Most computer users are aware of the dark side of the Internet. Our online world brings issues of credit card and identity theft, junk mail and seedy content right into our homes and offices. But how many computer users are unwitting accomplices to such activities?
Your computer, or those of the people in your organization, is possibly being used to send spam, harvest e-mail addresses for spam, make purchases using stolen credit cards or take part in a denial of service (DoS) attack, where an army of computers shuts down a Web site by flooding its servers with HTTP requests.
EarthLink's SpyAudit program, which scanned 1,062,756 PCs, found 29.5 million instances of spyware, an average of nearly 28 spyware items per computer.
How does this happen without your knowledge? Examples like those above are usually the work of a trojan, a small program that can be unknowingly installed on a computer and then accessed by another computer over the Internet. Together with programs called spyware, adware and viruses, trojans are a part of a group collectively known as "malware" or "pestware." While the majority of such programs are pests and nothing more, they have the potential to be quite nasty.
Trojans: RATS That Can Control Your Computer
Like the horse of old, a trojan carries with it an unexpected surprise. Trojans do not replicate like a virus, but they do leave behind a program that can be contacted by another computer. From there, they can do just about anything. While it's possible a trojan can be used to take control of a computer, the most common trojans are dialer programs. Dialers are used without your knowledge to make international or premium calls (900-type numbers) from your PC. That's more than an annoyance; it can get expensive.
Trojans are also known as RATS (remote access trojans) and they are most often hidden in games and other small software programs that unsuspecting users download then unknowingly execute on their PCs.
Two common trojans are known as Back Orifice and SubSeven. Back Orifice was originally developed as a remote administration tool. But it worked by exploiting holes in Microsoft software, which makes it a popular tool for nefarious applications. Both Back Orifice and SubSeven can be used to capture what is on a computer's screen and what is typed in using the keyboard; they can be use to remotely control devices, such as opening and closing the CD drive; or to set up FTP, HTTP or Telnet servers on an unsuspecting user's machine. Basically, anything that can be done with a computer can be done remotely using a trojan. Spyware: Who's Watching Your Online Moves?
Spyware programs range from annoying to the dangerous, including keyboard loggers and screen capture applications that can steal passwords and other sensitive information. The programs are sometimes bundled in with shareware or freeware programs that can be downloaded from the Internet. Often times they claim to be helpful utilities that also carry a more sinister side.
Many of the programs are marketed as legitimate tools for keeping tabs on children and spouses online. One program called Activity Logger, for example, connects to the Internet on its own, records the URLs of sites visited and the keystrokes from e-mail and chat applications. It will also capture screenshots that can be made into a slide show.
.png)
