Spyware Is Everywhere

Nearly one in three computers scanned by EarthLink and Webroot in their second monthly SpyAudit were found infected with a Trojan horse or system monitor planted by spyware, the two companies said.

Internet service provider EarthLink and Webroot, a message security software maker, scanned more than 420,000 PCs during April and found nearly 134,000 Trojans or systems monitors.

So far this year, the SpyAudit has detected more than 500,000 Trojans and system monitors out of the roughly 1.5 million machines scanned. The revised numbers also showed a slight decrease in the average number of pieces of spyware per system from March to April. Scans done in April detected 26.9 spyware programs or components per machine, while March's scans found an average of 29.9. The year-to-date average is 27.5 pieces per system.

EarthLink and Webroot define spyware as any application or software that's placed on the user's machine without his or her authorization, said an EarthLink spokesman, including adware, adware cookies--typically planted to track your surfing habits for marketing and advertising purposes--Trojans, and system monitors. The best-known monitors are key loggers--software that traps every keystroke, including user names, passwords, and critical financial information like credit-card numbers, then passes them along to hackers.

"Consumers should be aware of the applications and files residing and running on their machines," Matt Cobb, EarthLink's VP of core applications, said in a statement Wednesday. "When users discover spyware, they need to take action to immediately immobilize or remove the programs.""SpyAudit's popularity shows that consumers want to find out what's on their computers," Webroot CEO David Moll said in a separate statement. "Based on the overwhelming number of spyware traces identified in just four months, we urge consumers to run an audit as soon as possible to determine if they have spyware on their PCs and then take action to manage it.

Spyware has been attracting attention primarily because of the risk of identity theft and subsequent online fraud. Earlier this week, Gartner released a report that estimated total checking account fraud--much of it due to a combination of spyware and phishing attacks--cost American banks and consumers $2.4 billion in the last 12 months.

"Viruses we all understand," Moll said. "It's a $15 billion business, but in the end it's more vandalism than anything. Spyware has a lot of commonality with viruses, but one of the differences is the financial motive behind spyware."

Nor is spyware only a home-user problem, said Moll. The average amount of spyware on business machines "is no less than outside the corporation. One of the problems is that people think that they're safer at work, that the company is diligent in maintaining defenses. But that only gives a false sense of security," he added, since most companies don't have anti-spyware protection in place.

A pair of vendors recently introduced solutions to address the problem in enterprises. Last week, both PestPatrol and Webroot rolled out server-client software that lets administrators seek and destroy spyware on their networks' desktops.According to Moll, Webroot will add the SpyAudit technology to its Spy Sweeper Enterprise solution in the near future, giving IT administrators the ability to do a snapshot of their networks' spyware status.

The EarthLink/Webroot SpyAudit results can be viewed on the EarthLink Web site. Webroot's free SpyAudit tool detects spyware, while EarthLink subscribers can use its Spyware Blocker to find and disable spyware.