Court Shuts Site Selling Key Logging Spyware

After a Federal Trade Commission (FTC) complaint, a U.S. District Court has issued a temporary restraining order against a company that was selling key logging spyware online. According to the FTC, Florida-based CyberSpy Software had been marketing its RemoteSpy product as a way to “Spy on Anyone. From Anywhere.”

This is the 12th FTC case against spyware makers since 2004, FTC Bureau of Consumer Protection attorney David Koehler told Security Management. But it’s the first against a company selling key loggers that could be remotely deployed on a victims’ computer via e-mail.

CyberSpy went to great lengths to enable customers to spy in secret, according to the FTC. RemoteSpy came with a configuration wizard, user tutorial, step-by-step instructions, and examples describing how to make the executable look like an innocuous attachment. CyberSpy told customers how some users liked to give the file names such as “funpics.exe” or “funny.exe.” Customers were also shown how to further disguise the file by embedding it in a Microsoft Word or WordPad document. The file would silently install after victims clicked on it.

Many antivirus (AV) and antispyware products couldn’t identify the program, according to the FTC. CyberSpy even updated RemoteSpy as recently as September 2008 after learning that a popular AV program, according to the complaint, could detect it.

Recorded information included keystrokes, chat transcripts, applications and documents opened, Web sites visited, and screen shots. A special table listed any user names and passwords used. To access information gathered, customers would log into a dedicated RemoteSpy Web site.

In addition to halting RemoteSpy sales, the defendants have been ordered to disconnect from the Internet any servers that collect and store victims’ information. The FTC said it’s seeking to permanently bar the site and to require that the defendants pay the victims restitution.

A simple Internet search reveals sites that appear to offer products similar to RemoteSpy. The FTC can’t comment on any ongoing or future plans to investigate or charge other companies, said Koehler.