Spyware and Adware
description
Transcript of Spyware and Adware
![Page 1: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/1.jpg)
![Page 2: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/2.jpg)
Spyware and Adware
Rick Carback
9/18/2005http://userpages.umbc.edu/~carback1/691i
![Page 3: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/3.jpg)
What is Adware?
• Advertising supported software
• Goes beyond the advertising found in shareware or freeware
• May run without user knowledge
• Shows unwanted advertisements
• Required by terms of use
![Page 4: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/4.jpg)
What is Spyware?
• May be bundled or included with other software or install itself through other means
• Sends information about host computer back to a remote system or user
• Runs without user knowledge
![Page 5: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/5.jpg)
Adware vs. Spyware
• Adware typically only annoys the user while Spyware will annoy and collect information to be sent back to the creator.
• Generally speaking Spyware is seen as more invasive and subversive Adware.
• Not all Adware and Spyware can be considered bad.
![Page 6: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/6.jpg)
Spyware and Adware that isn’t bad? What?
• Some desirable applications, like kazaa, require the bundled adware to be running in order to work
• Monitoring child internet access
• Some people like targeted advertising
![Page 7: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/7.jpg)
Why Adware and Spyware?
• Keeping installed software up to date
• Preventing software piracy
• Preventing illegal or unacceptable use of installed software
• Gathering of Marketing Information
• Annoying Advertisement
• Complete Privacy Invasion
• Illegal or Unacceptable use of resources
• Password, e-mail, and username harvesting
![Page 8: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/8.jpg)
How does it get there?
• Installation required by Terms of use for other software– Embedded– Bundled
• Exploitation of browser or operating system vulnerability
• Pure deception
![Page 9: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/9.jpg)
What does Spyware do?
• Usually hides from user once installed
• Uses central server or acts as a central server to send the information gathered
• May install other software or remove competitors software
• Targeted popup ads from observed website visits
![Page 10: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/10.jpg)
More Spyware Operations
• Removes advertisements and replaces them with its own
• Alters search engine results
• Sends user to advertisers page instead of that requested
![Page 11: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/11.jpg)
Spyware Operations (cont.)
• May direct machine to participate in a coordinated DOS or other attack
• Any information entered may be tracked– Extortion– Identity Theft
![Page 12: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/12.jpg)
Effects of Spyware
• Complete Security breach
• Abuse of computer resources– Computer becomes unreliable (slows down
or crashes)– Computational power may be sold by
spyware author– Download, store, and serve illegal or
unwanted content
![Page 13: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/13.jpg)
Examples of Adware/Spyware
![Page 14: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/14.jpg)
![Page 15: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/15.jpg)
![Page 16: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/16.jpg)
![Page 17: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/17.jpg)
![Page 18: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/18.jpg)
![Page 19: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/19.jpg)
Security Implications of Adware/Spyware
• Insecurities in Adware/Spyware applications mean the user is at risk
• Spyware can give an attacker complete control
![Page 20: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/20.jpg)
Symptoms of Infected machines
• Unusually long browser startup times• Reset homepage on browser• Computer and Internet response is sluggish• Unexplained popup messages• Ads of competitors on the visited website• System instability
![Page 21: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/21.jpg)
Removing Spyware
• Clicking remove almost never works• Customized tools for specific spyware applications• More general Anti-spyware Tools are available that
work much like Anti-virus software.
![Page 22: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/22.jpg)
![Page 23: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/23.jpg)
![Page 24: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/24.jpg)
![Page 25: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/25.jpg)
![Page 26: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/26.jpg)
![Page 27: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/27.jpg)
Avoiding Adware and Spyware
• Purchasing Adware free version
• Using free software
• Use Anti-Virus, Anti-Spyware, and Firewall applications
![Page 28: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/28.jpg)
![Page 29: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/29.jpg)
![Page 30: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/30.jpg)
Stopping Spyware
• Internet Service Provider monitoring and blocking tools (WebTap)
• Better Operating System Design– Mac OS X and Linux are mostly adware free– SE Linux could prevent it altogether (processes do
NOT have the same privileges as the user running them)
• Rise of the Internet generation
![Page 31: Spyware and Adware](https://reader035.fdocuments.us/reader035/viewer/2022062315/568154a0550346895dc2b23e/html5/thumbnails/31.jpg)
References
• Adware and Spyware: A growing privacy and security problem, David Saurino, SANS GSEC 2004.