SPYWARE PEEYUSH SHARMA 3 rd NOVEMBER,2011
SPYWARE PEEYUSH SHARMA 3rd NOVEMBER,2011
TABLE OF CONTENTS
Introduction - : WHAT IS SPYWARE ? how it comes in computer? SPYWARE V/S VIRUS SPYWRAE OBJECTIVES Classification of spyware distribution vectors How to detect if your computer has Spyware/Adware ? spyware defensive strategies spyware example anti-spyware recommendations
What is spyware ? Spyware programs have a tendency to hide
as cookie or temporary internet files
Broad Definition -Software that is installed on my PC without
my full understanding and permission Narrow Definition -Software that specifically tracks my
personal information without my full understanding and permission
HOW IT COMES IN COMPUTER ? SPYWARE
ENTRY
Advertising companies uses spyware to “mine data” to further help them advertise better.
Uses your Internet connection and reports statistical data about you and your surfing habits a 3rd party
Violating your privacy. And is a completely LEGAL
program!
FREE, FREE, FREE = DANGER!!!
SPYWARE V/s VIRUS
Spyware Program
Commercial Revenue Dynamic but
stationary Consume Resources Sometimes Wanted
Virus File Academic Fame Replication Destructive Never Desired
VS
2006 AusCERT Survey
1 in 5 got attacked electronically -Down from 35% in 2005 Virus and Worm infection most common
attack More public sector attack reports than
private sector Of those reporting trojan/rootkitattack
60% were public sector and 40% were private sector
Spyware PrevalenceSource: Except as noted all statistics are from the AOL/NCSA Online Safety Survey Dec. 2005
61%of all PCs scanned had Spyware (down from 80% in 2004 study)
96%of PC users are aware of Spyware The average PC has 93 Spyware componentson it. 54%of infected users were unaware of the Spyware
found on their machines (down from 89% in 2004 study) 95%of infected users did not give permission for the
software identified to be installed on their machines 20%of calls to Dell’s helpdesk are Spyware related
(source: Dell) Microsoft estimates that 50%of all PC crashes are a
result of Spyware (Source:InformationWeek April 26, 2004)
Reason for Spyware: Money is the Driver
Adware is created by real businesses -They have business plans, sophisticated
development groups, and venture capital
-They generate revenue Spyware is created by real businesses (and
sometimes.. organized crime) -They have business plans, and sophisticated
development groups -They generate revenue Competition! They all want your desktop.
Spyware Objectives
Personal Identifiable Information collection -Identity theft = revenue Personal Information collection -Surfing habits = revenue Click-through revenue Software Sales revenue SPAM propagation -Sales Revenue
The bottom line is the bottom line $$$.
Spyware Classification
Adware BHO Keylogger Hijacker -Browser -Homepage -Errors -Typo-Squatting Rogue Anti-Spyware Dialer Tracking Cookie Ransomware
Distribution or Infection Vectors
Social Engineering -Free giveaways of bundled apps -Deceptive installations Drive-by-Download -WMF exploit -CreateTextRangeexploit -Hostile ActiveX or Javascript Trojan Install Search Engine Results/ Sponsored Ads
How to detect you computer has spyware or adware…….. Continuous popups Persistent change in your homepage. Slower computer processing, takes the computer
longer to process or startup.
Extreme symptoms of spyware… Internet browser does
not start up. Parts of your computer
you cannot access without freezing.
Major core data is lost or changed.
How SpywareProtects Against Detection and/or Removal
Polymorphism No-uninstall Active Defense with Reinstallation Rootkit Brand Obscurity Security Product Disabling
Examples
Cool WebSearch Spy Sherriff via WMF Exploit Create TextRange Exploit Code Crypt. Aand Ransom.A Social Engineering TypoSquatting
Recommendations-: Preventing spyware from getting
onto your computer is your first step!
Do not download unnecessary software from the internet, especially free ones because they most likely have spyware inside them. If a download screen appears, asking you to confirm
your download, click no if you not trying to install anything.
Avoid clicking advertised popups especially ones that mention “free” stuff if possible.
Recommendations-:
Technical Recommendations
Some adware/spyware files like to hide in the temporary internet folders. Disable saving of temporary files by going to Program Files, Control Panel,
Network and Internet Connections, Internet Options, Temporary Internet Files Settings, Check Never under “Check for Newer Version of Stored Pages”.
Constantly delete old temporary files and cookies by going to Program Files, Control Panel, Network and Internet Connections, Internet Options, Delete Cookies and Delete Temporary Files.
Remember though, adware and spyware can be tricky, no matter how cautious you are, there are bound to be adware or spyware programs that install into your computer. Always constantly scan your computer for adware and spyware and keep your
Adware/Spyware killer programs fully updated at all times.
Recommendations-: Recommended Spyware/ Adware Killers without any restraints
The “Tri-Killer” combination: Ad-aware 6.0 Professional Edition: Primary scanner Spy-sweeper paid version: Primary scanner and use their immune guards. Spybot Free Edition: Scan for any spyware Spy-Sweeper may have missed.
Recommended Spyware/ Adware Killers with a price restraints Ad-aware 6.0 Free Edition: Primary Scanner Spy-Sweeper paid version: Primary Scanner Spybot Free Edition: Scan for any spyware Spy-Sweeper may have missed
Recommended Spyware/ Adware Killers with a time restraints (not recommended)
Ad-aware 6.0 Free Edition: Primary Scanner: Fast Scan Mode Spybot Free Edition: Suggestion: Spyware/ Adware killers are suppose to take time to scan, if you have time
restraints, turn on the scanners, leave them running and go do something.
Thank you for watching!
Any questions please ask!