Adapted spyware software is the ultimate in online security threats, allowing hackers to take full control of victims' computers

WASHINGTON - For a computer user, it is the ultimate security headache: A hacker has secretly taken control of the computer and copied sensitive information such as passwords and credit card numbers.

Users often think the odds of getting hit by malicious software are safely low, but there are more invasive and destructive programs on the Web than ever before, computer security specialists say.

In response to one of the latest attacks to become public, the United States Securities and Exchange Commission arrested a college student last week on charges that he hacked into someone else's computer, logged on to his brokerage account, and left the victim with an investment loss of more than US$40,000 (S$70,000).

The student allegedly used a version of the Beast - software that gave him control over the victim's computer.

The Beast is an extension of legitimate software that some people call 'spyware'. Some corporations use spyware to keep track of what their employees are doing on company computers, and parents, to peek at what their children are up to.

Hackers are developing varieties of spyware for more nefarious purposes. Setting up such programs does not require much know-how, experts say. With a full-featured, user-friendly interface, Beast users can dictate how the program will perform and conceal itself.

Some hackers embed the software in Trojan Horse programs that pass themselves off as something they are not. In the case of the arrested student, the Beast was disguised as a program for tracking stocks.

The number of Trojan Horse programs documented by computer researchers is measured in the tens of thousands, and they can work in many ways.

Sometimes, Trojan Horses are sent as file attachments claiming to be such things as a security update or a picture of a naked tennis star. When a user opens it, the program installs itself and, typically, sends an instant message to the hacker, transmits information that will tell him how to find the compromised computer on the network, and then awaits orders.

The spyware will often shut off any anti-virus or firewall software and establish an open communication channel.

Once that has been done, a hacker might as well be sitting at the victim's computer with a list of passwords in hand.

Options on the Beast's interface give hackers the power to turn off programs running on the victim's computer or see what's on his screen at any time.

A 'file manager' window gives the hacker access to any files on the victim's hard drive. It can even eavesdrop on running webcams.

Senior director Vincent Weafer of the incident response team at Symantec said his company's security software can remove the Beast.

But once the Beast is inside a computer, it can be 'very difficult' to fight.

If there's any good news, it's that users of spyware can be easier to track down than those who unleash viruses, worms or other online maladies. To spy, the software must stay put and communicate with a computer at the other end.

With the right tools, investigators can trace the communication to its source.

source: straitstimes


The wise make mistakes, the fools repeat them
----------------------------------------
When you have eliminated the impossible, that which remains, however improbable, must be the truth