How Spyware Gets Information
from Your Computer????
Spyware creators have an arsenal of tricks for extracting information from a
user’s computer. Most utilize a Web browser as a coconspirator, but spyware
can also sneak in when other programs are installed, as well as if a virus or
worm successfully lodge itself in a user’s computer.
The following post explains the key ways spyware extracts information
from your computer. Before all the gory details make you inordinately paranoid
(a little paranoia is probably appropriate, but the spyware can’t access
your brain or anything like that...
Hijacking cookies
A Web site can attempt to access a cookie that is associated with another Web
a site (in case you’re not familiar with how cookies work, one Web site is not
supposed to be able to access any cookies except for those it left there earlier).
For example, if you’re visiting www.scmhds.com (not a real site . . . at least,
not when I wrote this post), that site may try to retrieve your Yahoo! or Google
cookie by impersonating the original Yahoo! or Google site in particular ways.
Why would this be useful to a hacker?
Well, for starters, if you use Yahoo! or Google e-mail and you configure that
mail to automatically log you in, having your cookie might be enough for the
hacker to log into your e-mail too. Whoever does this can send mail from your
account, receive your e-mail, and view all your stored e-mail. That includes
e-mails with your résumés attached, notes to and from your friends, and forgotten
passwords that your financial services Web sites sent you. Oh my!
At the very least, a hacker can use a hijacked cookie to track what Web sites
you’ve visited and when. Remember that much of what’s going on with spyware
is about advertising, and knowing what sites you’re visiting is quite
valuable to advertisers. I have a feeling, however, that the types of spyware
and malware that hijack cookies are not used by the big uptown marketing
companies, but by those shady operations in the bad part of town.
Executing programs
Running a program on your computer might be what’s needed to install certain
spyware, but running a program could also be what the spyware does after
it’s installed.
A vulnerability in Internet Explorer can permit a Web site to download and
execute a malicious ActiveX control that, in turn, can do pretty much anything
it wants on a user’s computer, including run other programs or download
additional programs and files to the user’s computer. In keeping with the
theme in this section (how spyware gets information from your computer),
these programs could snoop around in a user’s computer, permitting a program
to do pretty much whatever it pleases.
Any hacker with a decent imagination can wreak all kinds of havoc on victim
computers, including (but not limited to) destruction of the user’s information,
transmission of a user’s sensitive documents to others, and denial of
service attacks (sending thousands of packets to a server in order to cripple
or disable it).
Reading the Clipboard
Another one of those supposedly friendly features of Internet Explorer is its
ability for Web sites to read the contents of your Clipboard.
Although I can imagine the potential usefulness of sharing the Clipboard, in
my mind this also spells trouble. Who knows what could be on your Clipboard
at any given time? Do you ever copy pathnames, URLs, user IDs, passwords,
or paragraphs of confidential information? I can smell the potential danger,
and I hope you do, too
Accessing the hard drive
An ActiveX control on a Web page can not only access the user’s hard drive,
but also read and write data on that hard drive. Combined with other vulnerabilities,
scripting on a Web page can cause any data on a user’s hard drive to
be moved, altered, destroyed, or copied over the Internet to any location.
Spoofing well-known Web pages
A cleverly (or, I should say, diabolically) coded Web page can impersonate a
well-known Web page, including the URL in the browser’s address bar! The
vulnerabilities that permit this gave rise to many successful phishing scams.
(A phishing scam is typified by official-looking e-mail messages that lure unsuspecting
victims to Web sites where they are asked to surrender sensitive
information, such as financial institution user IDs and passwords, or perhaps
credit card or bank account numbers.)
A lapse in the user’s judgment leads him or her to visit the Web page referenced
in the message. A vulnerability in the user’s browser permits the page
to fake the URL in the browser’s address bar, making the user believe that he
or she is visiting the site that is actually being impersonated. However, many
times a phishing scam will take a user to a Web site where the URL only
resembles the real thing, hoping that the user won’t notice the difference.
After the spoof fools the user into believing that he or she is on a trusted site
(say, a bank’s site), the user is coerced into providing information to the
attackers or potentially even downloading and running even more harmful
software.
Logging keystrokes
A keylogger is a program that is designed to record every keystroke on a
user’s computer. Some keyloggers even record all mouse movements and
button clicks. Although they’re potentially useful as diagnostic or corporate
surveillance tools, hackers often use key loggers for illegitimate purposes,
such as stealing user IDs and passwords from unsuspecting users.
In some well-publicized cases, people have installed keyloggers on public access
computers in public libraries or Internet cafes. But most likely, many
thousands of keyloggers are running on unsuspecting users’ computers
around the world.
THESE ARE SIMPLE WAYS TO GET INFORMATION FROM YOUR COMPUTER OR SYSTEM....
SO PLEASE LIKE AND SHARE