Search the Community
Showing results for tags 'Spyware'.
Reefa posted a topic in The Chat BarApps designed to ‘report’ on handset users’ communications while remaining undetected have increasingly become a factor in cases of domestic violence and even murder. The apps, many on sale via app stores for smartphones such as iPhone, BlackBerry and Android, are marketed as a means for parents to monitor children’s use of smart devices, according to TechDirt. But an Australian study has found that 97% of domestic violence cases involved the use of spyware by the abusive partner. CBS tested software on sale in America, and found that such software was often legal due to loopholes – for isntance, it was marketed as a tool to track rogue employees or children. One such package boasted, “All phone calls are recorded. Once you log into your account, you can see when the call was made, the number associated with the person on the other side and even listen in.The same goes for text messages. Even more shocking, if a phone call wasn’t taking place but the phone was on, it could be used to bug a room and even record video. The GPS also allows someone to track where you are at any given moment of the day.” One such app, Mobistealth was used in a murder case in Australia by killer Simon Gittany to read his girlfriend’s Lisa Harnum’s SMS messages. In one message, she revealed plans to escape the abusive relationship, and he threw her off the balcony of a 15th floor apartment. Mobistealth, along with other products such as Flexispy, are available online in free and premium versions. Mobistealth describes itself as, “a full-featured powerful cell phone tracking software package that enables you to get all the answers to your questions. What questions you say? They are questions about where the phone has been and what its user has been doing with it. With Mobistealth Android Spy Software, you can find out where the phone has been and where it is now. On the control panel, you get a line-by-line history with a date/time stamp linked to a map showing where the target phone has been. You can adjust the polling interval to get near real time logging of the target phone’s GPS location.” “The Basic version of Mobistealth allows you to view the target phone’s contact file. This is useful because it answers the question as to whom your child or employee is communicating with. With Mobistealth, you get to see the incoming and outgoing history of whom the target phone user was chatting with, conversing with, and planning with. Every SMS message on the phone gets sent to the Mobistealth server so that you can read what your child or employee is discussing. Even if they delete the message thread, you still retain it for viewing from your control panel.” In the Victorian study, 46% of victims said they felt as if they were being ‘watched’, but less than half of those had told anyone of this. In the UK, a team at Newcastle University has developed counter-spyware to protect victims. Following the initial pilot studies, trials of the new technologies will begin next month. Victims can simply point a phone’s camera at a QR code on a poster, to ‘clean’ evidence that may enrage a spouse. “Any online access leaves behind an electronic trail which can easily be followed to see what we’ve been up to,” explains Dr Budi Arief, from the Centre for Cybercrime and Computer Security (CCCS) at Newcastle University. “For most of us this is a useful record but for someone living in fear of abuse the very systems set up to help them can actually be used against them. “What our technology does is erase these electronic footprints, allowing people to seek help in safety without fear of reprisal.” For domestic abuse victims, even seeking help can be risky. “Another important consideration in the case of domestic violence is that in many cases, victims do not know where to get help from,” adds Mr Martin Emms, a PhD student at the School of Computing Science. As a solution, the Newcastle University team has developed single use URL codes that can be distributed to victims. These codes – represented as QR codes – are embedded into innocent-looking postcards and flyers and take the user directly to a support site. As the name suggests, the link will only direct its user to a support site once; subsequent attempts to use it will be directed to a ‘safe page’ – an innocuous one such as BBC News or Google home page. This will be used in combination with the cleaner app. Once accessed, the app selectively wipes clean the user’s digital footprints, removing any trace of their search for support – including temporary internet files, browser history entries and cookies – while leaving other electronic trails intact. “This is very important as a completely clean browsing history raises suspicions,” explains Mr Emms. Instead of a postcard, the information is embedded in a poster advertising the domestic violence support service. Positioned in public places, the feature is only available while the user is standing close to the poster. Once they leave the area, the information cannot be accessed using either the history or the back button. “We talk a lot about digital inclusion and the work being done to make it accessible to all,” says Dr Arief. “Our work has highlighted a vulnerable group whose need for online access is greater than most. These people are prevented from getting help, not through a lack of access or digital knowledge but through fear. “Our hope is these technologies can be used to overcome this particular barrier and give more victims of domestic violence the confidence to seek help.” Author Rob Waugh, We Live Security Source
The Continuous Growth of spyware, their existence, and the criminals who produce & spread them are increasing tremendously. It’s difficult to recognize spyware as it is becoming more complex and sophisticated with time, so is spreading most rapidly as an Internet threat. Recently, The security researchers have unearthed a very complex and sophisticated piece of malware that was designed to steal confidential data and has ability able to capture network traffic. The Researchers at the German security company G Data Software, refer the malware as Uroburos, named after an ancient symbol depicting a serpent or dragon eating its own tail, and in correspondence with a string (Ur0bUr()sGotyOu#) lurking deep in the malware's code. The researchers claimed that the malware may have been active for as long as three years before being discovered and appears to have been created by Russian developers. Uroburos is a rootkit designed to steal data from secure facilities, has ability to take control of an infected machine, execute arbitrary commands and hide system activities, communicating primarily using peer-to-peer connections in a network it has penetrated to infect new machines within the network, manages to pass back the exfiltrated information back to attackers from infected machines and network data, the researchers explained. The two main components of Uroburos are - a driver and an encrypted virtual file system, used to disguise its nasty activities and to try to avoid detection. Its driver part is extremely complex and is designed to be very discrete and very difficult to identify. The malware uses two virtual file systems, one NTFS file system and one FAT file system, and both are stored locally on the infected system and are used as a "workspace" by the attackers, providing a storage space for third-party tools, post-exploitation tools, temporary files and binary output. The virtual file system can’t be decrypted without the presence of drivers, according to the Gdata’s analysis explained in the PDF. The driver is needed to decrypt the virtual file systems, to create several hooks to hide its activities, to inject libraries in the users land and to establish and manage some communication channels. “The development of a framework like Uroburos is a huge investment. The development team behind this malware obviously comprises highly skilled computer experts, as you can infer from the structure and the advanced design of the rootkit. We believe that the team behind Uroburos has continued working on even more advanced variants, which are still to be discovered.” WITH LOVE From RUSSIA: Technical Similarities with the previous malware Agent.BTZ and that the malware Uroburos checks the presence of Agent.BTZ in the system and remains inactive if Agent.BTZ is present, makes the researchers believe that it was designed by the same by the Russian intelligence services, according to G Data analysis. “Due to many technical details (file name, encryption keys, behavior and more details mentioned in this report), we assume that the group behind Uroburos is the same group that performed a cyberattack against the United States of America in 2008 with a malware called Agent.BTZ,” say the researchers. They also added that the reason it is meant to be of the Russian origin is, “Uroburos checks for the presence of Agent.BTZ and remains inactive if it is installed. It appears that the authors of Uroburos speak Russian (the language appears in a sample), which corroborates the relation to Agent.BTZ. Furthermore, according to public newspaper articles, this fact, the usage of Russian, also applied for the authors of Agent.BTZ.” In 2008, USB and Removable storage drives placed on hold in the U.S. Army facilities after the spread of Agent.BTZ worm. The USB stick contained malicious code was trying to keep on multiplying further and infected the military’s network. The attacks carried out with Uroburos are targeting government institutions, research institutions, intelligence agencies, nation states, research institutions or companies dealing with sensitive information as well as similar high-profile targets. The oldest drivers identified by the researchers was compiled in 2011 is the evidence that the malware was created around three years ago and was undetected. “The Uroburos rootkit is one of the most advanced rootkits we have ever analyzed in this Environment,” the G Data concluded. The team behind the development of the malware Uroburos has developed an even more sophisticated framework, which still remains undiscovered, the researchers believe. Many infection vectors are conceivable. E.g. Spear phishing, drive-by-infections, USB sticks, or social engineering attacks. Source
GridinSoft Trojan Killer 18.104.22.168 GridinSoft Trojan Killer - advanced program to clean your computer of all malicious threats! If you - a permanent internet user, you should take steps to protect your personal information against cyber-criminals. Trojan Killer can help you in this matter! The program quickly identify (recognize) and immediately remove dangerous malicious Trojans - spyware and adware, malware blocking and restricting the activities of tools, keyloggers, etc. before irreversible painful events will come in the form of stolen accounts, passwords, credit card numbers, personal, corporate and other information. Trojan Killer is designed specifically to disable / remove Malware without the user having to manually edit system files or reestr.Programma also removes the additional system modifications that are ignored by some standard antivirus scanners. Trojan Killer scans ALL the files loaded at boot time, Adware, Spyware, Remote Access Trojans, Internet Worms and other malware. Trojan Killer works in a security system for providing security in computer systems. The program will help you get rid of annoying adware, malware and other rough tools. It is very important to restore control over your computer, and do not let anyone use your data. Additional tools:Reset Home Internet Explorer / Start / Search Page Settings Some Malware programs make changes to the main page of Internet Explorer, Start and Search Page settings, in order to redirect the web browser to different websites. This utility will reset the Home / Start / Search pages to standard Defaults. You can then manually reset your Home Page to your website of choice (or leave it "blank", the default). Restore the HOSTS fileWindows HOSTS file is a text file which stores website addresses. The file can be used to speed up access to websites you visit often - by equating the website name to its address DNS, web browser can find the website more quickly as it does not have to query a DNS-name Server. Some Malware programs add entries to this file, to either deny access to websites (usually security-related Web sites or antivirus company), or re-direct access to websites of their choosing. Reset Windows Update, politicianSome Malware programs attempt to prevent Windows Update, from running, and inhibit access to resetting Windows Update, by blanking out the Windows Update options on the Configure Update. Website: http://www.gridinsoft.com OS: Windows XP / Vista / 7 / 8 Language: Ml Medicine: Patch / Keymaker Size: 46,00 Mb.