Suppose someone had an MSN instant message conversation on a computer that
had spyware on it (unbeknownst to them). Could a hacker access these messages,
without access to the computer that had the spyware on it, where the messages
were sent from? In other words, from an unrelated computer source?
The scenario you outline is a little unclear, but the short answer is
probably … Yes
Spyware can be extremely invasive and, for lack of a better term,
There are some very frightening scenarios.
Much of what we’ve called “spyware” has for many years been relatively benign. It’s been annoying and intrusive, but not particularly malicious.
However, particularly with the lines blurring between spyware and viruses, the fact is that most malware these days is far from benign. Not only can spyware “spy”, it can push ads, infect other machines, send spam, and even in some scary scenarios poke around in your bank account when you’re not looking.
The term “malware” – for MALicious softWARE – is actually much more appropriate these days as spyware is doing a lot more than just spying.
Let’s look at the scenario you’ve outlined as an example. If your machine or your friend’s machine has spyware of some sort it is very possible that it could, while you are conversing in an instant messaging program:
Write your conversations to a hidden file and leave open a “back door” that allows the hacker to retrieve that file at a later date.
Intercept everything you type and everything you receive, and send a copy to another computer somewhere else on the internet as you type it.
Or any of a number of other things…
This is also a good example of the fact that there are both “good” and “bad” types of spyware.
While monitoring your IM conversations seems like a very bad thing on the surface, it’s exactly what we ask parental monitoring and control software to do. Legitimate spyware that is, indeed, spying on you. These are commercially available packages that can be used by parents to monitor or control their children’s internet use. Is it spyware? Absolutely, it is – it’s spying on you. It could be used to do exactly the types of things we’re talking about here, on purpose, and it would be a very legitimate use of the technology.
It could also be used by others to do exactly the types of things we’re talking about here, also on purpose, but it would be far from a legitimate use – true “spying” in a very malicious sense.
And of course there are other, less legitimate instances of spyware that do the same or worse and really earn the moniker “malware”. Perhaps one of the worst I’ve heard of recently is malware that inserts itself into your system and waits for you to connect to your bank to perform online banking. While you’re connected it operates in the background and starts transferring money out of your account, which you don’t see while it’s happening.
Yes, spyware can be sneaky … very sneaky.
That’s why most tech support folks like myself seem to be constantly harping on anti-malware tools and general education about malware prevention.
It really is that important.
(This is an update to an article originally published in June, 2004.)
8 comments on “So just how sneaky can spyware be?”
No one in my family uses my computer except me, but someone has, somehow remotely from a long distance away, put files on my hard drive, and used my email address, and even my IP. Things are supposedly coming from my computer that are NOT coming from my computer. I’ve even discovered unfamiliar, or renamed files, pictures, etc, and music. Often when I use my computer, the mouse seems to have a mind of its own, and certain programs tell me that they are already being used by someone. To wit: My computer is either haunted, or is being used freely by someone else who does not live in my house. My kids are grown and do not live here, and my husband has his own computer. Can an IP be remotely hijacked to the point that someone uses my computer from a distance, as if it were her own? Thank you for listening. This is making me crazy. And I didn’t have far to go. . . .
Want to get rid of Spyware? Don’t bother with SpyWare Nuker. A total rip off.
Its very sneaky, even most detectors cant get them all. But try using Firefox instead of IE.
I know my boss is reading my emails. (dont ask how but its been verified) now that I am aware of it I will be using my home computer more often. It only seems though when I Deleted my emails they are being read. Since I am afaid to delete anything is there a way to get rid of sent messages without hitting my delete?
@April: It’s not difficult for your boss to read your emails. It’s his computer and he would have administrative privileges for all accounts. He ay even have a keylogger installed (the kind of “good” spyware Leo was talking about.) Never assume privacy on someone else’s computer.
@Jane: If you think your computer’s been hijacked, the safest and I’ve found the easiest (I’m not saying it’s easy but in the long run the easiest) is to copy everything to an external disk, format your hard drive and reinstall everything.
Also stay away from pirate programs. If you calculate the cost of your time cleaning up the trojans and spyware and worms (oh my!). It’s probably cheaper to buy than pirate. It used to be possible to get away with downloading programs through torrents but now the % of malware is too high to take chances.
April, you could also use a ‘portable’ e-mail client and a thumb drive then use it to copy incoming (or send outgoing) email from there.
…Call me Sisyphus.
I’ve been a careful and grateful reader of Leo’s comments on everything he chooses as a topic. But…this Cat-And-Mouse game is not “Tom&Jerry”. It seems that the very complexity created by very smart folks to avoid spyware simply creates “challenges” to the spies to find other penetration schemes.
This boulder keeps falling back on me, so, I push it back up that hill.
We who refuse to live in our separate caves will simply have to be constantly vigilant.
For a safer online banking experience you can always boot from a ‘Live CD’ like Linux Ubuntu or Mint. Not only are you very unlikely to ‘catch a bug’ with a Linux based operating system, nothing can be written to your Live CD as it is ‘Read Only’. I use Mint myself. It is very good at detecting hardware and quite easy to use. Of course websites that require Internet Explorer are another matter!