Keyloggers a growing problem

It’s interesting some years ago when viruses on Windows machines were SOOOO plentiful it seemed like that’s all I spent my time cleaning up, I thought… “you know, most viruses are prankster-ish programs. They rearrange icons, maybe cause Windows to crash, or send random files out to others, but they could be MUCH worse.” Since then, we’ve seen viruses used as delivery tools for mail relays (so that spammers can have more “safe havens”, we’ve seen viruses bring in spyware, both of the last two for “fun and profit”. I don’t know that we’ve really seen the WORST that a virus could be designed to do. However, I’m afraid we’re getting there.

I really have to give credit to Microsft XP is a much more stable OS than any consumer OS they’ve sold previously. Win 95/98/ME were designed in a way that it was REALLY obvious to the user when they had malware on the machine, they would see more crashes, and other strange behaviour. I’ve seen people happily working on XP machines without the foggiest notion they had “something” on their PC, outside of “you know I noticed that my antivirus wasn’t running and when I tried to update it, I just couldn’t get to their website, so I thought I’d call you because there was something wrong with my internet connection. I can get to [the antivirus vendors site] fine from [coworkers] pc.”

I don’t know, maybe some virus writers have started writing better code too. I’ve always thought the worst virus would be one that was very subtle, used multiple ways of transmitting, network, files, emails (even attaching to legitimate emails), would redirect bounced emails to who cares who, would quietly sit and do this replication and whatever other job it had, would deal with threats to it (AV programs), and ultimately when it’s useful life was done would wipe the hard drive clean. Maybe when it was threatened with removal it would do this ultimate act, but either way the data would be just as gone.

We’ve seen viruses that have done some parts of each of those, but what I think are the closest are keyloggers. ZDnet had an article on the rise of keyloggers (65% more this year than last). Basically keyloggers are programs that quietly sit in the background recording EVERY SINGLE KEYSTROKE on the machine. They log to a file, some will report to an online data store to upload results from time to time. But by and large there are no bells, no whistles, no tell-tale signs, just a constant and invisible theft of data.

Usually the motivation, of course, is money. Trying to get financial data, or just identity data so they can borrow money in someone else’s name. To quote from the article…

iDefense said keyloggers are typically spread by organized cybercrime rings, which have used them in the past to conduct large-scale money transfers to fund criminal activities. The programs have grown exponentially since 2001, when the firm detected just 275 of them.

The article suggests that some warning signs are popup ads, maybe sluggish internet browsing. They also cite security holes in Internet Explorer as a main entry point. Which is yet another reason I encourage people to install and try an alternative, free browser like Mozilla Firefox.

Sunbeltblog discussed this the day the ZDnet story came out. One of their concerns was that there would be people “pulling the plug” out of anxiety over the article. They noted that the keyloggers they’ve found have usually only been tracking data from up to ~8000 people. It’s like a lot of problems that affect large number of people though. It’s a big number ( it would take me a while to count up 8000 people), but as a percentage of online users it’s not a large percentage.

I had a great-aunt that said she never would fly and was concerned about airplanes “falling out of the sky all the time”. Because there were (at the time) maybe 5 or 6 airliner crashes in the news over a period of several years. It was a matter of perspective. All she saw on the news was the stories of plane crashes. She had no perspective on how many thousands of flights completed successfully.

So, keyloggers are a problem, we need to be aware of them. Make sure you KNOW what’s running on your system (security scans, virus scans, be cautious of the web sites you visits, etc. etc.) But the sky isn’t falling, there is hope….

   Send article as PDF   

Similar Posts