Tags: attack, breaking news, BreakingNews, clipboard, security, spyware, virus

Cell Phones, Computers, Back to School Guide 2008

Worst Web Threats of 2008 (So Far)

by Terrence O'Brien — Jul 24th 2008 at 3:05PM

Web security firm Sophos just published its study of security threats for the first six months of 2008, and you'd be wise to take heed of its findings. The Internet is a dangerous place, and every year it becomes more and more perilous for you and your personal data. The study is long and dull, so we put together some quick bullet points to save you some time and head scratching:

2008 has seen an explosion in malicious software, three times more than in 2007.
Google-owned Blogger (which helps create those blogs with 'blogspot' in the address bar) is the most common host for malicious software.
Hackers and spammers use social sites like Facebook and MySpace with increasing frequency to spread spyware and viruses.
Attacks against Macs, iPhones and Linux machines have increased dramatically.
SMS spam messages (text messages) are an emerging front and is of particular concern in China.
Although still common, attacks via e-mail have decreased in the first half of 2008.

As usual, there are ways to defend yourself against such attacks. Getting yourself a firewall program is a good start, but don't forget about anti-virus and anti-spyware tools as well. Still, the best defense is caution and diligence. Don't follow suspicious links or open e-mails if you don't know the sender.

It's a dangerous world out there on the Web, but with a little smarts and the right tools you and your data will be safe. [Source: Business Wire]

Tags: btsadvice, hack, hackers, privacy, security, spam, spammers, spyware, virus

Computers

Teen Faces Up to 38 Years in Jail for Hacking School Computer

by Terrence O'Brien — Jun 21st 2008 at 11:08AM

Note to our younger readers: Installing spyware on school computers and hacking your way into the system to change your grade is a terrible idea. A pair of teens in Orange County, California are accused of exactly that and now one of them faces a maximum prison sentence of 38 years in jail on multiple counts of second degree burglary, identity theft, computer access and fraud, removing and secreting a public record, and altering and falsifying a public record.

Omar Khan, 18, faces these most severe charges, while his accomplice, Tanvir Singh (also 18) faces lesser charges of conspiracy, burglary, computer fraud and altering a public record and faces a maximum sentence of three years in jail.

Kahn and Singh are accused of breaking into their school to steal tests and alter records, as well as hacking the schools network to change not only their grades, but the grades of 12 other students in the schools computer system. Why is Khan in so much more trouble than his pal Singh? Namely, it's the the identity theft and computer fraud charges, both heavy-duty felonies.

Okay, so you've got some brains, guys, but next time, try cracking open a book! [Source: Channel Web]

Tags: crime, hacking, law, school, spyware

Computers

New Facebook App Is Actually Spyware In Disguise

by Will Safer — Jan 6th 2008 at 1:58AM

Is Facebook too friendly?

It seems the social behavior of the networking site's users is itself to blame for the proliferation of a spyware application on users' computers.

Users are invited to find out who their "secret crush" may be by adding a new Facebook widget to their Facebook accounts. (Widgets are the names of third-party developed applications for Facebook that allow users to share information, play games, or send specific kinds of messages to each other. They are not supposed to capture and store users' information.)

Once the application is installed, it attempts to download a well-known spyware program called Zango. Internet and computer security provider FortiGuard actually calls it "the infamous Zango adware/spyware." That means treat it like the color red in nature -- stay away.

The whole purpose of Facebook is to add and use these widgets freely to better enhance the social networking experience, which many users do without considering what information they may be sharing and with whom. In this, users are giving away not only their own information but providing more potential victims by inviting their own friends to add the widget (because the widget makes you invite at least five friends in order to see your supposed secret crush).

And, in the end, there is no "secret crush," so you'll just have to keep searching for love in all the wrong places.

For a good rundown of just what this spyware looks like on Facebook, check out the detailed walk-through on Fortiguard's site.

The Secret Crush/Zango adware invasion on popular social networking sigtes is a wake-up call to all of us who have been adding new widgets, willy-nilly, to our Facebook profiles. Let's all be a little more discerning.

From FortiGuard.

Computers

Sears Using Spyware to Monitor Your Personal Information

by Tim Stevens — Jan 3rd 2008 at 1:11PM

If you've signed up to receive e-mails from Sears, and then clicked on to join the retailer's "My SHC Community," it's likely you've been providing more information to more people than you thought. Even more troubling, it turns out that you're not just sharing information with Sears, but also with a company called comScore, which tracks and aggregates Internet browsing habits.

Installing the software from Sears results in the installation of software called VoiceFive, which provides data to comScore. It's essentially spyware. comScore is the company behind the (disputed) numbers that indicated more people were stealing Radiohead's latest album than downloading it legally, as well as the statistics that showed GodTube was the fastest growing site last August.

These sorts of stats come from monitoring and compiling the habits of millions of Web surfers who are often unknowingly running the comScore software. Likewise, those who have installed the software through links from Sears may not actually know what they're participating in. Buried deep in the privacy statement users must agree to before signing up for SHC is this frightening statement:

Once you install our application, it monitors all of the Internet behavior that occurs on the computer on which you install the application, including both your normal web browsing and the activity that you undertake during secure sessions, such as filling a shopping basket, completing an application form or checking your online accounts, which may include personal financial or health information.

Sounds scary, especially the part about monitoring "both your normal web browsing and the activity that you undertake during secure sessions, such as...checking your online accounts." The bit about "personal financial or health information" is scary, too. The above wording would certainly ward off anyone who actually reads these sorts of things, but we're guessing that the average Sears shopper isn't thoroughly scanning through the privacy statement.

According to BetaNews, the disclosure may be a little too well hidden to meet the intents of FTC regulations that require companies to make such spyware inclusion very clearly apparent. Many would agree that burying it in the middle of a multi-page privacy statement doesn't do much for clarity.

From BetaNews

Related Links:

Tags: Bad Companies, BadCompanies, breaking+news, Sears, Spyware, top

Most Emailed Stories

Editors' Picks

Weirdest Techie Heists and Scams

Elderly Amish Man Caught on Film With Prostitute, Blackmailed
When a 75-year-old Amish widower slept with a prostitute, he -- we feel certain -- felt pretty bad about it the next morning. As if that guilt weren't enough for the old man, the prostitute and her boyfriend demanded $67,000 from him, claiming that they had filmed the scene with wall-mounted cameras and would upload the recording to the Internet. The pair was later arrested and, we can only imagine, the Amish man abhorred technology more than ever.

Bank Robber Gets Away With the Help of Craiglist
In October, a bank robber -- wearing a safety vest, blue shirt, face mask and goggles -- eluded police with the help of Craiglist. Just outside the bank, while the robbery was in progress, stood a group of men who were responding to a Craiglist day labor opportunity. As the advertisement required, they were all wearing safety vests, blue shirts, face masks and goggles.

Nude New Zealander Arrested After Responding to Fake Sexy Text Message
Late in 2007, a Wellington, New Zealand man received a racy text message from two anonymous "ladies," giving him only an address and a request that he show up naked. Well, he indeed showed up naked... at the home of one appalled, unsuspecting New Zealander. Both the nude Romeo and the sadistic texter were arrested, though neither were prosecuted.

Fake Craiglist Ad Costs Man Most of What He Owns
Last Spring, a post appeared on an Oregon Craigslist board stating that the owner of a specific house was leaving all of his worldly possessions (still in said house) to whoever wanted them. When homeowner Robert Salisbury rushed home -- on a tip from a woman suspicious about the offer of a free horse -- he found his house being ransacked by 30 strangers. We suggest he take that horse and collect some vengeance Clint Eastwood-style.

17-Year-Old Jailed for Stealing Virtual 'Furniture'
When a 17-year-old Dutch boy hacked into several accounts on the Second Life-style site 'Habbo' in 2007, the the law got involved. The boy was discovered to have stolen $5,800 worth of virtual furniture and knick-knacks. Apparently, crime -- whether actual or virtual -- does not pay.

Phishers Going After Your Phones in New 'Vishing' Trend
Over the past year, sneaky spammers have begun to forsake the worn-out territory of e-mail in favor of cell phones' fertile frontier. The result? "Vishing." Get it? Voice mail phishing. It might be more ominous if it didn't sound like a James Bond villain saying, "Wishing."

Burglars Break Into Restaurant, Steal HDTV, Leave Money / Food Behind
Around Halloween of last year, a truckload of thieves drove into -- that's right, into -- a Pennsylvania Mexican restaurant, where they -- apparently uninterested in the cash register -- stole a mid-grade 47-inch HDTV and fled the scene. We've all heard about how this generation is lacking in ambition, but this generation's thieves, too?

Latest Reviews from CNET.com

CNET provides the latest tech news, unbiased reviews, videos, podcasts, software, and downloads, making tech products easy to find, understand and use.

Top Product Reviews

Home Audio Reviews
9.0 out of 10
Denon AVR-4306 (black)
Incredibly well-featured 7.1-channel receiver; excellent sound quality; three HDMI inputs; converts analog video to HDMI output; upconverts analog video to 720p/1080i HD resolution; iPod and USB MP3 player connectivity; Internet radio and MP3/WMA streaming audio via built-in Ethernet port; XM Satellite Radio compatible; touch-screen remote; multizone, multisource operation; browser-based control via home network; accurate autocalibration routine. Full Review
8.8 out of 10
KEF KHT3005 (black)
The KEF KHT-3005 is one compact, beautifully designed speaker package with solid aluminum satellites that feature unique driver technology to produce incredible clarity. Meanwhile, the equally astounding dual 10-inch, 250-watt powered subwoofer delivers ultradeep bass. Full Review
8.8 out of 10
KEF KHT3005 (silver)
The KEF KHT-3005 is one compact, beautifully designed speaker package with solid aluminum satellites that feature unique driver technology to produce incredible clarity. Meanwhile, the equally astounding dual 10-inch, 250-watt powered subwoofer delivers ultradeep bass. Full Review
Cell Phone Reviews

8.6 out of 10
Wi-Ex zBoost YX510-PCS-CEL cell phone signal extender
The Wi-Ex zBoost YX510-PCS-CEL significantly boosts your cell phone reception and is easy to operate. Also, it uses a wireless connection to your phone. Full Review
8.6 out of 10
Turbo Charge Tc2 portable cell phone charger
The Turbo Charge Tc2 portable cell phone charger successfully delivers emergency power to your cell phone. It's easy to use and comes with a couple of surprising features. Full Review
8.3 out of 10
LG VX6000 (Verizon Wireless)
Compact and stylish; impressive battery life; solid audio quality; sharp color screen; built-in camera; USB ready; affordable. Full Review
Digital Camera Reviews

9.3 out of 10
Canon EOS 1D Mark III
Extremely fast, 10-megapixel continuous shooting; very low noise; highly customizable; well-designed body with weather sealing; 3-inch LCD; abundant optional accessories. Full Review
9.3 out of 10
Nikon D3 (body only)
Full-frame sensor; well designed, pro-level weather-sealed body; very low noise, even at extremely high ISOs; fast. Full Review
9.0 out of 10
Canon EOS-1Ds Mark III
Very low noise, high quality images; 21.1 megapixels; live view shooting; pro-level build-quality and performance. Full Review
Desktop Reviews

8.5 out of 10
Apple iMac (24-inch, 2.8GHz)
A minor specification update results in some significant performance gains; graphics upgrade an option on this 24-inch model; sleek, polished design didn't receive an update, but we won't start clamoring for a new design until the current one is at least 12 months old. Full Review
8.4 out of 10
Velocity Raptor Signature Edition Gaming PC
One of the fastest PCs we've tested; a PCI Express RAID card helps media encoding performance; typically immaculate Velocity Micro assembly; strong, three-year warranty. Full Review
8.3 out of 10
Dell Studio Desktop Computer (Intel Core 2 Quad Q8200, 750GB HDD, 6GB)
Best performance in its class; dedicated graphics card; large hard drive. Full Review