|information stealing exists since early days of the World Wide Web. Unfortunately, various kinds of white-collar crime aimed at stealing valuable (in the direct sense) information thrive in cyberspace. The scale of these crimes varies from harvesting email addresses for spammers to identity theft and espionage. |
Since the Internet has become a part of daily life and business, rapid growth of cybercrime endangers the whole society. Information-stealing software certainly facilitate these crimes, sometimes being the only instrument a thief needs to commit them.
Real protection starts with identifying the threat.
One of the most effective ways of stealing information is capturing keystrokes. A small, fairly simple program (a programmer can write a plain one in a couple of days) captures everything the user is doing - keystrokes, mouse clicks, files opened and closed, sites visited. A little more sophisticated programs of this kind also capture text from windows and make screenshots (record everything displayed on the screen) - so the information is captured even if the user doesn't type anything, just opens the views the file. These programs are called Keylogging Programs (keyloggers, key loggers, keystroke loggers, key recorders, key trappers, key capture programs, etc.) They form the most dangerous core of so-called spyware.
Old keyloggers become obsolete. New keyloggers appear all the time. Existing keylogging programs are constantly modernized. It is extremely likely that several keyloggers are being written at this very moment.
Means of defense: Anti-spyware, anti-viruses and personal firewalls
Experts recommend to use a combination of three products: a personal firewall, an anti-virus and an anti-spyware - and regularly update the latter two. However, even in this case a computer won't be 100% secure against keyloggers. Why?
Most anti-spy and anti-virus products, whatever their names are and whatever their advertising says, apply the same scheme - pattern matching. These programs scan the system, looking for code that matches signatures - pieces of spyware code, which are kept in so-called signature bases. These products can protect from spyware which has already been detected and studied before. This approach makes anti-spyware developers inevitably lag behind spyware writers. Without frequent updating anti-spy products lose their efficiency very quickly. It can become very risky because the PC owner still relies on his anti-spy or anti-virus.
Unfortunately, no signature base is complete enough to guarantee total protection. Even if the base is updated regularly, if this spyware signature is not included there - the anti-spy software is helpless against it. Anti-spies do not recognize every spyware product, when it is brand-new, for some time - until its signature is included into the bases and users update their anti-spies. There also are kinds of spy software which signatures are unlikely to be included into any signature base. For example, spy software can be developed by government organizations for their own purposes. Some commercial, especially corporate, monitoring products are very rarely included into signature bases, though many of them can well be used for spying as well.
Another case - when there is only one copy of spy program. It doesn't take too long for a good programmer to write one. Spyware, just like clothes, can be "tailor-made". Hackers often take source codes of spy software from the Internet change them a bit and then compile something new, which no signature base will recognize.
When a keylogging module is the part of a virus, it can cause lots of trouble, because several hours or even days will pass until it is included into signature bases.
A problem with a personal firewall is that it asks too many questions. Even an experienced user can answer them incorrectly and allow some information-stealing program or module do its job. For example, some commercial monitoring programs use processes of programs with access to the Internet (browsers, mail clients, etc.) As a result, if the anti-virus overlooks a keylogger, valuable information can be stolen and sent via the Internet to the address specified by the hacker (or some other person).
Download Anti Key Logger !