Re: Spyware which tracks keystrokes?

From: Steve Horsley (shoot_at_the.moon)
Date: 03/24/04

  • Next message: Steve Horsley: "Re: Spyware which tracks keystrokes?"
    Date: Wed, 24 Mar 2004 22:58:44 +0000
    
    

    dulcie wrote:
    > jealousxmp@aol.commonplace (jealous xmp) wrote in message news:<20040323143512.19230.00000224@mb-m24.aol.com>...
    >
    >
    >>Internet Explorer exploit. AIM exploit. Social engineering. Several ways to
    >>get the software on there.<
    >
    >
    > I'm not familiar with those. Do they get the software onto a
    > computer remotely *without* the user having to click on an .exe file
    > which has turned up in their mail?
    >
    Yes.

    Internet Explorer and MS Outlook have well known bugs that can be used to
    launch programs without the user's knowlege. Always keeping your copy up
    to the latest patch level can help a bit. The ones that don't need the user
    to click an attachment are a little harder to do, hence "social engineering"
    which tricks users into clicking attachments by pretending they're something
    you might want to see - Microsoft updates, topless girlie pics, rejected
    email messages.

    >>Some keyloggers and trojans hide from antivirus and can circumvent software
    >>firewalls. Many hardware firewalls (in small office / home office) allow
    >>relatively unfettered outbound access so the trojan can use email, ftp, or a
    >>reverse connect.
    >
    >
    > I'm told that Norton Personal Firewall checks every internet
    > communication and warns you if its initiated
    > by a programme you have not authorised to access the internet (such as
    > a
    > trojan). Any comments anyone?
    >
    >
    He spoke the truth. Believe it.

    >>Get a real trojan detector like TDS 3, or the easier to use Tauscan or
    >>TrojanHunter. They can hide from AV so you could boot in safe mode (maybe?) or> mount the disc from another drive.>> There is also a grey area with trojans. Stuff like DameWare will not generally
    >>be detected because it's a "legitimate" commercial product. Yet Back Orifice
    >>will be detected cause it's more "malicious." Kind of silly and really just a
    >>matter of semantics.<<
    >
    >
    > Exactly - the product I mentioned in the original post is sold as
    > something a parent can use to log everything their kids do... and you
    > must sign an agreement that you will tell the user you're going to put
    > it on their computer haha - funniest thing I've heard in a while.
    >
    >
    >>>If you are worried about AIM exploits, use GAIM instead. <<
    >
    >
    > What are those? Sorry- still learning all the jargon...
    >
    Don't know that one myself.


  • Next message: Steve Horsley: "Re: Spyware which tracks keystrokes?"

    Relevant Pages

    • Re: My account was hacked, I would like to share my story to warn others.
      ... guildportal.com got attacked and a trojan was embedded in the welcome messages of some guild's websites. ... Now I keep seeing people saying this only affected people who haven't updated their Internet Explorer in 6 months and didn't have an antivirus program running... ... I have a firewall running on my router, I have Sygate Personal firewall running on this computer, I have AVG Pro, up to date running, and I ALWAYS make sure my Windows updates are current. ... So my wife logged in on her account and checked through the guild list when my character was last online. ...
      (comp.sys.mac.advocacy)
    • Re: please explain this
      ... As far as a trojan, I have ran numerous virus scans, rand ... Microsoft Internet Explorer pop up (on this discussion ...
      (microsoft.public.security)
    • Trojan / Spyware Connection made to 64.240.175.18 every time you use IE ANti-spyware Anti-virus wont
      ... A friend mentioned the other day that he is seeing a connection is being ... made to 64.240.175.18 on port 8989, every time he use Internet Explorer. ... I did run a port monitor application and Lunched Internet Explore and went ... One of these key was used to lunch the trojan everytime you run IE. ...
      (Bugtraq)
    • Re: Downloader-VA trojan??????
      ... This trojan seems to attach itself to ... Internet Explorer as a helper program, and then when you launch IE, it ... First, be sure to turn off System Restore, because you will be deleting ... Look for the section about Browser Helper Objects. ...
      (microsoft.public.security.virus)