Washington Post: Keylogging Software Rampant
Speaking of not leaving things as the are, the Washington Post has a chilling story of how stealth keylogging software is becoming the pervasive. Formerly, viruses would simply cause problems with your computer. For example, they might delete files or pop-up ads, but bad as that is, the keyloggers are designed to surreptitiously record your login names and passwords. So, if you do online banking, buy anything via the Internet, or access any site that requires logging in, these program will capture the information required to login in. This information is then aggregated by country, and sold to the highest bidder. These people would in turn use the information to steal from you.
This is capitalism at its worst. The economic incentive to gather this information is so great that organized crime may now be involved.
But how to stop it? As with any computer security, it comes down to a layered defense. Keep your operating system and applications up-to-date. Use and update anti-virus and anti-spyware software (and be sure it is operating since the key loggers turn off these programs). Use a firewall that tracks outgoing as well as incoming traffic. I believe there is also a role for government to play. Law enforcement agencies world wide must work to identify the people behind these programs and put them in jail for a long, long time.
But having done all that, it's still possible to get infected because, as the story points out, trusted sites - like your business partners or places where you buy products via the Internet have been hacked. Thus, by simply visiting these trusted sites, you can become infected. It could be your bank, your favorite news or search site. In fact, almost any site that many people go to could be the source of infection.
That said, does that mean you shouldn't ever go on the Internet? You know, a year ago I would say the benefits outweighed the costs. But now, I'm not so sure. YMMV. Inset disclaimer here.
Have a Great Weekend, Everyone - Aloha!
Comments
Actually it's a good sign.
By making it f*** simple and user-friendly these hacking tools find their way in the script-kiddy community. And those people are too idiotic to be carefull and are getting caught. They spoil the environment for the real hackers (and the real criminals).
Of course this is an incentive for the real hackers to move on to newer, even more obnoxious hacks.
So. Don't use IE. Make sure your firewall blocks and logs trafic both-ways (and don't foget to check the logs). And check all bankslips. And change passwords regulary. All pretty standard behavior.
Posted by: sjon | March 19, 2006 10:09 PM