Earthlink, Webroot Spot Spyware All Over

Internet service provider EarthLink and Webroot, a message security software maker, scanned over 420,000 PCs during April, and found nearly 134,000 Trojans or systems monitors.

So far this year, the SpyAudit has detected over 500,000 Trojans and system monitors out of the roughly 1.5 million machines scanned. The revised numbers also showed a slight decrease in the average number of pieces of spyware per system from March to April. Scans done in April detected 26.9 spyware programs or components per machine, while March's scans found 29.9 on average. The year-to-date average is 27.5 pieces per system.

EarthLink and Webroot define spyware as any application or software that's placed on the user's machine without his or her authorization, said an EarthLink spokesman, including adware, adware cookies -- typically planted to track your surfing habits for marketing and advertising purposes -- Trojans, and system monitors. The best-known monitors are "key loggers," software that traps every keystroke, including usernames, passwords, and critical financial information like credit card numbers, then passes them along to hackers.

"Consumers should be aware of the applications and files residing and running on their machines," Matt Cobb, EarthLink's vice president of core applications, said in a statement Wednesday. "When users discover spyware, they need to take action to immediately immobilize or remove the programs," Cobb added.

"SpyAudit's popularity shows that consumers want to find out what's on their computers," said David Moll, the chief executive officer of Webroot, in another statement. "Based on the overwhelming number of spyware traces identified in just four months, we urge consumers to run an audit as soon as possible to determine if they have spyware on their PCs and then take action to manage it.Spyware has been attracting attention primarily because of the risk of identity theft and subsequent online fraud. Earlier this week, Gartner released a report that estimated total checking account fraud -- much of it due to a combination of spyware and phishing attacks -- took cost American banks and consumers $2.4 billion in the last 12 months.

"Viruses we all understand," Moll said. "It's a $15 billion business, but in the end it's more vandalism than anything. Spyware has a lot of commonality with viruses, but one of the differences is the financial motive behind spyware."

And spyware isn't just a home user problem, said Moll. "The average amount of spyware [on business machines] is no less than outside the corporation. One of the problems is that people think that they're safer at work, that the company is diligent in maintaining defenses. But that only gives a false sense of security," he added, since most enterprises don't have anti-spyware protections in place.

A pair of vendors have recently introduced solutions to address the problem in enterprises. Last week, both PestPatrol and Webroot rolled out server-client software that lets administrators seek and destroy spyware on their networks' desktops.

According to Moll, Webroot will add the SpyAudit technology to its Spy Sweeper Enterprise solution in the near future, giving IT administrators the ability to do a snapshot of their networks' spyware status. The EarthLink/Webroot SpyAudit results can be viewed on the EarthLink Web site. Webroot's free SpyAudit tool detects spyware, while EarthLink subscribers can use its Spyware Blocker to find and disable spyware.0