Results 1 to 2 of 2
November 20th, 2003, 06:14 AM #1
Clearswift White Paper Beware of Spyware
BELLEVUE, Wash.--(BUSINESS WIRE)--Nov. 18, 2003--
Applications marketed as corporate security and parental control devices being used as illegal gateways to personal computers and corporate networks Company releases white paper providing detailed analysis of spyware problem
Clearswift, the world's leading provider of software for managing and securing electronic communications, today called upon antivirus vendors and corporate security managers to review their stance with respect to the growing abuse of copyrighted commercial spyware. The warning comes following an unsuccessful commercial spyware attack on a Clearswift customer's network and the subsequent release of a Clearswift ThreatLab report on the increasingly serious threats posed by the growing misuse of commercial spyware.
"What have been marketed and sold as corporate security devices and parental control software for kids, are finding their way into the hands of hackers and criminals aimed at remotely taking control of a victim's PC to facilitate industrial espionage," said Pete Simpson, ThreatLab manager for Clearswift. "Commercial spyware is a serious threat to corporate networks, and unless taken seriously, can place personal and corporate confidential information at risk resulting in identity theft and corporate espionage."
Some antivirus vendors, such as Symantec, have revised their stated spyware policy and introduced signatures to detect and block some of the major spyware products. The onus of responsibility for protection, however, has been placed on the customer to enable their antivirus software to check for commercial spyware and similar "expanded threats" during the installation process.
While antivirus vendors and corporations continue to fight against the threats, spyware programmers are constantly working to stay one step ahead of security policies. For example, in late September, Microsoft announced its intention to close certain chat rooms in a bid to protect minors against chat room stalkers. Fast on the heels of Microsoft's announcement came a spammed e-mail advertisement titled "MONITOR your Kids on the Internet with Spy Software" with the message text stating, "Spy on anyone by sending them an E-greetings card."
"Clearswift's ThreatLab traced the links in the spam to a Moscow Web site selling LoverSpy," Simpson said. "We rapidly identified this as a repackaged version of the commercial spyware, EmailPI."
Shortly afterward, both the LoverSpy and EmailPI Web sites were taken offline. Clearswift has since discovered that EmailPI Corp., operating from a shady hotel/apartment complex in San Diego, is under investigation by the FBI for possibly violating the Electronic Communications Privacy Act. In addition, other prominent commercial spyware have been withdrawn from competitors' Web sites.
"Unfortunately, as we have learned over the past several years of studying spyware, spreading a worm is becoming no longer a satisfying end in itself, but merely a stepping-stone to more ambitious objectives," added Simpson. "The objective for worms is infiltration and concealment in the victims' PCs, as a base for further criminal activity."
The original Clearswift report on the abuse of commercial spyware was released in August, and has evolved into the Clearswift ThreatLab white paper -- "Beware Spyware." This white paper provides a timely and comprehensive analysis of the present and future threats of spyware, and discusses the protective measures that should be deployed in defense against spyware.
"A clear finding from our research is that antivirus products and firewalls may not offer complete solutions," said Simpson. "Unfortunately, spyware and virus programmers have always been a step ahead of antivirus software vendors and corporate security policies. Rather than being reactive to the problem, organizations should heed our warning, be proactive and seriously review their Internet usage and e-mail policies. As is the cliche, better to be safe than sorry."
November 20th, 2003, 07:11 AM #2
- Join Date
- January 18th, 2005
- St Clair Shores MI.
Networks legal departments should take heed of these valid findings. The parallel the finding of the State AG's -FBI and Interpol cycbercrimes units. Spyware/Adware is just the monitizing front end with the back doors the vehicle for future criminal activity. My take and those of some cybercrime units is the networks will be held to criminal collusion charges as the enablers and monitizers for spreading the spyware/adware applications foir well over 300 million systems. Several major ecommerce shopping cart merchant account hosting firms have been given sniffers to detect Adware/spyware breaches of the transaction vaults by cybercrimes units.
Funny how they listened and discovered merchants usernames/password into their hosted ecommerce servers were recorded and sold on the blackmarket and trojans planted gather and call home CC numbers and account information. Drive-by installs on a merchants or AM's system can record and provide outsiders to the online sales files without any knowledge by the idiots who support BHO affiliates. This apples to outside or inhouse commerce servers.
Ever notice that all BHO's and P2P network software was acquired code from un-named un-traceable 3rd world hackers and cybercriminals. That's why they have so many security holes and bugging codes as they get duck taped into just commission stealing machines for the incenters. The foundation of spyware/Adwarez code was devised as a hackers toolset and security blackhole backdoor for scraping e-mail -identity theft and CC information for re-sell to the cybercriminals and spammers.
Mike & Charlie ...
If they won't adopt and feed a bird ..flip them one! BBQ some Gator and remember to flush WhenU..
[This message was edited by EcomCity.com on November 20, 2003 at 10:22 AM.]
By Merchant Consultant Team in forum Midnight Cafe'Replies: 3Last Post: July 7th, 2009, 01:09 PM
By affiliate4all in forum Other Affiliate NetworksReplies: 1Last Post: August 25th, 2005, 10:35 PM
By cditty in forum Midnight Cafe'Replies: 6Last Post: November 3rd, 2004, 05:43 AM
By bob95603 in forum Midnight Cafe'Replies: 2Last Post: October 13th, 2004, 05:02 AM